www.ivanti.com Open in urlscan Pro
2400:cb00:2048:1::6818:8210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack-hits-uk-hospitals/
Effective URL:
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Submission: On May 16 via manual (May 16th 2017, 7:23:48 pm UTC) from US

Summary HTTP 100 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 43 IPs in 5 countries across 36 domains to perform 100 HTTP transactions. The main IP is 2400:cb00:2048:1::6818:8210, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is www.ivanti.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on February 27th 2017. Valid for: 3 years.

This is the only time www.ivanti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2400:cb00:204... 2400:cb00:2048:1::6818:8210	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	2400:cb00:204... 2400:cb00:2048:1::6818:8310	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
5	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	104.111.225.71 104.111.225.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	104.244.43.16 104.244.43.16	13414 (TWITTER) (TWITTER - Twitter Inc.)
2	104.108.45.199 104.108.45.199	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	52.85.90.112 52.85.90.112	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	104.111.240.138 104.111.240.138	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.76.253.168 54.76.253.168	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a02:26f0:78:... 2a02:26f0:78:19f::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:401... 2a00:1450:401b:801::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
5	172.227.117.156 172.227.117.156	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.15.215.200 199.15.215.200	53580 (MARKETO) (MARKETO - MARKETO)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
6	2400:cb00:204... 2400:cb00:2048:1::6810:50a6	13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare)
1	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY - Fastly)
2	46.51.202.68 46.51.202.68	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	195.93.42.12 195.93.42.12	1668 (AOL-ATDN) (AOL-ATDN - AOL Transit Data Network)
1	104.111.244.113 104.111.244.113	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	62.67.193.85 62.67.193.85	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	198.47.127.15 198.47.127.15	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	151.101.114.2 151.101.114.2	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	54.75.227.121 54.75.227.121	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.251.140.207 23.251.140.207	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	185.33.223.45 185.33.223.45	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	52.73.205.133 52.73.205.133	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	151.101.112.64 151.101.112.64	54113 (FASTLY) (FASTLY - Fastly)
1	54.247.73.98 54.247.73.98	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	79.125.104.21 79.125.104.21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.246.86.151 54.246.86.151	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
100	43

27 2400:cb00:2048:1::6818:8210 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

www.ivanti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.ivanti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:cb00:2048:1::6818:8310 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

blog.ivanti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.112.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

http-blog-ivanti-com.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.225.71 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-225-71.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s18-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.43.16 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.45.199 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-45-199.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.90.112 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-90-112.jfk6.r.cloudfront.net

cdn.zarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.240.138 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-240-138.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.253.168 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-253-168.eu-west-1.compute.amazonaws.com

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:78:19f::25ea (European Union)

ASN20940 (AKAMAI-ASN1, US)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:401b:801::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.227.117.156 (Cambridge, United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-117-156.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.15.215.200 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, US)

635-qzi-186.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2400:cb00:2048:1::6810:50a6 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.51.202.68 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-202-68.eu-west-1.compute.amazonaws.com

front.optimonk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.93.42.12 (United Kingdom)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtech-ssp-ums-adtech-frr-a.evip.aol.com

ums.adtech.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.244.113 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-111-244-113.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.67.193.85 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.15 (Redwood City, United States)

ASN3257 (GTT-BACKBONE GTT, DE)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:833::4000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.75.227.121 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-75-227-121.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.251.140.207 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 207.140.251.23.bc.googleusercontent.com

ads.kiosked.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.45 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.205.133 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-205-133.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.64 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.247.73.98 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-73-98.eu-west-1.compute.amazonaws.com

dc.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.104.21 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-79-125-104-21.eu-west-1.compute.amazonaws.com

imp2.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.86.151 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-86-151.eu-west-1.compute.amazonaws.com

imp2.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	ivanti.com www.ivanti.com blog.ivanti.com	310 KB
8	livechatinc.com cdn.livechatinc.com secure.livechatinc.com	66 KB
7	disqus.com http-blog-ivanti-com.disqus.com disqus.com referrer.disqus.com links.services.disqus.com	21 KB
6	disquscdn.com c.disquscdn.com	185 KB
5	adroll.com s.adroll.com d.adroll.com	14 KB
3	linkedin.com dc.ads.linkedin.com imp2.ads.linkedin.com	571 B
3	facebook.net connect.facebook.net	9 KB
3	optimonk.com front.optimonk.com	19 KB
2	twitter.com analytics.twitter.com	176 B
2	facebook.com www.facebook.com	106 B
2	google.de www.google.de	102 B
2	marketo.net munchkin.marketo.net	4 KB
2	bing.com bat.bing.com	3 KB
2	gstatic.com fonts.gstatic.com	31 KB
1	openx.net us-u.openx.net	43 B
1	rlcdn.com idsync.rlcdn.com	43 B
1	adnxs.com ib.adnxs.com
1	kiosked.com ads.kiosked.com	43 B
1	yahoo.com ads.yahoo.com
1	taboola.com trc.taboola.com
1	pubmatic.com simage2.pubmatic.com	1 B
1	rubiconproject.com pixel.rubiconproject.com	42 B
1	casalemedia.com dsum-sec.casalemedia.com	43 B
1	adtech.de ums.adtech.de
1	googleusercontent.com themes.googleusercontent.com	41 KB
1	mktoresp.com 635-qzi-186.mktoresp.com	43 B
1	t.co t.co	64 B
1	licdn.com snap.licdn.com	8 KB
1	zarget.com cdn.zarget.com	72 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	4 KB
1	google-analytics.com www.google-analytics.com	12 KB
1	googletagmanager.com www.googletagmanager.com	21 KB
1	googleapis.com fonts.googleapis.com	748 B
0	disqusads.com Failed disqusads.com Failed
0	youtube.com Failed www.youtube.com Failed
100	36

	Domain	Requested by
27	blog.ivanti.com	www.ivanti.com
6	c.disquscdn.com	http-blog-ivanti-com.disqus.com
5	secure.livechatinc.com	cdn.livechatinc.com
3	connect.facebook.net	www.ivanti.com connect.facebook.net
3	front.optimonk.com	www.ivanti.com front.optimonk.com
3	cdn.livechatinc.com	www.ivanti.com
3	s.adroll.com	www.googletagmanager.com www.ivanti.com s.adroll.com
3	http-blog-ivanti-com.disqus.com	blog.ivanti.com http-blog-ivanti-com.disqus.com
2	imp2.ads.linkedin.com
2	analytics.twitter.com	www.ivanti.com static.ads-twitter.com
2	d.adroll.com	www.ivanti.com
2	referrer.disqus.com	www.ivanti.com
2	www.facebook.com	www.ivanti.com
2	www.google.de	www.ivanti.com
2	munchkin.marketo.net	www.ivanti.com munchkin.marketo.net
2	bat.bing.com	www.googletagmanager.com www.ivanti.com
2	fonts.gstatic.com	www.ivanti.com
2	www.ivanti.com	blog.ivanti.com
1	dc.ads.linkedin.com
1	links.services.disqus.com	c.disquscdn.com
1	us-u.openx.net	www.ivanti.com
1	idsync.rlcdn.com	www.ivanti.com
1	ib.adnxs.com	www.ivanti.com
1	ads.kiosked.com	www.ivanti.com
1	ads.yahoo.com	www.ivanti.com
1	trc.taboola.com	www.ivanti.com
1	simage2.pubmatic.com	www.ivanti.com
1	pixel.rubiconproject.com	www.ivanti.com
1	dsum-sec.casalemedia.com	www.ivanti.com
1	ums.adtech.de	www.ivanti.com
1	themes.googleusercontent.com	www.ivanti.com
1	disqus.com	http-blog-ivanti-com.disqus.com
1	635-qzi-186.mktoresp.com	munchkin.marketo.net
1	t.co	www.ivanti.com
1	snap.licdn.com	www.ivanti.com
1	cdn.zarget.com	www.ivanti.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.ivanti.com
1	fonts.googleapis.com	www.ivanti.com
0	disqusads.com Failed	http-blog-ivanti-com.disqus.com
0	www.youtube.com Failed	www.ivanti.com
100	43

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
blogs.technet.microsoft.com
www.bbc.com
go.ivanti.com
promobitech.com
sunbirddcim.com
brewsurvey.com

Subject Issuer	Validity	Valid
*.ivanti.com DigiCert SHA2 High Assurance Server CA	`2017-02-27` - `2020-03-03`	3 years	crt.sh
*.googleapis.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.google.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2015-02-04` - `2018-04-09`	3 years	crt.sh
*.adroll.com Symantec Class 3 Secure Server CA - G4	`2016-11-07` - `2018-01-06`	a year	crt.sh
www.googleadservices.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
www.bing.com Microsoft IT SSL SHA2	`2016-11-04` - `2018-05-04`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2016-06-08` - `2019-06-13`	3 years	crt.sh
*.marketo.net Symantec Class 3 Secure Server CA - G4	`2016-11-02` - `2017-11-02`	a year	crt.sh
cdn.zarget.com Amazon	`2016-09-12` - `2017-10-12`	a year	crt.sh
*.livechatinc.com Symantec Class 3 ECC 256 bit SSL CA - G2	`2016-11-16` - `2017-11-16`	a year	crt.sh
*.optimonk.com AlphaSSL CA - SHA256 - G2	`2017-04-25` - `2020-04-25`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2016-12-09` - `2018-01-25`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2016-02-16` - `2019-04-17`	3 years	crt.sh
www.google.de Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
t.co Symantec Class 3 EV SSL CA - G3	`2015-08-10` - `2017-08-10`	2 years	crt.sh
*.mktoresp.com Go Daddy Secure Certificate Authority - G2	`2015-12-02` - `2018-12-02`	3 years	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2016-12-18` - `2017-12-18`	a year	crt.sh
*.googleusercontent.com Google Internet Authority G2	`2017-05-03` - `2017-07-26`	3 months	crt.sh
ums.adtech.de Entrust Certification Authority - L1K	`2016-02-22` - `2019-02-21`	3 years	crt.sh
san.casalemedia.com GeoTrust SSL CA - G3	`2017-02-28` - `2017-09-30`	7 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2017-05-09` - `2017-11-16`	6 months	crt.sh
ad.yieldmanager.com Symantec Class 3 Secure Server CA - G4	`2015-08-20` - `2017-08-19`	2 years	crt.sh
*.kiosked.com RapidSSL SHA256 CA	`2016-08-19` - `2019-10-05`	3 years	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2015-07-30` - `2018-08-03`	3 years	crt.sh
*.adnxs.com GeoTrust SSL CA - G3	`2016-02-25` - `2018-05-26`	2 years	crt.sh
*.rlcdn.com Go Daddy Secure Certificate Authority - G2	`2017-05-08` - `2019-06-21`	2 years	crt.sh
*.openx.net GeoTrust SSL CA - G3	`2014-09-29` - `2017-06-07`	3 years	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2017-03-01` - `2018-09-03`	2 years	crt.sh
ads.linkedin.com DigiCert SHA2 Secure Server CA	`2015-06-08` - `2017-06-12`	2 years	crt.sh

This page contains 8 frames:

Primary Page: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Frame ID: 19059.1
Requests: 91 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PAZw4jCkF-8
Frame ID: 19059.2
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/1082968/open_chat.cgi?groups=13&embedded=1&session_id=S1494962616.45c7796e44&server=secure.livechatinc.com
Frame ID: 19059.5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.livechatinc.com/fonts/minimal/livechat-minimal_337558d286.ttf?i0ym10
Frame ID: 19059.4
Requests: 3 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=http-blog-ivanti-com&t_i=16684%20https%3A%2F%2Fwww.ivanti.com%2Fblog%2F%3Fp%3D16684&t_u=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&t_e=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&t_d=%0ABreaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20&t_t=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&s_o=default&l=
Frame ID: 19059.6
Requests: 1 HTTP requests in this frame

Frame: https://disqusads.com/ads-iframe/adsnative/?category=tech&display_bidding_enabled=0&stories_allowed=1&an_version=1&position=top&display_allowed=1&video_allowed=1&service=dynamic&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=http-blog-ivanti-com&forum_pk=4875862&forum_shortname=http-blog-ivanti-com&safetylevel=30&t=1494962615&anchorColor=%23da291c&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&typeface=serif&canonicalUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&disqus_version=7fb630f
Frame ID: 19059.7
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 19059.8
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 19059.9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

100
Requests

96 %
HTTPS

31 %
IPv6

36
Domains

43
Subdomains

43
IPs

5
Countries

825 kB
Transfer

2103 kB
Size

26
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/GoIvanti/

Search URL Search Domain Scan URL

URL: https://twitter.com/GoIvanti

Search URL Search Domain Scan URL

URL: https://www.instagram.com/goivanti/?hl=en

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Ivanti

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/ivanti

Search URL Search Domain Scan URL

URL: http://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/favicon.icoiuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/
Title: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/favicon.icoiuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com/

Search URL Search Domain Scan URL

URL: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/
Title: Microsoft releases version of MS17-010 SMBv1 on earlier platforms like XP and 2003

Search URL Search Domain Scan URL

URL: http://www.bbc.com/news/health-39899646
Title: the BBC reported

Search URL Search Domain Scan URL

URL: https://go.ivanti.com/Ransomware-Get-Well-Quick.html?es_p=4177055

Search URL Search Domain Scan URL

URL: https://twitter.com/share?original_referer=/&text=Breaking%3A+WannaCry+Ransomware+Exploding+Across+the+Globe&url=https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/&via=GoIvanti
Title: Tweet

Search URL Search Domain Scan URL

URL: http://www.facebook.com/share.php?u=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F
Title: Share52

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F
Title: Share161

Search URL Search Domain Scan URL

URL: https://promobitech.com/
Title: Promobitech

Search URL Search Domain Scan URL

URL: http://sunbirddcim.com/
Title: Ashley Woods

Search URL Search Domain Scan URL

URL: https://brewsurvey.com/
Title: brewsurvey

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 43

https://www.google.com/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=696872105.1494962616&jid=1254041017&_v=j54&z=2018329402
https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=696872105.1494962616&jid=1254041017&_v=j54&z=2018329402&slf_rd=1&random=2077751874

Request 44

https://d.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3?pv=1873272696.3272662&cookie=&adroll_s_ref=&keyw=&rpu=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attac...
https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js

Request 47

https://www.google.com/ads/user-lists/1016569662/?random=1494962615923&cv=8&fst=1494962615923&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/ads/user-lists/1016569662/?random=1494962615923&cv=8&fst=1494962615923&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

Request 70

https://d.adroll.com/cm/aol/out
https://ums.adtech.de/mapuser?providerid=1076;userid=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU

Request 71

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expiration=1526498616
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expiration=1526498616&C=1

Request 72

https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expires=365
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expires=365

Request 73

https://d.adroll.com/cm/pubmatic/out
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU

Request 74

https://d.adroll.com/cm/taboola/out
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU

Request 75

https://d.adroll.com/cm/r/out
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

Request 77

https://ads.kiosked.com/match?bidder_id=2&external_user_id=f229a0ae-e673-4298-96a7-41578799517c&publisher_id=&dsp_uuid=&dsp_id=
https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=f229a0ae-e673-4298-96a7-41578799517c&publisher_id=&dsp_uuid=&dsp_id=

Request 78

https://d.adroll.com/cm/w/out
https://analytics.twitter.com/i/adsct?p_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&p_id=823423

Request 79

https://d.adroll.com/cm/x/out
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU%27)

Request 80

https://idsync.rlcdn.com/377928.gif?partner_uid=02dcd6a7083518457cb0c36607302565
https://idsync.rlcdn.com/377928.gif?partner_uid=02dcd6a7083518457cb0c36607302565&redirect=1

Request 81

https://us-u.openx.net/w/1.0/sd?id=537103138&val=02dcd6a7083518457cb0c36607302565
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=02dcd6a7083518457cb0c36607302565

Request 82

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=AtzWpwg1GEV8sMNmBzAlZQ&google_ula=1535926
https://d.adroll.com/cm/g/in?google_ula=1535926,0

Request 92

https://www.linkedin.com/csp/dtag?p=9&_x=%2526opid%253D44496%2526fmt%253Djs%2526ref%253D%2526ck%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.ivanti.com%25252Fblog%25252Fbreaking-large-scale-cyber...
https://dc.ads.linkedin.com/collect/?pid=6883&opid=44496&fmt=js&ref=&ck=&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&s=1&pageUrl=https%3A%2F%2Fwww.ivanti.com%2Fbl...

