urlscan.io logo urlscan.io
SecurityTrails logo

www.ivanti.com Open in urlscan Pro
2400:cb00:2048:1::6818:8310  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack-hits-uk-hospitals/
Effective URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Submission: On May 16 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 5 countries across 35 domains to perform 99 HTTP transactions. The main IP is 2400:cb00:2048:1::6818:8310, located in United States and belongs to CLOUDFLARENET - CloudFlare, Inc., US. The main domain is www.ivanti.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on February 27th 2017. Valid for: 3 years.
This is the only time www.ivanti.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 95.100.185.157 16625 (AKAMAI-AS)
1 216.58.205.226 15169 (GOOGLE)
2 13.107.21.200 8068 (MICROSOFT...)
1 104.244.43.48 13414 (TWITTER)
2 104.108.45.199 16625 (AKAMAI-AS)
1 52.85.90.112 16509 (AMAZON-02)
3 95.100.185.64 16625 (AKAMAI-AS)
3 46.51.202.68 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2a02:26f0:78:... 20940 (AKAMAI-ASN1)
2 2a00:1450:401... 15169 (GOOGLE)
5 151.101.112.134 54113 (FASTLY)
1 104.244.42.69 13414 (TWITTER)
10 172.227.117.156 20940 (AKAMAI-ASN1)
1 199.15.215.200 53580 (MARKETO)
2 2a03:2880:f12... 32934 (FACEBOOK)
6 2400:cb00:204... 13335 (CLOUDFLAR...)
1 151.101.192.134 54113 (FASTLY)
1 195.93.42.12 1668 (AOL-ATDN)
1 95.101.245.177 16625 (AKAMAI-AS)
1 62.67.193.75 26667 (RUBICONPR...)
1 198.47.127.15 62713 (AS-PUBMATIC)
1 151.101.114.2 54113 (FASTLY)
1 2a00:1288:110... 34010 (YAHOO-IRD)
2 54.247.69.81 16509 (AMAZON-02)
1 23.251.140.207 15169 (GOOGLE)
1 104.244.42.67 13414 (TWITTER)
1 185.33.223.200 29990 (ASN-APPNEXUS)
1 54.165.242.147 14618 (AMAZON-AES)
1 173.241.240.143 36089 (OPENX-AS1)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.112.64 54113 (FASTLY)
99 38
27    2400:cb00:2048:1::6818:8310 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
www.ivanti.com
blog.ivanti.com
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.googleapis.com
1    2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.googletagmanager.com
2    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
fonts.gstatic.com
1    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google-analytics.com
3    95.100.185.157 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-185-157.deploy.akamaitechnologies.com
s.adroll.com
1    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: fra15s24-in-f226.1e100.net
www.googleadservices.com
2    13.107.21.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
bat.bing.com
1    104.244.43.48 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
static.ads-twitter.com
2    104.108.45.199 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-45-199.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    52.85.90.112 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-90-112.jfk6.r.cloudfront.net
cdn.zarget.com
3    95.100.185.64 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-185-64.deploy.akamaitechnologies.com
cdn.livechatinc.com
3    46.51.202.68 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-51-202-68.eu-west-1.compute.amazonaws.com
front.optimonk.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    2a02:26f0:78:18c::25ea (European Union)

ASN20940 (AKAMAI