Request 95

https://secure.adnxs.com/seg?add=&add_code=www_ivanti_com,ivanti_com&member=232&redir=https%3A%2F%2Fimp2.ads.linkedin.com%2Fl
https://imp2.ads.linkedin.com/l

Request 96

https://cm.g.doubleclick.net/pixel?google_nid=bizo_bk_cm&google_cm
https://imp2.ads.linkedin.com/m/1640?google_gid=CAESEG2CGSfHMkL2r3HDkwcDUg4&google_cver=1

100 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Redirect Chain

https://www.ivanti.com/blog/breaking-large-scale-cyber-attack-hits-uk-hospitals/
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

60 KB
15 KB

819ms
819ms

Document
text/html

2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 17459769218f2c15fa5fc193239d356f9db1fab196b566b208a96f85ce53c781

Request headers

:path: /blog/breaking-large-scale-cyber-attack/
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control: no-cache
:authority: www.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
via: 1.1 varnish
x-pingback: https://blog.ivanti.com/xmlrpc.php
x-cache: MISS
status: 200
x-cache-hits: 0
host-header: 192fc2e7e50945beb8231a492d6a8024
content-encoding: gzip
x-served-by: cache-fra1249-FRA
server: cloudflare-nginx
x-timer: S1494962615.804702,VS0,VE808
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cf-ray: 3600b6567e282372-FRA
link: <https://www.ivanti.com/blog/wp-json/>; rel="https://api.w.org/", <https://www.ivanti.com/blog/?p=16684>; rel=shortlink
x-proxy-cache: MISS

Redirect headers

date: Tue, 16 May 2017 19:23:34 GMT
server: cloudflare-nginx
status: 301
location: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
cache-control: max-age=3600
set-cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614; expires=Wed, 16-May-18 19:23:34 GMT; path=/; domain=.ivanti.com; HttpOnly
cf-ray: 3600b6566e202372-FRA
expires: Tue, 16 May 2017 20:23:34 GMT

GET
H2 200 style.min.css
blog.ivanti.com/wp-content/plugins/social-warfare/css/ 38 KB
6 KB 20ms
11ms Stylesheet
text/css 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/plugins/social-warfare/css/style.min.css?ver=2.2.3
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1621ca430c41f7317bbd9cf271cd57c13dfb35053401a60f549e078c6327e320

Request headers

:path: /wp-content/plugins/social-warfare/css/style.min.css?ver=2.2.3
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 5645
last-modified: Fri, 28 Apr 2017 23:12:40 GMT
server: cloudflare-nginx
etag: "99a3-54e4235c1f99c-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65ba8472372-FRA
x-proxy-cache: MISS

GET
H2 200 style.css
blog.ivanti.com/wp-content/themes/colormag-pro/ 53 KB
10 KB 36ms
27ms Stylesheet
text/css 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/themes/colormag-pro/style.css?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b45a45e73ae0a2e7f299b1b4fd331fabbd3b10d91d09b16597a060fad0c1cef4

Request headers

:path: /wp-content/themes/colormag-pro/style.css?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2016 22:51:18 GMT
server: cloudflare-nginx
etag: W/"11f4c-54341978ba580-gzip"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
host-header: 192fc2e7e50945beb8231a492d6a8024
cf-ray: 3600b65ba8482372-FRA
x-proxy-cache: MISS
expires: Tue, 16 May 2017 23:23:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
748 B 29ms
16ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

ESF /

Resource Hash

b1d4939d1fb0046594b52884a198ccd506b9dcd6b47460300f6bacd85d4b074f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /css?family=Open+Sans%3A400%2C600&ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: fonts.googleapis.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: br
last-modified: Tue, 16 May 2017 19:23:35 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2017 19:23:35 GMT

GET
H2 200 font-awesome.min.css
blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/ 28 KB
7 KB 23ms
14ms Stylesheet
text/css 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

:path: /wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 6666
last-modified: Fri, 09 Dec 2016 22:50:28 GMT
server: cloudflare-nginx
etag: "7187-543419490b500-gzip"
vary: Accept-Encoding
content-type: text/css
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65ba84a2372-FRA
x-proxy-cache: MISS

GET
H2 200 jquery.js Show response
blog.ivanti.com/wp-includes/js/jquery/ 95 KB
33 KB 28ms
19ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 6c561e040160f503c6f608ff0584496cac1e0b3a5858ee628e007a14ac4d310f

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 09 Dec 2016 22:52:22 GMT
server: cloudflare-nginx
etag: W/"17ba0-543419b5c3580-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
host-header: 192fc2e7e50945beb8231a492d6a8024
cf-ray: 3600b65ba84b2372-FRA
x-proxy-cache: MISS
expires: Tue, 16 May 2017 23:23:35 GMT

GET
H2 200 jquery-migrate.min.js Show response
blog.ivanti.com/wp-includes/js/jquery/ 10 KB
4 KB 30ms
22ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 4014
last-modified: Fri, 09 Dec 2016 22:52:20 GMT
server: cloudflare-nginx
etag: "2748-543419b3db100-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65ba84c2372-FRA
x-proxy-cache: MISS

GET
H2 200 gtm4wp-form-move-tracker.js Show response
blog.ivanti.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
315 B 20ms
12ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.6.1
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Request headers

:path: /wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.6.1
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2017 23:12:26 GMT
server: cloudflare-nginx
etag: W/"60a-54e4234ebb92d-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
host-header: 192fc2e7e50945beb8231a492d6a8024
cf-ray: 3600b65ba84d2372-FRA
x-proxy-cache: MISS
expires: Tue, 16 May 2017 23:23:35 GMT

GET
H2 200 wp-emoji-release.min.js Show response
blog.ivanti.com/wp-includes/js/ 11 KB
4 KB 17ms
17ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-includes/js/wp-emoji-release.min.js?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 4230
last-modified: Mon, 09 Jan 2017 05:32:26 GMT
server: cloudflare-nginx
etag: "2c96-545a2b1596e80-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65bd85b2372-FRA
x-proxy-cache: MISS

GET
H2 200 Ivanti_rgb.png
blog.ivanti.com/wp-content/uploads/2017/01/ 2 KB
2 KB 13ms
13ms Image
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/01/Ivanti_rgb.png
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 94688969a11935c2d2a428c856fd0b215894e9d222bc8bec7f0b2be768da1b6f

Request headers

:path: /wp-content/uploads/2017/01/Ivanti_rgb.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=4111
status: 200
content-disposition: inline; filename="Ivanti_rgb.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 1962
last-modified: Fri, 13 Jan 2017 01:59:50 GMT
server: cloudflare-nginx
etag: "100f-545f03065d180"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65bf8692372-FRA
x-proxy-cache: HIT
cf-bgj: imgq:85

GET
H2 200 GettyImages-637950732-800x445.jpg
blog.ivanti.com/wp-content/uploads/2017/05/ 66 KB
66 KB 12ms
11ms Image
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/05/GettyImages-637950732-800x445.jpg
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7256e4064077953570228c5437c3e38294af3767f7dc0354314aa990e964a908

Request headers

:path: /wp-content/uploads/2017/05/GettyImages-637950732-800x445.jpg
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=84969
status: 200
content-disposition: inline; filename="GettyImages-637950732-800x445.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 67834
last-modified: Sat, 13 May 2017 16:21:14 GMT
server: cloudflare-nginx
etag: "14be9-54f6a35f94641"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c086d2372-FRA
x-proxy-cache: MISS
cf-bgj: imgq:85

GET
H2 200 TimeToPatch.png
blog.ivanti.com/wp-content/uploads/2017/05/ 22 KB
22 KB 10ms
10ms Image
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/05/TimeToPatch.png
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: ff2e8abb5cc499228fed8901f071c013c4510ec9d99d1f6df171405e0472b627

Request headers

:path: /wp-content/uploads/2017/05/TimeToPatch.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
cf-cache-status: HIT
cf-polished: origFmt=png, origSize=67449
status: 200
content-disposition: inline; filename="TimeToPatch.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 22268
last-modified: Sat, 13 May 2017 13:51:18 GMT
server: cloudflare-nginx
etag: "10779-54f681dc55f58"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c086e2372-FRA
x-proxy-cache: HIT
cf-bgj: imgq:85

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 56 KB
21 KB 33ms
18ms Script
application/javascript 2a00:1450:4001:821::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

34d69de48b65bde0c3e64cb5b11b72d46825c897121be7309fdf7533fa3d2f0f

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:path: /gtm.js?id=GTM-58NJHGM
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googletagmanager.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 21350
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2017 19:23:35 GMT

GET PAZw4jCkF-8
www.youtube.com/embed/ Frame 1905 0
0

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
pragma: no-cache
origin: https://www.ivanti.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
Origin: https://www.ivanti.com

Response headers

date: Mon, 15 May 2017 17:00:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
age: 95003
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 15572
x-xss-protection: 1; mode=block
expires: Tue, 15 May 2018 17:00:12 GMT

GET
H2 200 MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 16 KB
16 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:821::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /s/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
pragma: no-cache
origin: https://www.ivanti.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: fonts.gstatic.com
referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
Origin: https://www.ivanti.com

Response headers

date: Tue, 16 May 2017 19:09:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2015 23:45:12 GMT
server: sffe
age: 841
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 16164
x-xss-protection: 1; mode=block
expires: Wed, 16 May 2018 19:09:34 GMT

GET
H2 200 fontawesome-webfont.woff2
blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/fonts/ 70 KB
70 KB 33ms
17ms Font
application/octet-stream 2400:cb00:2048:1::6818:8310
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path: /wp-content/themes/colormag-pro/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
pragma: no-cache
origin: https://www.ivanti.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
referer: https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
Origin: https://www.ivanti.com

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 71896
last-modified: Fri, 09 Dec 2016 22:50:32 GMT
server: cloudflare-nginx
etag: "118d8-5434194cdbe00"
vary: Accept-Encoding
access-control-allow-origin: https://www.ivanti.com
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
set-cookie: __cfduid=d10d6eead0eff85933e7426766eded9921494962615; expires=Wed, 16-May-18 19:23:35 GMT; path=/; domain=.ivanti.com; HttpOnly
accept-ranges: bytes
cf-ray: 3600b65c2a7b2738-FRA
x-proxy-cache: MISS

GET
H2 200 GetWellQuick_BlogBanner.jpg
blog.ivanti.com/wp-content/uploads/2017/05/ 11 KB
11 KB 27ms
21ms Image
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/05/GetWellQuick_BlogBanner.jpg
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 127842d6e466cac5bde82cd727067ca1e1bce783d768828fd1d858c247e0f40d

Request headers

:path: /wp-content/uploads/2017/05/GetWellQuick_BlogBanner.jpg
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=61980
status: 200
content-disposition: inline; filename="GetWellQuick_BlogBanner.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 11726
last-modified: Mon, 15 May 2017 19:40:17 GMT
server: cloudflare-nginx
etag: "f21c-54f953982bdc7"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68ae2372-FRA
x-proxy-cache: HIT
cf-bgj: imgq:85

GET
H2 200 GettyImages-521696932-e1486674941664-390x205.jpg
blog.ivanti.com/wp-content/uploads/2017/02/ 18 KB
18 KB 25ms
18ms Image
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/02/GettyImages-521696932-e1486674941664-390x205.jpg
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: ae2b8d3b25db6bdf22afd91d5754501d6a52bdf4e89697c4b41f3f6ee3ea65c4

Request headers

:path: /wp-content/uploads/2017/02/GettyImages-521696932-e1486674941664-390x205.jpg
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=21420
status: 200
content-disposition: inline; filename="GettyImages-521696932-e1486674941664-390x205.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 18846
last-modified: Thu, 09 Feb 2017 21:15:48 GMT
server: cloudflare-nginx
etag: "53ac-5481f7c37932e"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b82372-FRA
x-proxy-cache: MISS
cf-bgj: imgq:85

GET
H2 200 GettyImages-520095558-390x205.jpg
blog.ivanti.com/wp-content/uploads/2017/03/ 10 KB
10 KB 447ms
441ms Image
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/03/GettyImages-520095558-390x205.jpg
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: fd8def02c7550f9b8bee369d4d3765e93d3f2c422b4a9a5d877113a71abd7290

Request headers

:path: /wp-content/uploads/2017/03/GettyImages-520095558-390x205.jpg
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=14235
status: 200
content-disposition: inline; filename="GettyImages-520095558-390x205.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 10582
last-modified: Thu, 02 Mar 2017 00:50:23 GMT
server: cloudflare-nginx
etag: "379b-549b4d06b2f05"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:36 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b92372-FRA
x-proxy-cache: MISS
cf-bgj: imgq:85

GET
H2 200 GettyImages-538164129-390x205.jpg
blog.ivanti.com/wp-content/uploads/2017/02/ 16 KB
16 KB 468ms
462ms Image
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/02/GettyImages-538164129-390x205.jpg
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: b71658912f07a6658257013f7db886d9a0d4e9d13a9a44bb35ad19e65d1f95b7

Request headers

:path: /wp-content/uploads/2017/02/GettyImages-538164129-390x205.jpg
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
cf-cache-status: REVALIDATED
cf-polished: qual=85, origFmt=jpeg, origSize=19809
status: 200
content-disposition: inline; filename="GettyImages-538164129-390x205.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 16220
last-modified: Thu, 09 Feb 2017 16:35:04 GMT
server: cloudflare-nginx
etag: "4d61-5481b90394c19"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:36 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68ba2372-FRA
x-proxy-cache: MISS
cf-bgj: imgq:85

GET
H2 200 script.min.js Show response
blog.ivanti.com/wp-content/plugins/social-warfare/js/ 9 KB
3 KB 27ms
21ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/plugins/social-warfare/js/script.min.js?ver=2.2.3
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3b25b859a065148a4b45ffd5b8df4e39fd7d0f77810cbba9897869910149579e

Request headers

:path: /wp-content/plugins/social-warfare/js/script.min.js?ver=2.2.3
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 3488
last-modified: Fri, 28 Apr 2017 23:12:40 GMT
server: cloudflare-nginx
etag: "251c-54e4235c2110c-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68af2372-FRA
x-proxy-cache: MISS

GET
H2 200 comment-reply.min.js Show response
blog.ivanti.com/wp-includes/js/ 1 KB
607 B 20ms
13ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-includes/js/comment-reply.min.js?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 589
last-modified: Fri, 09 Dec 2016 22:52:09 GMT
server: cloudflare-nginx
etag: "436-543419a95d840-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b02372-FRA
x-proxy-cache: HIT

GET
H2 200 jquery.newsTicker.min.js Show response
blog.ivanti.com/wp-content/themes/colormag-pro/js/news-ticker/ 3 KB
1 KB 19ms
13ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/themes/colormag-pro/js/news-ticker/jquery.newsTicker.min.js?ver=1.0.0
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 1987264e8499e4ccdbad444bacf77e0a266dc4665a894d970f92f554ef7ca23b

Request headers

:path: /wp-content/themes/colormag-pro/js/news-ticker/jquery.newsTicker.min.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 1102
last-modified: Fri, 09 Dec 2016 22:51:08 GMT
server: cloudflare-nginx
etag: "da9-5434196f30f00-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b12372-FRA
x-proxy-cache: MISS

GET
H2 200 navigation.min.js Show response
blog.ivanti.com/wp-content/themes/colormag-pro/js/ 1015 B
327 B 17ms
11ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/themes/colormag-pro/js/navigation.min.js?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 41f3fe4ce62f3d3f75f6ca8d5c801832f4dc941028ed09cd2ddf5a5b9f0712d3

Request headers

:path: /wp-content/themes/colormag-pro/js/navigation.min.js?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 309
last-modified: Fri, 09 Dec 2016 22:51:07 GMT
server: cloudflare-nginx
etag: "3f7-5434196e3ccc0-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b22372-FRA
x-proxy-cache: HIT

GET
H2 200 jquery.fitvids.min.js Show response
blog.ivanti.com/wp-content/themes/colormag-pro/js/fitvids/ 2 KB
979 B 17ms
12ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/themes/colormag-pro/js/fitvids/jquery.fitvids.min.js?ver=20150311
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 28b0b03f51551de0682bed42b4cb9d56508a09f636ff48e3f97df64473d311d4

Request headers

:path: /wp-content/themes/colormag-pro/js/fitvids/jquery.fitvids.min.js?ver=20150311
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 961
last-modified: Fri, 09 Dec 2016 22:51:03 GMT
server: cloudflare-nginx
etag: "7d0-5434196a6c3c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b32372-FRA
x-proxy-cache: MISS

GET
H2 200 colormag-custom.min.js Show response
blog.ivanti.com/wp-content/themes/colormag-pro/js/ 4 KB
1 KB 18ms
13ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/themes/colormag-pro/js/colormag-custom.min.js?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 3d4e26de67ea97302d6fe75f2177e1efa710724633e9af46f52ab195d5ebdfb5

Request headers

:path: /wp-content/themes/colormag-pro/js/colormag-custom.min.js?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 1272
last-modified: Fri, 09 Dec 2016 22:51:02 GMT
server: cloudflare-nginx
etag: "fac-5434196978180-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b42372-FRA
x-proxy-cache: MISS

GET
H2 200 wp-embed.min.js Show response
blog.ivanti.com/wp-includes/js/ 1 KB
769 B 17ms
12ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-includes/js/wp-embed.min.js?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 751
last-modified: Mon, 09 Jan 2017 05:32:26 GMT
server: cloudflare-nginx
etag: "576-545a2b1596e80-gzip"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b65c68b52372-FRA
x-proxy-cache: MISS

GET
H2 200 disqus.js Show response
blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/ 1 KB
572 B 19ms
14ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: bfb06dfa993502132397ad9589ab6ba754382bce89650d951026c33a8466f8e6

Request headers

:path: /wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2017 23:12:34 GMT
server: cloudflare-nginx
etag: W/"85b-54e423566600f-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
host-header: 192fc2e7e50945beb8231a492d6a8024
cf-ray: 3600b65c68b62372-FRA
x-proxy-cache: HIT
expires: Tue, 16 May 2017 23:23:35 GMT

GET
H2 200 count.js Show response
blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/ 703 B
415 B 26ms
21ms Script
application/javascript 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/count.js?ver=4.7.4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 7d36c045b22d6da0b15fc356fe9309e24ac61f20768d2f216f890d042111136f

Request headers

:path: /wp-content/plugins/disqus-comment-system/media/js/count.js?ver=4.7.4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Apr 2017 23:12:34 GMT
server: cloudflare-nginx
etag: W/"36f-54e423566600f-gzip"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=14400
host-header: 192fc2e7e50945beb8231a492d6a8024
cf-ray: 3600b65c68b72372-FRA
x-proxy-cache: HIT
expires: Tue, 16 May 2017 23:23:35 GMT

GET
H2 200 sw-icon-font.woff
blog.ivanti.com/wp-content/plugins/social-warfare/fonts/ 5 KB
5 KB 18ms
18ms Font
application/x-font-woff 2400:cb00:2048:1::6818:8310
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/plugins/social-warfare/fonts/sw-icon-font.woff?ver=2.2.3
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: c2fd8786984ff6182f4907ad66c53558d8a246bb0a2c197f871297d3c6290e7e

Request headers

:path: /wp-content/plugins/social-warfare/fonts/sw-icon-font.woff?ver=2.2.3
pragma: no-cache
origin: https://www.ivanti.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: blog.ivanti.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin: https://www.ivanti.com

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
cf-cache-status: HIT
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 5004
last-modified: Fri, 28 Apr 2017 23:12:40 GMT
server: cloudflare-nginx
etag: "138c-54e4235c214f4"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: https://www.ivanti.com
expires: Tue, 16 May 2017 23:23:35 GMT
cache-control: public, max-age=14400
set-cookie: __cfduid=d9399306f3aca5f4db3012f9a42a696f61494962615; expires=Wed, 16-May-18 19:23:35 GMT; path=/; domain=.ivanti.com; HttpOnly
accept-ranges: bytes
cf-ray: 3600b65c6aa52738-FRA
x-proxy-cache: MISS

GET
H/1.1 200
OK embed.js Show response
http-blog-ivanti-com.disqus.com/ 54 KB
18 KB 297ms
283ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://http-blog-ivanti-com.disqus.com/embed.js

Requested by

Host: blog.ivanti.com
URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

4724c9067466ced8a9b5d7290976e8782d86d0adf4de9842f31522c45c7f56df

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: http-blog-ivanti-com.disqus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 18194

GET
H/1.1 200
OK count.js Show response
http-blog-ivanti-com.disqus.com/ 1 KB
871 B 300ms
286ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://http-blog-ivanti-com.disqus.com/count.js

Requested by

Host: blog.ivanti.com
URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/count.js?ver=4.7.4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: http-blog-ivanti-com.disqus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 259673
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 May 2017 20:08:03 GMT
Server: nginx
ETag: "5914c4a3-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Fastly-Debug-Digest: b6f975ecd04a5ce489da7a841091c3fab14aef5410aa4ba7ad8fdad8e7244bef
Cache-Control: public, max-age=86400
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 29 KB
12 KB 24ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:path: /analytics.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.google-analytics.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 May 2017 01:31:56 GMT
server: Golfe2
age: 4459
date: Tue, 16 May 2017 18:09:16 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 12267
expires: Tue, 16 May 2017 20:09:16 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 25 KB
8 KB 26ms
8ms Script
text/javascript 104.111.225.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-225-71.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3b96a9e5098a4e3aee948a8277e558ff1de56c055ec5b6399db481a27d3e5c4c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.adroll.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

x-amz-version-id: YrQyGI1lvCPL9YiBfYqWLzIOWw223rnx
Content-Encoding: gzip
ETag: "eed90a231548261e9189f0900fd0bc77"
x-amz-request-id: 65E3E5BDD83DD32E
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 8158
x-amz-id-2: Cp0xzQmbl9JnT2h3Oxp58hbmmKW/7HcU7J9eUultWhbMykAO3C6M8qS2DLYQmClNluO4aNYN/hE=
Last-Modified: Mon, 15 May 2017 23:44:40 GMT
Server: AmazonS3
Date: Tue, 16 May 2017 19:23:35 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 11 KB
4 KB 44ms
26ms Script
text/javascript 172.217.22.98
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

fra15s18-in-f2.1e100.net

Software

cafe /

Resource Hash

7ebb06267aa575b87263b3699bfe3680e364caba99458536f484e8f993dfe279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/conversion_async.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.googleadservices.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7418607575082404417
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=86400
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 4406
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2017 19:23:35 GMT

GET
H/1.1 200
OK Cookie set bat.js Show response
bat.bing.com/ 9 KB
3 KB 62ms
35ms Script
application/javascript 13.107.21.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1e616b6c247a49d421851c467056873dd9aaa9e1cf3900bb161ae1b1889f84ac

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bat.bing.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 May 2017 15:29:32 GMT
Server: Microsoft-IIS/10.0
X-MSEdge-Ref: Ref A: 5BB33C3D1A1A4B7DACDB1A3B1CBB0551 Ref B: FRAEDGE0121 Ref C: Tue May 16 12:23:35 2017 PST
ETag: "05660e558c3d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: private,max-age=1800
Set-Cookie: MUID=17F63343BF8560A7297339C7BB856381; domain=.bing.com; expires=Sun, 10-Jun-2018 19:23:35 GMT; path=/; MR=0; domain=bat.bing.com; expires=Sun, 12-Nov-2017 19:23:35 GMT; path=/; MUIDB=1E111C89E9D46CCC3F63160DE8A66D92; path=/; httponly; expires=Thu, 16-May-2019 19:23:35 GMT
Accept-Ranges: bytes
Content-Length: 3324

GET
H/1.1 200
OK uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 23ms
6ms Script
application/javascript 104.244.43.16
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.43.16 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software: /
Resource Hash: 4f87c2b0b342c2382eb83be1b1426678e85e786249cf7ba876cf79c77b85f661

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: static.ads-twitter.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:35 GMT
Content-Encoding: gzip
Age: 70031
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection: keep-alive
Content-Length: 1963
X-Served-By: cache-tw-fra1-cr1-13-TWFRA1
Last-Modified: Wed, 28 Dec 2016 23:53:52 GMT
X-Timer: S1494962615.874293,VS0,VE0
Etag: "d5d9df51a4d7293c6a63d37d9b36655a+gzip"
Vary: Accept-Encoding,Host
Content-Type: application/javascript; charset=utf-8
Via: 1.1 varnish
Cache-Control: no-cache
Accept-Ranges: bytes

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
721 B 43ms
27ms Script
application/x-javascript 104.108.45.199
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.45.199 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-45-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 883de2757b75c91b86d6363bea71ce63e9104a61b243191367ef642a50e8e44e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: munchkin.marketo.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 02 May 2017 03:28:44 GMT
Server: Apache
ETag: "52f682487162dca00a8db14347d422ac:1493695724"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 721

GET
H/1.1 200
OK 105543.js Show response
cdn.zarget.com/80509/ 264 KB
72 KB 439ms
97ms Script
text/javascript 52.85.90.112
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.zarget.com/80509/105543.js
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.85.90.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-85-90-112.jfk6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f73730d3854da675deec7d4bac6cc4a42c324db1caf4cdd91e20a7b8d84dcb67

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: cdn.zarget.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Fri, 12 May 2017 01:38:25 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 May 2017 23:51:52 GMT
Server: AmazonS3
Age: 51
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 1c618ea0f595386e66803b2a07e0f4dc.cloudfront.net (CloudFront)
Cache-Control: max-age=120
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: uA5qoe9-V68jMxTWGvfo62IPR0bpjuIw121a5xOmVx71AGE_WK079A==

GET
H/1.1 200
OK tracking.js Show response
cdn.livechatinc.com/ 150 KB
39 KB 22ms
7ms Script
text/javascript 104.111.240.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.240.138 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-240-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f5e1b14529a9e35ce4caf1e8b0bad54823bd67f04300f0caad49ac3f6cd1700a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: cdn.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2017 09:26:33 GMT
Server: Apache
ETag: "e0a8e-25942-54f8ca69ee440"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=42034
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39516
Expires: Wed, 17 May 2017 07:04:09 GMT

GET
H/1.1 200
OK preload.js Show response
front.optimonk.com/public/15473/js/ 19 KB
5 KB 244ms
49ms Script
application/javascript 54.76.253.168
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://front.optimonk.com/public/15473/js/preload.js
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.253.168 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-76-253-168.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 7c5ffd72b77134dc61aca30e5b68f84f25ed274a8f5db202e589aa24c419a8cb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: front.optimonk.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Expires: Wed, 16 May 2018 19:23:36 GMT
Cache-Control: no-cache, max-age=31536000, public
transfer-encoding: chunked
Connection: keep-alive
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 27 KB
9 KB 31ms
14ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

0ca776e8668becd670dda66f0d273a9074f852951abf18ba5340441c5fd0c94b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /en_US/fbevents.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
content-length: 8816
x-xss-protection: 0
pragma: public
x-fb-debug: /DPXUuRq8OiRDGcwG2ljN9eYhEyZmRpkNPIg/yH79LSP2h613ab4bzdU5V/gVbDGREvyjq+oq4rnRRG4lw2+kA==
x-frame-options: DENY
date: Tue, 16 May 2017 19:23:35 GMT
strict-transport-security: max-age=15552000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 22 KB
8 KB 39ms
14ms Script
application/x-javascript 2a02:26f0:78:19f::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:78:19f::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: b314be9bd5782c13508c0802d599b366f2fa7e2a78909f2eda47db76ed7530f2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: snap.licdn.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:35 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Feb 2017 20:34:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7727

GET
H2

200

ga-audiences
www.google.de/pagead/
Redirect Chain

https://www.google.com/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=696872105.1494962616&jid=1254041017&_v=j54&z=2018329402
https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=696872105.1494962616&jid=1254041017&_v=j54&z=2018329402&slf_rd=1&random=2077751874

42 B
51 B

81ms
44ms

Image
image/gif

2a00:1450:401b:801::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=696872105.1494962616&jid=1254041017&_v=j54&z=2018329402&slf_rd=1&random=2077751874

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=696872105.1494962616&jid=1254041017&_v=j54&z=2018329402&slf_rd=1&random=2077751874
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.de
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2017 19:23:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 16 May 2017 19:23:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=696872105.1494962616&jid=1254041017&_v=j54&z=2018329402&slf_rd=1&random=2077751874
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

FFO7TZIFCFDQLOBYNKQ5EZ.js Show response
s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/
Redirect Chain

https://d.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3?pv=1873272696.3272662&cookie=&adroll_s_ref=&keyw=&rpu=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attac...
https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js

14 KB
4 KB

271ms
270ms

Script
text/javascript

104.111.225.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-225-71.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: aedb197e0068e18a917fc32550d35e62544499ca06b83324cca9f0d88a3dfa59

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.adroll.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

x-amz-version-id: EXzFHjIx43XlGcq7hBj04cRBwg6Y4lVd
Content-Encoding: gzip
ETag: "252a608fd24cf0c64b1570ae2b1dfe90"
x-amz-request-id: 0B41E05D7FEC357C
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 3932
x-amz-id-2: w3byGKohFx1nCNFtP4x6eFMvnC4c8tn8XKAj+GfS7OtwMVYcrtIkFJ7noX/43Xv8AaIzHAGPLog=
Last-Modified: Wed, 29 Mar 2017 00:44:23 GMT
Server: AmazonS3
Date: Tue, 16 May 2017 19:23:36 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 16 May 2017 19:23:36 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.10.2
X-Rule: *
X-Segment-Eid: FFO7TZIFCFDQLOBYNKQ5EZ
Location: https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: M7DED2HG3BAN5O3GZ46YT3
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:35 GMT; Max-Age=34128000; Path=/
X-Segment-Name: *
X-Advertisable-Eid: G24WZIE6VBGA3PWU7NRQRR
X-Conversion-Currency

GET
H2 200 adsct
t.co/i/ 43 B
64 B 122ms
109ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx61s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx61s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: t.co
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 200 OK
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 1; mode=block
x-response-time: 102
pragma: no-cache
last-modified: Tue, 16 May 2017 19:23:35 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d3e9de330c1261faded74932192ebb8b
x-transaction: 00728df2003c76c8
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK Cookie set get_dynamic_config.js Show response
secure.livechatinc.com/licence/1082968/ 694 B
360 B 217ms
205ms Script
application/x-javascript 172.227.117.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/1082968/get_dynamic_config.js?t=1494962615921&referrer=&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&params=&jsonp=__lc_data_154876&groups=13
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a172-227-117-156.deploy.static.akamaitechnologies.com
Software: Cowboy /
Resource Hash: fc71ac2504dfb63730d102f349e2e7eafbdf6130ce07f91b52bde3297ed2c35a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: Accept-Encoding
Connection: keep-alive
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: __livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0; Version=1; Expires=Sun, 14-Jun-2020 19:23:36 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type: application/x-javascript
Content-Length: 360
Expires: Tue, 16 May 2017 19:23:36 GMT

GET
H2

200

/
www.google.de/ads/user-lists/1016569662/
Redirect Chain

https://www.google.com/ads/user-lists/1016569662/?random=1494962615923&cv=8&fst=1494962615923&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
https://www.google.de/ads/user-lists/1016569662/?random=1494962615923&cv=8&fst=1494962615923&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...

42 B
51 B

84ms
42ms

Image
image/gif

2a00:1450:401b:801::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/1016569662/?random=1494962615923&cv=8&fst=1494962615923&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&data=window%3Dgoogle_tag_params&frm=0&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&tiba=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&async=1&cdct=2&random=2629497707&fpvtc=/1016569662/%3Frandom%3D1090447965%26cv%3D8%26fst%3D1494961200000%26num%3D1%26fmt%3D3%26guid%3DON%26eid%3D376635470%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26data%3Dwindow%253Dgoogle_tag_params%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.ivanti.com%252Fblog%252Fbreaking-large-scale-cyber-attack%252F%26tiba%3DBreaking%253A%2520WannaCry%2520Ransomware%2520Exploding%2520Across%2520the%2520Globe%2520-%2520Ivanti%2520Blog%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /ads/user-lists/1016569662/?random=1494962615923&cv=8&fst=1494962615923&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&data=window%3Dgoogle_tag_params&frm=0&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&tiba=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&async=1&cdct=2&random=2629497707&fpvtc=/1016569662/%3Frandom%3D1090447965%26cv%3D8%26fst%3D1494961200000%26num%3D1%26fmt%3D3%26guid%3DON%26eid%3D376635470%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26data%3Dwindow%253Dgoogle_tag_params%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.ivanti.com%252Fblog%252Fbreaking-large-scale-cyber-attack%252F%26tiba%3DBreaking%253A%2520WannaCry%2520Ransomware%2520Exploding%2520Across%2520the%2520Globe%2520-%2520Ivanti%2520Blog%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.google.de
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2017 19:23:36 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 16 May 2017 19:23:36 GMT
x-content-type-options: nosniff
server: adclick_server
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/user-lists/1016569662/?random=1494962615923&cv=8&fst=1494962615923&num=1&fmt=3&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&data=window%3Dgoogle_tag_params&frm=0&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&tiba=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&async=1&cdct=2&random=2629497707&fpvtc=/1016569662/%3Frandom%3D1090447965%26cv%3D8%26fst%3D1494961200000%26num%3D1%26fmt%3D3%26guid%3DON%26eid%3D376635470%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26data%3Dwindow%253Dgoogle_tag_params%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.ivanti.com%252Fblog%252Fbreaking-large-scale-cyber-attack%252F%26tiba%3DBreaking%253A%2520WannaCry%2520Ransomware%2520Exploding%2520Across%2520the%2520Globe%2520-%2520Ivanti%2520Blog%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
cache-control: private, max-age=43200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 1323
x-xss-protection: 1; mode=block
expires: Tue, 16 May 2017 19:23:36 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/151/ 8 KB
3 KB 16ms
15ms Script
application/x-javascript 104.108.45.199
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/151/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.45.199 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-108-45-199.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: munchkin.marketo.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 Aug 2015 02:19:08 GMT
Server: Apache
ETag: "bd3daad4a1e88a1196d76b6dd3c9deed:1440037148"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3503
Expires: Thu, 24 Aug 2017 19:23:35 GMT

GET
H2 200 2089655881261153 Show response
connect.facebook.net/signals/config/ 236 B
178 B 153ms
153ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2089655881261153?v=2.7.9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

44b39a06e25dbe68dcf48809d15dd3374692a575456978fd694ee13903ef92f9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /signals/config/2089655881261153?v=2.7.9
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: kV4sA5PF4uWH9ylrYwejiJ82tg4a/KFVmUS8z/xSDh2U/qxTqOfPphrpu5PpHKOdUpOG0wGZb6iXYDtz3lRhfA==
x-frame-options: DENY
date: Tue, 16 May 2017 19:23:36 GMT
strict-transport-security: max-age=15552000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 204
No Content 0
bat.bing.com/action/ 0
0 36ms
35ms Image
text/plain 13.107.21.200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5601375&Ver=2&mid=ccc4c50d-d9eb-2a99-a5d9-62e36c37ab5f&evt=pageLoad&sid=cfc6b1b4-1&lt=1081&pi=-1748725250&lg=en-US&sw=1600&sh=1200&sc=24&tl=Breaking:%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&p=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&r=&rn=55
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: bat.bing.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: MUID=17F63343BF8560A7297339C7BB856381; MR=0; MUIDB=1E111C89E9D46CCC3F63160DE8A66D92
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Tue, 16 May 2017 19:23:35 GMT
Cache-Control: no-cache, must-revalidate
Server: Microsoft-IIS/10.0
X-MSEdge-Ref: Ref A: 12CE38B05C0F44E1B416B4DC537CE065 Ref B: FRAEDGE0121 Ref C: Tue May 16 12:23:35 2017 PST
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set visitWebPage Show response
635-qzi-186.mktoresp.com/webevents/ 43 B
43 B 469ms
150ms XHR
image/gif 199.15.215.200
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://635-qzi-186.mktoresp.com/webevents/visitWebPage?_mchNc=1494962615949&_mchCn=&_mchId=635-QZI-186&_mchTk=_mch-ivanti.com-1494962615949-85598&_mchWs=j1RQdQ%253D%253D&_mchHo=www.ivanti.com&_mchPo=&_mchRu=%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&_mchPc=https%3A&_mchVr=151&_mchHa=&_mchRe=&_mchQp=

Requested by

Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/151/munchkin.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

199.15.215.200 San Mateo, United States, ASN53580 (MARKETO - MARKETO, US),

Reverse DNS

Software

Apache /

Resource Hash

cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Pragma: no-cache
Origin: https://www.ivanti.com
Accept-Encoding: gzip, deflate, sdch, br
Host: 635-qzi-186.mktoresp.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin: https://www.ivanti.com

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 May 2017 14:23:36 -0500
Server: Apache
Connection: Keep-Alive
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Set-Cookie: BIGipServersjiweb-mch_https=!PhHDhVQG7DKJ0Pc7UjDbfG4cOByWJaIfG5byXjVd7opemCoL1wXtFAsEuZcJSzY3aRgguNCm/xx2/es=; path=/
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 43
Expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
53 B 44ms
26ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=2089655881261153&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962616098&v=2.7.9&ec=0&o=4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=2089655881261153&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962616098&v=2.7.9&ec=0&o=4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: fr=0bIfPH4EImSBDiV0q..BZG1G4...1.0.BZG1G4.; expires=Monday, 14-Aug-2017 19:23:36 GMT; path=/; domain=.facebook.com; HttpOnly
content-length: 44
expires: Tue, 16 May 2017 19:23:36 GMT

GET
H/1.1 200
OK count-data.js Show response
http-blog-ivanti-com.disqus.com/ 401 B
248 B 176ms
175ms Script
application/javascript 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://http-blog-ivanti-com.disqus.com/count-data.js?1=16684%20https%3A%2F%2Fwww.ivanti.com%2Fblog%2F%3Fp%3D16684&1=6400%20http%3A%2F%2Fblog.ivanti.com%2F%3Fp%3D6400&1=6404%20http%3A%2F%2Fblog.ivanti.com%2F%3Fp%3D6404&1=6666%20http%3A%2F%2Fblog.ivanti.com%2F%3Fp%3D6666

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

8f91aace8937615c79d47c44bc6222f23464a7f4eb9f762e80c2d94e2080ffe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: http-blog-ivanti-com.disqus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Connection: keep-alive
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 248
X-XSS-Protection: 1; mode=block

GET
H2 200 lounge.5d3e12b2c6dfd2d251a2140f75c4f7b9.css
c.disquscdn.com/next/embed/styles/ 74 KB
14 KB 93ms
89ms Stylesheet
text/css 2400:cb00:2048:1::6810:50a6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.5d3e12b2c6dfd2d251a2140f75c4f7b9.css

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

a827505d3c24dac2be8a2082474ab5249aae5dd2e9a9bbf1e2d68cd913d97493

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /next/embed/styles/lounge.5d3e12b2c6dfd2d251a2140f75c4f7b9.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: c.disquscdn.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 14758
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 09 May 2017 20:35:01 GMT
server: cloudflare-nginx
fastly-debug-digest: 5e9119e286a859f10bd181e17e41d1e2b8ba56bc53c58c8f9832ce015e649370
etag: "591227f5-39a6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 3600b65eba96275c-FRA
expires: Wed, 09 May 2018 20:42:28 GMT

GET
H2 200 common.bundle.94805df7d922d8c7efc1170776463a6c.js Show response
c.disquscdn.com/next/embed/ 241 KB
81 KB 113ms
109ms Script
application/javascript 2400:cb00:2048:1::6810:50a6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.94805df7d922d8c7efc1170776463a6c.js

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

8815fd355ba9c854703f40ac3bb489ab1a41b5d8dba919590dc67b6284239334

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

:path: /next/embed/common.bundle.94805df7d922d8c7efc1170776463a6c.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: c.disquscdn.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 82571
timing-allow-origin: *
last-modified: Fri, 28 Apr 2017 17:57:06 GMT
server: cloudflare-nginx
fastly-debug-digest: b14e257277e531988fd36469a0a0351aa5570917ba44adb82f5c04456bc0c3fd
etag: "59038272-1428b"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 3600b65eba97275c-FRA
expires: Sat, 28 Apr 2018 18:01:46 GMT

GET
H2 200 lounge.bundle.d084be950e0f51ab6f06a54619af4c90.js Show response
c.disquscdn.com/next/embed/ 333 KB
83 KB 100ms
96ms Script
application/javascript 2400:cb00:2048:1::6810:50a6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.d084be950e0f51ab6f06a54619af4c90.js

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

fe0358e3de4b6b30b75037d25b083852693fc0942ea4bb0824fb2a447c273bf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /next/embed/lounge.bundle.d084be950e0f51ab6f06a54619af4c90.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: c.disquscdn.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 85159
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 15 May 2017 18:39:23 GMT
server: cloudflare-nginx
fastly-debug-digest: 2b5ab6b3bee555924b938ded7c6b699daa36930b882a4b455d8c6982c9e704d2
etag: "5919f5db-14ca7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 3600b65eba98275c-FRA
expires: Tue, 15 May 2018 18:49:02 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ 3 KB
1 KB 9ms
6ms Script
application/javascript 151.101.64.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

f1d0cd6a8d28ec361d452601c4f9c6ec2b9f2651c4a6017b8ba4bbfdd7543a79

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: disqus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 58
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 1476
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

POST
H/1.1 200
OK load Show response
front.optimonk.com/public/15473/js/ 61 KB
14 KB 309ms
226ms XHR
application/javascript 46.51.202.68
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://front.optimonk.com/public/15473/js/load
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/public/15473/js/preload.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.202.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-46-51-202-68.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: d8d922f448989ade60acfb5bd0bf2bb6b0c99800a36aeaf27b1553a7cc8b5e58

Request headers

Pragma: no-cache
Origin: https://www.ivanti.com
Accept-Encoding: gzip, deflate, br
Host: front.optimonk.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Content-Length: 98
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin: https://www.ivanti.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Expires: Wed, 16 May 2018 19:23:36 GMT
Cache-Control: no-cache, max-age=31536000, public
transfer-encoding: chunked
Connection: keep-alive
X-UA-Compatible: IE=Edge,chrome=1

GET
H/1.1 200
OK get_static_config.13.1544.3.5.1197.412.143.304.5.4.47.2.7.js Show response
secure.livechatinc.com/licence/1082968/ 6 KB
2 KB 9ms
8ms Script
application/x-javascript 172.227.117.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/1082968/get_static_config.13.1544.3.5.1197.412.143.304.5.4.47.2.7.js?&jsonp=__lc_data_static_config&groups=13
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a172-227-117-156.deploy.static.akamaitechnologies.com
Software: Cowboy /
Resource Hash: 0afc90352ecc913458dee869009342ee6c4bc2627dfcf4da64c3a3496bd86d4d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: __livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 1591
Expires: Tue, 16 May 2017 19:28:06 GMT

GET
H/1.1 200
OK localization.en.13.3632191afe35222a6b78c04d457adc0d_24aa645f930e654d97d96659424d4d73.js Show response
secure.livechatinc.com/licence/1082968/ 7 KB
3 KB 8ms
8ms Script
application/x-javascript 172.227.117.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/1082968/localization.en.13.3632191afe35222a6b78c04d457adc0d_24aa645f930e654d97d96659424d4d73.js?jsonp=__lc_lang
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a172-227-117-156.deploy.static.akamaitechnologies.com
Software: Cowboy /
Resource Hash: b1e76d1a44cff87d061990a48267b376ed8b58187430a7c6ef5c21abcfc3cb4b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: __livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: gzip
Server: Cowboy
ETag: 165135007116453010677466573200534084151
Vary: Accept-Encoding
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 2689
Expires: Tue, 16 May 2017 19:28:23 GMT

GET
H/1.1 200
OK Cookie set ping Show response
secure.livechatinc.com/licence/1082968/ 73 B
73 B 159ms
154ms Script
application/x-javascript 172.227.117.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/1082968/ping?t=1494962616159&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962616.45c7796e44%22%2C%22group%22%3A13%7D%2C%22page%22%3A%7B%22title%22%3A%22Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog%22%2C%22url%22%3A%22https%3A%5C%2F%5C%2Fwww.ivanti.com%5C%2Fblog%5C%2Fbreaking-large-scale-cyber-attack%5C%2F%22%7D%2C%22script_version%22%3A%7B%22tracking_env%22%3A%22production%22%2C%22tracking_version%22%3A%2220170515092623%22%7D%7D&jsonp=__lc_ping_742573
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a172-227-117-156.deploy.static.akamaitechnologies.com
Software: Cowboy /
Resource Hash: 650841dbb10dbde6222ee80bab4ed00f64b23e142bc190a0263365338f3bc2b1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: __livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: Cowboy
Connection: keep-alive
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: __livechat=lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0; Version=1; Expires=Sun, 14-Jun-2020 19:23:36 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly __livechat_lastvisit=ivanti.com%3D1494962616; Version=1; Expires=Sun, 14-Jun-2020 19:23:36 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type: application/x-javascript
Content-Length: 73
Expires: Tue, 16 May 2017 19:23:36 GMT

GET open_chat.cgi
secure.livechatinc.com/licence/1082968/ Frame 1905 0
0

GET
H/1.1 200
OK livechat-minimal_337558d286.ttf
cdn.livechatinc.com/fonts/minimal/ Frame 1905 3 KB
3 KB 26ms
11ms Font
font/ttf 104.111.240.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/fonts/minimal/livechat-minimal_337558d286.ttf?i0ym10
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.240.138 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-240-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ac82716f6558269fa49ea2cc3aede2586e26946cf1cfad9691704d1b2bc0a227

Request headers

Pragma: no-cache
Origin: https://www.ivanti.com
Accept-Encoding: gzip, deflate, sdch, br
Host: cdn.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Origin: https://www.ivanti.com

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Last-Modified: Mon, 06 Mar 2017 12:22:02 GMT
Server: Apache
ETag: "260ff0-b88-54a0ef14e6e80"
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, private, max-age=25789023
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2952
Expires: Sun, 11 Mar 2018 07:00:39 GMT

GET
H2 200 9k-RPmcnxYEPm8CNFsH2gg.woff
themes.googleusercontent.com/static/fonts/lato/v6/ Frame 1905 49 KB
41 KB 20ms
5ms Font
font/woff 2a00:1450:4001:821::2001
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/lato/v6/9k-RPmcnxYEPm8CNFsH2gg.woff

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

c56d3ae16344120475d9ea84cf1814c94390896586be0e2c19447cc98e4a66f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /static/fonts/lato/v6/9k-RPmcnxYEPm8CNFsH2gg.woff
pragma: no-cache
origin: https://www.ivanti.com
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: themes.googleusercontent.com
:scheme: https
x-client-data: CIi2yQEIpLbJAQ==
:method: GET
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Origin: https://www.ivanti.com

Response headers

date: Fri, 12 May 2017 12:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 372156
status: 200
alt-svc: quic=":443"; ma=2592000; v="37,36,35"
content-length: 42359
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 May 2018 12:01:00 GMT

GET /
disqus.com/embed/comments/ Frame 1905 0
0

GET /
disqusads.com/ads-iframe/adsnative/ Frame 1905 0
0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
43 B 137ms
125ms Image
image/gif 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://referrer.disqus.com/juggler/event.gif?imp=4igl9a22midq87&experiment=network_default&variant=fallthrough&service=dynamic&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&area=top&product=embed&forum=http-blog-ivanti-com&zone=thread&version=cc9da4ac74e3e5dced15c079995f3bfd&page_url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&page_referrer=&object_type=provider&object_id=adsnative&provider=adsnative&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&event=activity&section=default&verb=call&adjective=1&forum_id=4875862
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: referrer.disqus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK sendrolling.js Show response
s.adroll.com/j/ 9 KB
2 KB 9ms
9ms Script
text/javascript 104.111.225.71
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/sendrolling.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.225.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-225-71.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4125a8a182a4ab66fa42f836528265b9251a6674fe723e4e08c3c4f050167beb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: s.adroll.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

x-amz-version-id: DCdta4yOMK.dXSP_scJrHWcfLA8ZfeXW
Content-Encoding: gzip
ETag: "dc33501e63068fdcec9da49b539debbe"
x-amz-request-id: 959FFFC4E5716F78
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2012
x-amz-id-2: h9VFbMEF5IkoXuhIUO9f6exoCMdOhvmr6B4UGLBLyYdtA2d8IU5n+81EofVjPzIAEJ54b2lS6NI=
Last-Modified: Tue, 16 May 2017 01:31:29 GMT
Server: AmazonS3
Date: Tue, 16 May 2017 19:23:36 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 271199226557619 Show response
connect.facebook.net/signals/config/ 232 B
195 B 147ms
147ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/271199226557619?v=2.7.9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

08eb6809b57f86b397767cd23ab0f7453f812ed4f62da7514279fb1badd0bb9c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net .atlassolutions.com blob: data: 'self' .m-freeway.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com .fbcdn.net .facebook.net .spotilocal.com: .akamaihd.net wss://.facebook.com:* https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:path: /signals/config/271199226557619?v=2.7.9
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: connect.facebook.net
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: 6Ojosbo81MaGu16x4cpXECoTqJkmlC3G8Odq5Ah0kIGp8zHbsMzH+dOSOGhDsSLHjTS2gNehHYqtYr5Wh2ir3w==
x-frame-options: DENY
date: Tue, 16 May 2017 19:23:36 GMT
strict-transport-security: max-age=15552000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
access-control-allow-method: OPTIONS
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.0

200
OK

mapuser
ums.adtech.de/
Redirect Chain

https://d.adroll.com/cm/aol/out
https://ums.adtech.de/mapuser?providerid=1076;userid=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU

0
0

25ms
6ms

Image
text/plain

195.93.42.12
AOL Transit Data ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ums.adtech.de/mapuser?providerid=1076;userid=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.0
Security: TLS 1.2, RSA, AES_128_CBC
Server: 195.93.42.12 , United Kingdom, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS: adtech-ssp-ums-adtech-frr-a.evip.aol.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ums.adtech.de
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ums.adtech.de/mapuser?providerid=1076;userid=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:35 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 102

GET
H/1.1

200
OK

Cookie set rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expiration=1526498616
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expiration=1526498616&C=1

43 B
43 B

23ms
18ms

Image
image/gif

104.111.244.113
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expiration=1526498616&C=1
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.244.113 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-244-113.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: dsum-sec.casalemedia.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: CMID=WRtRuLlQJ8QAADtrpGEAAAAD; CMPS=1137
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WRtRuLlQJ8QAADtrpGEAAAAD;domain=casalemedia.com;path=/;expires=Wed, 16 May 2018 19:23:36 GMT CMPS=1137;domain=casalemedia.com;path=/;expires=Mon, 14 Aug 2017 19:23:36 GMT CMPRO=1137;domain=casalemedia.com;path=/;expires=Mon, 14 Aug 2017 19:23:36 GMT CMST=WRtRuFkbUbgA;domain=casalemedia.com;path=/;expires=Wed, 17 May 2017 19:23:36 GMT CMDD=;domain=casalemedia.com;path=/;expires=Wed, 17 May 2017 19:23:36 GMT CMRUM3=69591b51b82760MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU;domain=casalemedia.com;path=/;expires=Wed, 16 May 2018 19:23:36 GMT CMSC=WRtRuA**;domain=casalemedia.com;path=/;
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 May 2017 19:23:36 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: Apache
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expiration=1526498616&C=1
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: CMID=WRtRuLlQJ8QAADtrpGEAAAAD;domain=casalemedia.com;path=/;expires=Wed, 16 May 2018 19:23:36 GMT CMPS=1137;domain=casalemedia.com;path=/;expires=Mon, 14 Aug 2017 19:23:36 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 16 May 2017 19:23:36 GMT

GET
H/1.1

200
OK

Cookie set tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expires=365
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expires=365

42 B
42 B

25ms
24ms

Image
image/gif

62.67.193.85
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expires=365
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 62.67.193.85 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: pixel.rubiconproject.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: c=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:35 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rpb=194538%3D1; Domain=.rubiconproject.com; Expires=Thu, 15-Jun-2017 19:23:36 GMT; Path=/ put_3644=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU; Domain=.rubiconproject.com; Expires=Wed, 16-May-2018 18:59:59 GMT; Path=/ rpx=194538%3D64619%2C0%2C1%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Thu, 15-Jun-2017 19:23:36 GMT; Path=/ khaos=J2RY55DW-A-IMHG; Domain=.rubiconproject.com; Expires=Wed, 15-Nov-2017 07:23:36 GMT; Path=/
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: hbM9ppAJr3E_xjEix-tkzg
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:35 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: /tap.php?cookie_redirect=1&v=194538&nid=3644&put=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&expires=365
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: c=1; Path=/
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

Cookie set Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU

1 B
1 B

56ms
14ms

Image
text/html

198.47.127.15
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, 3DES_EDE_CBC
Server: 198.47.127.15 Redwood City, United States, ASN3257 (GTT-BACKBONE GTT, DE),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: simage2.pubmatic.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
X-lat: Pug22012:0:699
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie: KRTBCOOKIE_10=22808-MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&KRTB&22883-MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU; domain=pubmatic.com; expires=Wed, 20-Jun-2018 19:23:36 GMT; path=/ PUBRETARGET=dummy; domain=pubmatic.com; expires=Tue, 16-May-2017 19:23:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Mon, 14-Aug-2017 19:23:36 GMT; path=/
Cache-Control: no-store, no-cache, private
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:36 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 161

GET
H2

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU

0
0

28ms
14ms

Image
text/plain

151.101.114.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /sg/adroll-network/1/rtb-h/?taboola_hm=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: trc.taboola.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
via: 1.1 varnish
x-timer: S1494962616.467210,VS0,VE8
x-served-by: cache-hhn1525-HHN
x-cache: MISS
status: 204
x-cache-hits: 0
set-cookie: t_gid=71cf32d3-19ff-4b9e-9298-6e09275749a1;Path=/;Domain=.taboola.com;Expires=Wed, 16-May-2018 19:23:36 GMT taboola_usg=GgQQmc5A;Path=/;Domain=.taboola.com;Expires=Wed, 16-May-2018 19:23:36 GMT
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:35 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://d.adroll.com/cm/r/out
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

0
0

132ms
31ms

Image
text/plain

2a00:1288:110:833::4000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:833::4000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ads.yahoo.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Server: ATS
Connection: keep-alive
Age: 0
Content-Length: 0
Strict-Transport-Security: max-age=0

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:36 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 181

GET
H/1.1 200
OK Cookie set out
d.adroll.com/cm/f/ 35 B
35 B 67ms
28ms Image
image/gif 54.75.227.121
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/f/out
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.227.121 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-75-227-121.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: d.adroll.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: __adroll=02dcd6a7083518457cb0c36607302565
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:35 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35

GET
H/1.1

200
OK

Cookie set match
ads.kiosked.com/ul_cb/
Redirect Chain

https://ads.kiosked.com/match?bidder_id=2&external_user_id=f229a0ae-e673-4298-96a7-41578799517c&publisher_id=&dsp_uuid=&dsp_id=
https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=f229a0ae-e673-4298-96a7-41578799517c&publisher_id=&dsp_uuid=&dsp_id=

43 B
43 B

14ms
13ms

Image
image/gif

23.251.140.207
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=f229a0ae-e673-4298-96a7-41578799517c&publisher_id=&dsp_uuid=&dsp_id=
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.251.140.207 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS: 207.140.251.23.bc.googleusercontent.com
Software: nginx/1.7.10 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ads.kiosked.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: tuuid=aacd910f-7663-4de7-aede-2a0b6e4d38ec; tuuid_last_update=1494962616
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.7.10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Set-Cookie: tuuid=aacd910f-7663-4de7-aede-2a0b6e4d38ec; path=/; expires=Thu, 16-May-2019 19:23:36 GMT; domain=ads.kiosked.com tuuid_last_update=1494962616; path=/; expires=Thu, 16-May-2019 19:23:36 GMT; domain=ads.kiosked.com tuuid=; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT umdd=!2,,f229a0ae-e673-4298-96a7-41578799517c,264205416; path=/; expires=Thu, 16-May-2019 19:23:36 GMT; domain=ads.kiosked.com
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.7.10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=f229a0ae-e673-4298-96a7-41578799517c&publisher_id=&dsp_uuid=&dsp_id=
Connection: keep-alive
Set-Cookie: tuuid=aacd910f-7663-4de7-aede-2a0b6e4d38ec; path=/; expires=Thu, 16-May-2019 19:23:36 GMT; domain=ads.kiosked.com tuuid_last_update=1494962616; path=/; expires=Thu, 16-May-2019 19:23:36 GMT; domain=ads.kiosked.com
Content-Length: 0
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://d.adroll.com/cm/w/out
https://analytics.twitter.com/i/adsct?p_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&p_id=823423

43 B
92 B

127ms
112ms

Image
image/gif

104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&p_id=823423

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /i/adsct?p_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&p_id=823423
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: analytics.twitter.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 200 OK
x-twitter-response-tags: BouncerCompliant
x-connection-hash: 9f4f9888f7f80f0cf325c9cf5684cdff
x-xss-protection: 1; mode=block
x-response-time: 106
pragma: no-cache
last-modified: Tue, 16 May 2017 19:23:36 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
set-cookie: guest_id=v1%3A149496261652842933; Domain=.twitter.com; Path=/; Expires=Thu, 16-May-2019 19:23:36 UTC
x-transaction: 00919291003ec085
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://analytics.twitter.com/i/adsct?p_user_id=MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU&p_id=823423
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:35 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 109

GET
H/1.1

200
OK

pxj
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU%27)

0
0

58ms
19ms

Image
text/html

185.33.223.45
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU%27)

Requested by

Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.33.223.45 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.11.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: ib.adnxs.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:38 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 195.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.154:80
AN-X-Request-Uuid: e571a49b-ca82-440a-8790-d8d3147d7be2
Server: nginx/1.11.5
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('MDJkY2Q2YTcwODM1MTg0NTdjYjBjMzY2MDczMDI1NjU')
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565; Version=1; Expires=Fri, 15-Jun-2018 19:23:36 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 113

GET
H/1.1

200
OK

Cookie set 377928.gif
idsync.rlcdn.com/
Redirect Chain

https://idsync.rlcdn.com/377928.gif?partner_uid=02dcd6a7083518457cb0c36607302565
https://idsync.rlcdn.com/377928.gif?partner_uid=02dcd6a7083518457cb0c36607302565&redirect=1

43 B
43 B

180ms
104ms

Image
image/gif

52.73.205.133
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/377928.gif?partner_uid=02dcd6a7083518457cb0c36607302565&redirect=1
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.205.133 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-73-205-133.compute-1.amazonaws.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: idsync.rlcdn.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: ck1=ck1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Set-Cookie: rlas3=F5DxIEwZoCw9vO8zhiQvqP9Bs1YXUfv8pxXJX2c2ZFOMyA9jEACu5w==;Domain=.rlcdn.com;Expires=Sun, 12-Nov-2017 19:23:36 GMT rtn1-z=IaPVs8VHz+TQGzCL2GvoNnuw+nqIJYuQvMoNSymbV1M=;Domain=.rlcdn.com;Expires=Sun, 12-Nov-2017 19:23:36 GMT
P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length: 43
Connection: keep-alive
Content-Type: image/gif; charset=ISO-8859-1

Redirect headers

P3P: CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Location: https://idsync.rlcdn.com/377928.gif?partner_uid=02dcd6a7083518457cb0c36607302565&redirect=1
Set-Cookie: ck1=ck1;Domain=.rlcdn.com;Expires=Sun, 12-Nov-2017 19:23:32 GMT
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif; charset=ISO-8859-1
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537103138&val=02dcd6a7083518457cb0c36607302565
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=02dcd6a7083518457cb0c36607302565

43 B
43 B

15ms
14ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=02dcd6a7083518457cb0c36607302565
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/11.75.6 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: us-u.openx.net
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: i=88d44c25-ce12-4a14-9225-81912e4e2672|1494962616
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: OXGW/11.75.6
Vary: Accept
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, max-age=0, no-cache
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=02dcd6a7083518457cb0c36607302565
Date: Tue, 16 May 2017 19:23:36 GMT
Server: OXGW/11.75.6
Set-Cookie: i=88d44c25-ce12-4a14-9225-81912e4e2672|1494962616; Version=1; Expires=Wed, 16-May-2018 19:23:36 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Content-Length: 0
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

Cookie set in
d.adroll.com/cm/g/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=AtzWpwg1GEV8sMNmBzAlZQ&google_ula=1535926
https://d.adroll.com/cm/g/in?google_ula=1535926,0

35 B
35 B

29ms
28ms

Image
image/gif

54.75.227.121
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.227.121 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-75-227-121.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.2 /
Resource Hash: ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: d.adroll.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: __adroll=02dcd6a7083518457cb0c36607302565
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Server: nginx/1.10.2
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie: __adroll=02dcd6a7083518457cb0c36607302565-g_1494962616; Version=1; Expires=Fri, 15-Jun-2018 19:23:36 GMT; Max-Age=34128000; Path=/
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Tue, 16 May 2017 19:23:36 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control: no-cache, must-revalidate
set-cookie: id=2222505a733c0034||t=1494962616|et=730|cs=002213fd484f5d6ae2b221c6cc; expires=Thu, 16-May-2019 19:23:36 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUlilNYS4Bonrn7gDpb20LeI78Z6iSoufiCGRHh3DIJFSL-YqiYT2A; expires=Thu, 16-May-2019 19:23:36 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 246
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
53 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=271199226557619&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962616449&cd[segment_eid]=FFO7TZIFCFDQLOBYNKQ5EZ&v=2.7.9&ec=0&o=4
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path: /tr/?id=271199226557619&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962616449&cd[segment_eid]=FFO7TZIFCFDQLOBYNKQ5EZ&v=2.7.9&ec=0&o=4
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.facebook.com
cookie: fr=0bIfPH4EImSBDiV0q..BZG1G4...1.0.BZG1G4.
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
set-cookie
content-length: 44
expires: Tue, 16 May 2017 19:23:36 GMT

POST
H/1.1 200
OK frontError.php Show response
front.optimonk.com/logger/ 0
0 30ms
30ms XHR
text/html 46.51.202.68
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://front.optimonk.com/logger/frontError.php?account=15473&type=load
Requested by: Host: front.optimonk.com
URL: https://front.optimonk.com/public/15473/js/preload.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.202.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-46-51-202-68.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Origin: https://www.ivanti.com
Accept-Encoding: gzip, deflate, br
Host: front.optimonk.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection: keep-alive
Content-Length: 1159
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin: https://www.ivanti.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 16 May 2017 19:23:36 GMT
Content-Encoding: none
Server: Apache
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Expires: Tue, 16 May 2017 19:23:36 GMT
Cache-Control: max-age=0, public
Connection: keep-alive
Content-Length: 0
X-UA-Compatible: IE=Edge,chrome=1

GET
H2 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
6 KB 9ms
8ms Script
application/javascript 2400:cb00:2048:1::6810:50a6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

e61c7f56c3fb5b17270ffd87a4c738d40cd2370b9a192b0234dc3bbb90bc89b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

:path: /next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: c.disquscdn.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 6603
timing-allow-origin: *
last-modified: Mon, 24 Oct 2016 20:57:14 GMT
server: cloudflare-nginx
fastly-debug-digest: baac760ca1e6f62ea6380d62d4f07b5dfbb97755c19df0448623d4ede950e2e4
etag: "580e75aa-19cb"
strict-transport-security: max-age=300; includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 3600b661bc47275c-FRA
expires: Wed, 25 Oct 2017 19:15:13 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 179 B
179 B 50ms
37ms XHR
text/javascript 151.101.112.64
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&subId=4875862&v=1&jsonp=vglnk_jsonp_14949626166170
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.64 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 74b5073ac85e1db4c7243d8cd07316a3cebe8ab773e34a3c0e3c44b17fb2c476

Request headers

Pragma: no-cache
Origin: https://www.ivanti.com
Accept-Encoding: gzip, deflate, sdch, br
Host: links.services.disqus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: disqus_unique=4ieu5in2g2iqn5
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin: https://www.ivanti.com

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:36 GMT
Via: 1.1 varnish
Server: Apache-Coyote/1.1
X-Timer: S1494962617.631401,VS0,VE31
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.ivanti.com
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript;charset=UTF-8
Content-Length: 179
X-Served-By: cache-hhn1526-HHN

GET
H2 200 / Show response
www.ivanti.com/blog/breaking-large-scale-cyber-attack/ 17 B
76 B 300ms
298ms Script
text/html 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/?cf_action=sync_comments&post_id=16684
Requested by: Host: blog.ivanti.com
URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 4534997b249e629ce477624b7616511c9d2cea2f5562dcbf230ea091a0a4135f

Request headers

:path: /blog/breaking-large-scale-cyber-attack/?cf_action=sync_comments&post_id=16684
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614; _ga=GA1.2.696872105.1494962616; _gid=GA1.2.28249053.1494962616; _gat_UA-88957721-1=1; _uetsid=_uetcfc6b1b4; _mkto_trk=id:635-QZI-186&token:_mch-ivanti.com-1494962615949-85598; __lc.visitor_id.1082968=S1494962616.45c7796e44; __ar_v4=%7CG24WZIE6VBGA3PWU7NRQRR%3A20170515%3A1%7CM7DED2HG3BAN5O3GZ46YT3%3A20170515%3A1%7CFFO7TZIFCFDQLOBYNKQ5EZ%3A20170515%3A1; optiMonkClient={"15473":{"fv":1494962616,"lv":1494962616,"nopv":1,"ca":{"25":{"act":0,"cr":"28","s":"init","tua":0,"nod":0,"app":0},"26":{"act":0,"cr":"30","s":"init","tua":0,"nod":0,"app":0},"27":{"act":0,"cr":"32","s":"init","tua":0,"nod":0,"app":0},"28":{"act":0,"cr":"50","s":"init","tua":0,"nod":0,"app":0},"29":{"act":0,"cr":"36","s":"init","tua":0,"nod":0,"app":0},"31":{"act":0,"cr":"38","s":"init","tua":0,"nod":0,"app":0},"34":{"act":0,"cr":"44","s":"init","tua":0,"nod":0,"app":0},"38":{"act":0,"cr":"54","s":"init","tua":0,"nod":0,"app":0},"47":{"act":0,"cr":"87","s":"init","tua":0,"nod":0,"app":0}}}}; optiMonkSession=1494962616; lc_window_state=minimized
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

cf-ray: 3600b6622b8d2372-FRA
date: Tue, 16 May 2017 19:23:36 GMT
via: 1.1 varnish
server: cloudflare-nginx
x-timer: S1494962617.673648,VS0,VE289
x-served-by: cache-fra1249-FRA
vary: Accept-Encoding
x-cache: MISS
content-type: text/html; charset=UTF-8
status: 200
host-header: 192fc2e7e50945beb8231a492d6a8024
content-encoding: gzip
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1905 337 B
262 B 9ms
8ms Stylesheet
text/css 2400:cb00:2048:1::6810:50a6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

:path: /next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: c.disquscdn.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 244
timing-allow-origin: *
last-modified: Thu, 10 Nov 2016 18:57:57 GMT
server: cloudflare-nginx
fastly-debug-digest: ddbb547324842fbef412f9cb6a75e494efb72ac30deb102492dc2845863dccf3
etag: "5824c335-f4"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 3600b6623c83275c-FRA
expires: Fri, 10 Nov 2017 19:10:06 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1905 337 B
262 B 13ms
13ms Stylesheet
text/css 2400:cb00:2048:1::6810:50a6
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:50a6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),

Reverse DNS

Software

cloudflare-nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

:path: /next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: c.disquscdn.com
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme: https
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:36 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
status: 200
content-length: 244
timing-allow-origin: *
last-modified: Thu, 10 Nov 2016 18:57:57 GMT
server: cloudflare-nginx
fastly-debug-digest: ddbb547324842fbef412f9cb6a75e494efb72ac30deb102492dc2845863dccf3
etag: "5824c335-f4"
strict-transport-security: max-age=300; includeSubdomains
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 3600b6624c8c275c-FRA
expires: Fri, 10 Nov 2017 19:10:06 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ 43 B
43 B 126ms
125ms Image
image/gif 151.101.112.134
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://referrer.disqus.com/juggler/event.gif?imp=4igl9a22midq87&experiment=network_default&variant=fallthrough&service=dynamic&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&area=top&product=embed&forum=http-blog-ivanti-com&zone=thread&version=cc9da4ac74e3e5dced15c079995f3bfd&page_url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&page_referrer=&object_type=provider&object_id=adsnative&provider=adsnative&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&event=activity&section=default&verb=fail&adverb=no_height&forum_id=4875862
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: referrer.disqus.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: disqus_unique=4ieu5in2g2iqn5; G_ENABLED_IDPS=google
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:37 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
84 B 116ms
115ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx61s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx61s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: */*
cache-control: no-cache
:authority: analytics.twitter.com
cookie: guest_id=v1%3A149496261652842933
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 200 OK
x-twitter-response-tags: BouncerCompliant
x-connection-hash: 9f4f9888f7f80f0cf325c9cf5684cdff
x-xss-protection: 1; mode=block
x-response-time: 108
pragma: no-cache
last-modified: Tue, 16 May 2017 19:23:38 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
set-cookie: personalization_id="v1_4urLyeGYfIaoHlTRKSyTSA=="; Expires=Thu, 16 May 2019 19:23:38 GMT; Path=/; Domain=.twitter.com
x-transaction: 0015b7d800d821b7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

Cookie set / Show response
dc.ads.linkedin.com/collect/
Redirect Chain

https://www.linkedin.com/csp/dtag?p=9&_x=%2526opid%253D44496%2526fmt%253Djs%2526ref%253D%2526ck%253D%2526url%253Dhttps%25253A%25252F%25252Fwww.ivanti.com%25252Fblog%25252Fbreaking-large-scale-cyber...
https://dc.ads.linkedin.com/collect/?pid=6883&opid=44496&fmt=js&ref=&ck=&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&s=1&pageUrl=https%3A%2F%2Fwww.ivanti.com%2Fbl...

487 B
487 B

38ms
37ms

Script
text/javascript

54.247.73.98
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dc.ads.linkedin.com/collect/?pid=6883&opid=44496&fmt=js&ref=&ck=&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&s=1&pageUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&time=1494962618356&3pc=true&an_user_id=1491662622060862596
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.247.73.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-247-73-98.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 32942e1a0911cdd847cae68627a3bc27f12e6eed63371da8de9886a3665b1499

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: dc.ads.linkedin.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: BizoID=8e47cfb6-ebcb-4ad6-9bc7-309c8cf522f5; bcookie="v=2&322648f3-17fe-4986-8b30-6494f5b861e8"; lidc="b=TGST06:g=370:u=1:i=1494962619:t=1495049019:s=AQFWKecC8rnlfVDOhywOQZjzj49nMvls"
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:39 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Content-Language: en-US
Set-Cookie: BizoUserMatchHistory=3T4ipkQIXDvL3WSGVEEUr9gR1rYcygTlqipK6Aa07aM4zavZqBskunqP4JeP4gp7YZMD6is2p0MqBoii6isPaOliifrde1vKyXTaA8EYMLlw9bSXJcuAiiCZHKmKUvNgUnOhTVe; Domain=.ads.linkedin.com; Expires=Wed, 15-Nov-2017 07:23:39 GMT; Path=/; Secure BizoID=8e47cfb6-ebcb-4ad6-9bc7-309c8cf522f5; Domain=.ads.linkedin.com; Expires=Wed, 15-Nov-2017 07:23:39 GMT; Path=/; Secure BizoData=Jr3BxHJOIisPCQzQoAwVXlvloFMxlQxuoDxIChKesQhD0lhbt04Wh0nJA3Dbql4IDNE3PPkV0e5ujNKL9BAmXWZdis3v7CtG43lLQIkLmzbOSBcISJuylJBzxqjZvXhVsI5iiGzz2sJE68PwtBCOMQYpLoism0dAv0RH8xdFa4XCI6nisgf2H3l6j8WTuiswTkuBMiss0FcnFyVOh9qUUlbKisfl8ipvU7dXDIiiLwN18w5jSnzrIPVIm6U6IUBenipK6Y3ii4l0Cu9hQfg1bMuisRMEfrisHVpvcu5ogFFxxqc3sTHiptNx6XeqWGnkBipRYgieie; Domain=.ads.linkedin.com; Expires=Wed, 15-Nov-2017 07:23:39 GMT; Path=/; Secure
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 487

Redirect headers

date: Tue, 16 May 2017 19:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-li-fabric: prod-ltx1
status: 302
x-li-uuid: +fHwyJQsvxSAYAc1+ioAAA==
server: Apache-Coyote/1.1
pragma: no-cache
x-li-pop: PROD-IDB2
vary: Accept-Encoding
content-language: en-US
location: https://dc.ads.linkedin.com/collect/?pid=6883&opid=44496&fmt=js&ref=&ck=&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&s=1&pageUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&time=1494962618356&3pc=true&an_user_id=1491662622060862596
x-xss-protection: 1; mode=block
cache-control: no-store,private
set-cookie: bcookie="v=2&322648f3-17fe-4986-8b30-6494f5b861e8"; domain=.linkedin.com; Path=/; Expires=Fri, 17-May-2019 07:01:10 GMT bscookie="v=1&20170516192338310bd186-3124-411c-8752-9983564ad4baAQEe3ENssg9B0o3jchEpngD69Ne3tveY"; domain=.www.linkedin.com; Path=/; Secure; Expires=Fri, 17-May-2019 07:01:10 GMT; HttpOnly lidc="b=TGST06:g=370:u=1:i=1494962619:t=1495049019:s=AQFWKecC8rnlfVDOhywOQZjzj49nMvls"; Expires=Wed, 17 May 2017 19:23:39 GMT; domain=.linkedin.com; Path=/
x-li-proto: http/2
x-fs-uuid: f9f1f0c8942cbf1480600735fa2a0000

GET
H2 200 cropped-favicon-ivanti-192x192.png
blog.ivanti.com/wp-content/uploads/2017/01/ 476 B
494 B 472ms
471ms Other
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/01/cropped-favicon-ivanti-192x192.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 6f4ce4d5a09c276bb9107cb234132f65fd7b844be06d429c8ab86e5961ca346b

Request headers

:path: /wp-content/uploads/2017/01/cropped-favicon-ivanti-192x192.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614; _ga=GA1.2.696872105.1494962616; _gid=GA1.2.28249053.1494962616; _gat_UA-88957721-1=1; _uetsid=_uetcfc6b1b4; _mkto_trk=id:635-QZI-186&token:_mch-ivanti.com-1494962615949-85598; __lc.visitor_id.1082968=S1494962616.45c7796e44; lc_window_state=minimized
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:38 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=2330
status: 200
content-disposition: inline; filename="cropped-favicon-ivanti-192x192.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 476
last-modified: Tue, 24 Jan 2017 21:20:10 GMT
server: cloudflare-nginx
etag: "91a-546ddae53d680"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:38 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b66cc8a82372-FRA
x-proxy-cache: HIT
cf-bgj: imgq:85

GET
H2 200 cropped-favicon-ivanti-32x32.png
blog.ivanti.com/wp-content/uploads/2017/01/ 76 B
94 B 451ms
451ms Other
image/webp 2400:cb00:2048:1::6818:8210
CloudFlare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ivanti.com/wp-content/uploads/2017/01/cropped-favicon-ivanti-32x32.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2400:cb00:2048:1::6818:8210 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software: cloudflare-nginx /
Resource Hash: 98cc6a7eb40b5343ab5b3f24cbb4db9e2f50d8cc7045f6e855af11c6c5bb8909

Request headers

:path: /wp-content/uploads/2017/01/cropped-favicon-ivanti-32x32.png
pragma: no-cache
accept-encoding: gzip, deflate, sdch, br
accept-language: en-US,en;q=0.8
user-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept: image/webp,image/*,*/*;q=0.8
cache-control: no-cache
:authority: blog.ivanti.com
cookie: __cfduid=da50cfe66d11ef1ee29854cdbd2008f351494962614; _ga=GA1.2.696872105.1494962616; _gid=GA1.2.28249053.1494962616; _gat_UA-88957721-1=1; _uetsid=_uetcfc6b1b4; _mkto_trk=id:635-QZI-186&token:_mch-ivanti.com-1494962615949-85598; __lc.visitor_id.1082968=S1494962616.45c7796e44; lc_window_state=minimized
:scheme: https
referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method: GET
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date: Tue, 16 May 2017 19:23:39 GMT
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=161
status: 200
content-disposition: inline; filename="cropped-favicon-ivanti-32x32.webp"
host-header: 192fc2e7e50945beb8231a492d6a8024
content-length: 76
last-modified: Tue, 24 Jan 2017 21:20:10 GMT
server: cloudflare-nginx
etag: "a1-546ddae53d680"
vary: Accept
content-type: image/webp
expires: Tue, 16 May 2017 23:23:39 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 3600b66fba082372-FRA
x-proxy-cache: HIT
cf-bgj: imgq:85

GET
H/1.1

200
OK

l
imp2.ads.linkedin.com/
Redirect Chain

https://secure.adnxs.com/seg?add=&add_code=www_ivanti_com,ivanti_com&member=232&redir=https%3A%2F%2Fimp2.ads.linkedin.com%2Fl
https://imp2.ads.linkedin.com/l

42 B
42 B

118ms
30ms

Image
image/gif

79.125.104.21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imp2.ads.linkedin.com/l
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.104.21 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-79-125-104-21.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: imp2.ads.linkedin.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: bcookie="v=2&322648f3-17fe-4986-8b30-6494f5b861e8"; lidc="b=TGST06:g=370:u=1:i=1494962619:t=1495049019:s=AQFWKecC8rnlfVDOhywOQZjzj49nMvls"; BizoUserMatchHistory=3T4ipkQIXDvL3WSGVEEUr9gR1rYcygTlqipK6Aa07aM4zavZqBskunqP4JeP4gp7YZMD6is2p0MqBoii6isPaOliifrde1vKyXTaA8EYMLlw9bSXJcuAiiCZHKmKUvNgUnOhTVe; BizoID=8e47cfb6-ebcb-4ad6-9bc7-309c8cf522f5; BizoData=Jr3BxHJOIisPCQzQoAwVXlvloFMxlQxuoDxIChKesQhD0lhbt04Wh0nJA3Dbql4IDNE3PPkV0e5ujNKL9BAmXWZdis3v7CtG43lLQIkLmzbOSBcISJuylJBzxqjZvXhVsI5iiGzz2sJE68PwtBCOMQYpLoism0dAv0RH8xdFa4XCI6nisgf2H3l6j8WTuiswTkuBMiss0FcnFyVOh9qUUlbKisfl8ipvU7dXDIiiLwN18w5jSnzrIPVIm6U6IUBenipK6Y3ii4l0Cu9hQfg1bMuisRMEfrisHVpvcu5ogFFxxqc3sTHiptNx6XeqWGnkBipRYgieie
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:39 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:41 GMT
X-Proxy-Origin: 148.251.45.170; 148.251.45.170; 202.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.150:80
AN-X-Request-Uuid: 5fd4f9fd-2e31-43d3-8db2-614633630288
Server: nginx/1.11.5
Connection: keep-alive
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://imp2.ads.linkedin.com/l
Cache-Control: no-store, no-cache, private
Set-Cookie: anj=dTM7k!M4/8DYRWSF']wIg2In=k[G#h!]tbPB*SQLOsH`E.g3VsTYi$G; Path=/; Max-Age=7776000; Expires=Mon, 14-Aug-2017 19:23:41 GMT; Domain=.adnxs.com; HttpOnly sess=1; Path=/; Max-Age=86400; Expires=Wed, 17-May-2017 19:23:41 GMT; Domain=.adnxs.com; HttpOnly uuid2=1491662622060862596; Path=/; Max-Age=7776000; Expires=Mon, 14-Aug-2017 19:23:41 GMT; Domain=.adnxs.com; HttpOnly
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Cookie set 1640
imp2.ads.linkedin.com/m/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bizo_bk_cm&google_cm
https://imp2.ads.linkedin.com/m/1640?google_gid=CAESEG2CGSfHMkL2r3HDkwcDUg4&google_cver=1

42 B
42 B

126ms
30ms

Image
image/gif

54.246.86.151
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imp2.ads.linkedin.com/m/1640?google_gid=CAESEG2CGSfHMkL2r3HDkwcDUg4&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.86.151 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-246-86-151.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: imp2.ads.linkedin.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: bcookie="v=2&322648f3-17fe-4986-8b30-6494f5b861e8"; lidc="b=TGST06:g=370:u=1:i=1494962619:t=1495049019:s=AQFWKecC8rnlfVDOhywOQZjzj49nMvls"; BizoUserMatchHistory=3T4ipkQIXDvL3WSGVEEUr9gR1rYcygTlqipK6Aa07aM4zavZqBskunqP4JeP4gp7YZMD6is2p0MqBoii6isPaOliifrde1vKyXTaA8EYMLlw9bSXJcuAiiCZHKmKUvNgUnOhTVe; BizoID=8e47cfb6-ebcb-4ad6-9bc7-309c8cf522f5; BizoData=Jr3BxHJOIisPCQzQoAwVXlvloFMxlQxuoDxIChKesQhD0lhbt04Wh0nJA3Dbql4IDNE3PPkV0e5ujNKL9BAmXWZdis3v7CtG43lLQIkLmzbOSBcISJuylJBzxqjZvXhVsI5iiGzz2sJE68PwtBCOMQYpLoism0dAv0RH8xdFa4XCI6nisgf2H3l6j8WTuiswTkuBMiss0FcnFyVOh9qUUlbKisfl8ipvU7dXDIiiLwN18w5jSnzrIPVIm6U6IUBenipK6Y3ii4l0Cu9hQfg1bMuisRMEfrisHVpvcu5ogFFxxqc3sTHiptNx6XeqWGnkBipRYgieie
X-Client-Data: CIi2yQEIpLbJAQ==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:39 GMT
Server: nginx
P3P: CP="NON DSP COR CURa ADMo DEVo TAIo PSAo PSDo OUR DELa IND PHY ONL UNI COM NAV DEM"
Set-Cookie: BizoUserMatchHistory=638cu1kb8TL3WSGVEEUr9gR1rYcygTlqipK6Aa07aM4zavZqBskunqP4JeP4gp7YZMD6is2p0MqBoii6isPaOliifrde1vKyXTaA8EYMLlw9bSXLDhTjc0aipbCis5fPeWeHvLfGWipF4DqlztnBDRWxDfmmpAieie; Domain=.ads.linkedin.com; Expires=Wed, 15-Nov-2017 07:23:39 GMT; Path=/; Secure
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 May 2017 19:23:39 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://imp2.ads.linkedin.com/m/1640?google_gid=CAESEG2CGSfHMkL2r3HDkwcDUg4&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length: 290
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ping Show response
secure.livechatinc.com/licence/1082968/ 746 B
498 B 147ms
146ms Script
application/x-javascript 172.227.117.156
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/licence/1082968/ping?t=1494962621160&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962616.45c7796e44%22%7D%7D&jsonp=__lc_ping_768208
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a172-227-117-156.deploy.static.akamaitechnologies.com
Software: Cowboy /
Resource Hash: 4f52496d56a682312dd3423a7d49c289f74154b5704580c2d84963cdaf9fc01c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: secure.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: */*
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie: __livechat=lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0; __livechat_lastvisit=ivanti.com%3D1494962616; 3rdparty=allow; recent_window=25309975; message_text=; main_window_timestamp=1494962620961; main_window_timestamp_13=1494962620961
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 May 2017 19:23:41 GMT
Content-Encoding: gzip
Server: Cowboy
Vary: Accept-Encoding
Connection: keep-alive
P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=0, no-cache, no-store
Set-Cookie: __livechat=lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3DOQ22N8LJBH%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D1%26lc_ok_invitation%3D0; Version=1; Expires=Sun, 14-Jun-2020 19:23:41 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly __livechat_lastvisit=ivanti.com%3D1494962621; Version=1; Expires=Sun, 14-Jun-2020 19:23:41 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type: application/x-javascript
Content-Length: 498
Expires: Tue, 16 May 2017 19:23:41 GMT

GET
H/1.1 200
OK a66a8b3e10eb02d804f88d05ee7db837.jpeg
cdn.livechatinc.com/s3/1082968/avatars/ Frame 1905 20 KB
20 KB 9ms
9ms Image
image/jpeg 104.111.240.138
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livechatinc.com/s3/1082968/avatars/a66a8b3e10eb02d804f88d05ee7db837.jpeg
Requested by: Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.240.138 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-111-240-138.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 260f17cb027facf3b053cc2f97c08dcff8a499db0b946ab46047d8db680572be

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, sdch, br
Host: cdn.livechatinc.com
Accept-Language: en-US,en;q=0.8
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept: image/webp,image/*,*/*;q=0.8
Cache-Control: no-cache
Connection: keep-alive
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date: Tue, 16 May 2017 19:23:41 GMT
Cache-Control: public, private, max-age=62374892
Server: Apache
Connection: keep-alive
Content-Type: image/jpeg
Content-Length: 20199
Expires: Wed, 08 May 2019 17:45:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/PAZw4jCkF-8

Domain: secure.livechatinc.com
URL: https://secure.livechatinc.com/licence/1082968/open_chat.cgi?groups=13&embedded=1&session_id=S1494962616.45c7796e44&server=secure.livechatinc.com

Domain: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=http-blog-ivanti-com&t_i=16684%20https%3A%2F%2Fwww.ivanti.com%2Fblog%2F%3Fp%3D16684&t_u=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&t_e=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&t_d=%0ABreaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20&t_t=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&s_o=default&l=

Domain: disqusads.com
URL: https://disqusads.com/ads-iframe/adsnative/?category=tech&display_bidding_enabled=0&stories_allowed=1&an_version=1&position=top&display_allowed=1&video_allowed=1&service=dynamic&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=http-blog-ivanti-com&forum_pk=4875862&forum_shortname=http-blog-ivanti-com&safetylevel=30&t=1494962615&anchorColor=%23da291c&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&typeface=serif&canonicalUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&disqus_version=7fb630f

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1970-01-01 00:00:00	Name: YSC Value: rvJV3BxlEqE
www.ivanti.com/	2021-06-04 19:23:36	Name: optiMonkClient Value: {"15473":{"fv":1494962616,"lv":1494962616,"nopv":1,"ca":{"25":{"act":0,"cr":"28","s":"init","tua":0,"nod":0,"app":0},"26":{"act":0,"cr":"30","s":"init","tua":0,"nod":0,"app":0},"27":{"act":0,"cr":"32","s":"init","tua":0,"nod":0,"app":0},"28":{"act":0,"cr":"50","s":"init","tua":0,"nod":0,"app":0},"29":{"act":0,"cr":"36","s":"init","tua":0,"nod":0,"app":0},"31":{"act":0,"cr":"38","s":"init","tua":0,"nod":0,"app":0},"34":{"act":0,"cr":"44","s":"init","tua":0,"nod":0,"app":0},"38":{"act":0,"cr":"54","s":"init","tua":0,"nod":0,"app":0},"47":{"act":0,"cr":"87","s":"init","tua":0,"nod":0,"app":0}}}}
.ivanti.com/	2019-05-16 19:23:35	Name: _ga Value: GA1.2.696872105.1494962616
.google.com/	2017-11-15 19:23:36	Name: NID Value: 103=Vf5_J8BAcMMA6fNv1dKO1Xbu6n8r7wJsJ52i-3YDnx62Guhv_dPG5gpdN7ho1NpUh0uTx1WdFBm9FyvHZyb3Wh1fUdU2CO2azXq5pL3zRQF5eSuDx6GA70yOGeGRNs-D
.ivanti.com/	2018-05-16 19:23:34	Name: __cfduid Value: da50cfe66d11ef1ee29854cdbd2008f351494962614
.ivanti.com/	2017-05-17 19:23:35	Name: _gid Value: GA1.2.28249053.1494962616
.disqus.com/	2018-05-16 19:23:36	Name: disqus_unique Value: 4ieu5in2g2iqn5
disqus.com/	2017-05-16 19:53:36	Name: __jid Value: 4igl9a22midq87
.www.ivanti.com/	2023-01-29 03:23:36	Name: __ar_v4 Value: %7CG24WZIE6VBGA3PWU7NRQRR%3A20170515%3A1%7CM7DED2HG3BAN5O3GZ46YT3%3A20170515%3A1%7CFFO7TZIFCFDQLOBYNKQ5EZ%3A20170515%3A1
.ivanti.com/	2019-05-16 19:23:35	Name: _mkto_trk Value: id:635-QZI-186&token:_mch-ivanti.com-1494962615949-85598
.ivanti.com/	2017-05-16 19:53:35	Name: _uetsid Value: _uetcfc6b1b4
.livechatinc.com/licence/1082968	2020-06-14 19:23:36	Name: __livechat_lastvisit Value: ivanti.com%3D1494962616
.livechatinc.com/licence/1082968	2020-06-14 19:23:36	Name: __livechat Value: lc_session%3DS1494962616.45c7796e44%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962616%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0
.disqus.com/	9999-12-31 12:00:00	Name: G_ENABLED_IDPS Value: google
.ivanti.com/	2017-05-16 19:24:35	Name: _gat_UA-88957721-1 Value: 1
.facebook.com/	2017-08-14 19:23:36	Name: fr Value: 0bIfPH4EImSBDiV0q..BZG1G4...1.0.BZG1G4.
.youtube.com/	2018-01-15 07:16:35	Name: PREF Value: f1=50000000
.ivanti.com/	1970-01-01 00:00:00	Name: lc_window_state Value: minimized
.livechatinc.com/licence/1082968	1970-01-01 00:00:00	Name: main_window_timestamp Value: 1494962618161
www.ivanti.com/	1970-01-01 00:00:00	Name: optiMonkSession Value: 1494962616
.livechatinc.com/licence/1082968	1970-01-01 00:00:00	Name: message_text Value:
.ivanti.com/	2020-02-10 19:23:36	Name: __lc.visitor_id.1082968 Value: S1494962616.45c7796e44
.youtube.com/	2018-01-15 07:16:35	Name: VISITOR_INFO1_LIVE Value: 0UXjNbOfItc
.livechatinc.com/licence/1082968	1970-01-01 00:00:00	Name: main_window_timestamp_13 Value: 1494962618161
.livechatinc.com/licence/1082968	1970-01-01 00:00:00	Name: 3rdparty Value: allow
.livechatinc.com/licence/1082968	1970-01-01 00:00:00	Name: recent_window Value: 25309975

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://blog.ivanti.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: https://cdn.zarget.com/80509/105543.js(Line 3) Message: Zarget :
console-api	error	URL: https://front.optimonk.com/public/15473/js/preload.js(Line 62) Message: load

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

635-qzi-186.mktoresp.com
ads.kiosked.com
ads.yahoo.com
analytics.twitter.com
bat.bing.com
blog.ivanti.com
c.disquscdn.com
cdn.livechatinc.com
cdn.zarget.com
connect.facebook.net
d.adroll.com
dc.ads.linkedin.com
disqus.com
disqusads.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
http-blog-ivanti-com.disqus.com
ib.adnxs.com
idsync.rlcdn.com
imp2.ads.linkedin.com
links.services.disqus.com
munchkin.marketo.net
pixel.rubiconproject.com
referrer.disqus.com
s.adroll.com
secure.livechatinc.com
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
t.co
themes.googleusercontent.com
trc.taboola.com
ums.adtech.de
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ivanti.com
www.youtube.com
disqus.com
disqusads.com
secure.livechatinc.com
www.youtube.com
104.108.45.199
104.111.225.71
104.111.240.138
104.111.244.113
104.244.42.67
104.244.42.69
104.244.43.16
13.107.21.200
151.101.112.134
151.101.112.64
151.101.114.2
151.101.64.134
172.217.22.98
172.227.117.156
173.241.240.143
185.33.223.45
195.93.42.12
198.47.127.15
199.15.215.200
23.251.140.207
2400:cb00:2048:1::6810:50a6
2400:cb00:2048:1::6818:8210
2400:cb00:2048:1::6818:8310
2a00:1288:110:833::4000
2a00:1450:4001:821::2001
2a00:1450:4001:821::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
2a00:1450:401b:801::2003
2a02:26f0:78:19f::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
46.51.202.68
52.73.205.133
52.85.90.112
54.246.86.151
54.247.73.98
54.75.227.121
54.76.253.168
62.67.193.85
79.125.104.21
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
08eb6809b57f86b397767cd23ab0f7453f812ed4f62da7514279fb1badd0bb9c
0afc90352ecc913458dee869009342ee6c4bc2627dfcf4da64c3a3496bd86d4d
0ca776e8668becd670dda66f0d273a9074f852951abf18ba5340441c5fd0c94b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127842d6e466cac5bde82cd727067ca1e1bce783d768828fd1d858c247e0f40d
1621ca430c41f7317bbd9cf271cd57c13dfb35053401a60f549e078c6327e320
17459769218f2c15fa5fc193239d356f9db1fab196b566b208a96f85ce53c781
1987264e8499e4ccdbad444bacf77e0a266dc4665a894d970f92f554ef7ca23b
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1e616b6c247a49d421851c467056873dd9aaa9e1cf3900bb161ae1b1889f84ac
260f17cb027facf3b053cc2f97c08dcff8a499db0b946ab46047d8db680572be
28b0b03f51551de0682bed42b4cb9d56508a09f636ff48e3f97df64473d311d4
32942e1a0911cdd847cae68627a3bc27f12e6eed63371da8de9886a3665b1499
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34d69de48b65bde0c3e64cb5b11b72d46825c897121be7309fdf7533fa3d2f0f
3b25b859a065148a4b45ffd5b8df4e39fd7d0f77810cbba9897869910149579e
3b96a9e5098a4e3aee948a8277e558ff1de56c055ec5b6399db481a27d3e5c4c
3d4e26de67ea97302d6fe75f2177e1efa710724633e9af46f52ab195d5ebdfb5
4125a8a182a4ab66fa42f836528265b9251a6674fe723e4e08c3c4f050167beb
41f3fe4ce62f3d3f75f6ca8d5c801832f4dc941028ed09cd2ddf5a5b9f0712d3
44b39a06e25dbe68dcf48809d15dd3374692a575456978fd694ee13903ef92f9
4534997b249e629ce477624b7616511c9d2cea2f5562dcbf230ea091a0a4135f
4724c9067466ced8a9b5d7290976e8782d86d0adf4de9842f31522c45c7f56df
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f52496d56a682312dd3423a7d49c289f74154b5704580c2d84963cdaf9fc01c
4f87c2b0b342c2382eb83be1b1426678e85e786249cf7ba876cf79c77b85f661
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
650841dbb10dbde6222ee80bab4ed00f64b23e142bc190a0263365338f3bc2b1
6c561e040160f503c6f608ff0584496cac1e0b3a5858ee628e007a14ac4d310f
6f4ce4d5a09c276bb9107cb234132f65fd7b844be06d429c8ab86e5961ca346b
7256e4064077953570228c5437c3e38294af3767f7dc0354314aa990e964a908
74b5073ac85e1db4c7243d8cd07316a3cebe8ab773e34a3c0e3c44b17fb2c476
7c5ffd72b77134dc61aca30e5b68f84f25ed274a8f5db202e589aa24c419a8cb
7d36c045b22d6da0b15fc356fe9309e24ac61f20768d2f216f890d042111136f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ebb06267aa575b87263b3699bfe3680e364caba99458536f484e8f993dfe279
8815fd355ba9c854703f40ac3bb489ab1a41b5d8dba919590dc67b6284239334
883de2757b75c91b86d6363bea71ce63e9104a61b243191367ef642a50e8e44e
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
8f91aace8937615c79d47c44bc6222f23464a7f4eb9f762e80c2d94e2080ffe2
94688969a11935c2d2a428c856fd0b215894e9d222bc8bec7f0b2be768da1b6f
98cc6a7eb40b5343ab5b3f24cbb4db9e2f50d8cc7045f6e855af11c6c5bb8909
a827505d3c24dac2be8a2082474ab5249aae5dd2e9a9bbf1e2d68cd913d97493
ac82716f6558269fa49ea2cc3aede2586e26946cf1cfad9691704d1b2bc0a227
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae2b8d3b25db6bdf22afd91d5754501d6a52bdf4e89697c4b41f3f6ee3ea65c4
aedb197e0068e18a917fc32550d35e62544499ca06b83324cca9f0d88a3dfa59
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d4939d1fb0046594b52884a198ccd506b9dcd6b47460300f6bacd85d4b074f
b1e76d1a44cff87d061990a48267b376ed8b58187430a7c6ef5c21abcfc3cb4b
b314be9bd5782c13508c0802d599b366f2fa7e2a78909f2eda47db76ed7530f2
b45a45e73ae0a2e7f299b1b4fd331fabbd3b10d91d09b16597a060fad0c1cef4
b71658912f07a6658257013f7db886d9a0d4e9d13a9a44bb35ad19e65d1f95b7
bfb06dfa993502132397ad9589ab6ba754382bce89650d951026c33a8466f8e6
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2fd8786984ff6182f4907ad66c53558d8a246bb0a2c197f871297d3c6290e7e
c56d3ae16344120475d9ea84cf1814c94390896586be0e2c19447cc98e4a66f0
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d8d922f448989ade60acfb5bd0bf2bb6b0c99800a36aeaf27b1553a7cc8b5e58
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c7f56c3fb5b17270ffd87a4c738d40cd2370b9a192b0234dc3bbb90bc89b9
e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f1d0cd6a8d28ec361d452601c4f9c6ec2b9f2651c4a6017b8ba4bbfdd7543a79
f5e1b14529a9e35ce4caf1e8b0bad54823bd67f04300f0caad49ac3f6cd1700a
f73730d3854da675deec7d4bac6cc4a42c324db1caf4cdd91e20a7b8d84dcb67
fc71ac2504dfb63730d102f349e2e7eafbdf6130ce07f91b52bde3297ed2c35a
fd8def02c7550f9b8bee369d4d3765e93d3f2c422b4a9a5d877113a71abd7290
fe0358e3de4b6b30b75037d25b083852693fc0942ea4bb0824fb2a447c273bf1
ff2e8abb5cc499228fed8901f071c013c4510ec9d99d1f6df171405e0472b627

www.ivanti.com Open in urlscan Pro 2400:cb00:2048:1::6818:8210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

100 Requests

96 %HTTPS

31 %IPv6

36 Domains

43 Subdomains

43 IPs

5 Countries

825 kBTransfer

2103 kBSize

26 Cookies

15 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ivanti.com Open in urlscan Pro
2400:cb00:2048:1::6818:8210 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

96 %
HTTPS

31 %
IPv6

36
Domains

43
Subdomains

43
IPs

5
Countries

825 kB
Transfer

2103 kB
Size

26
Cookies

100 HTTP transactions
0 data transactions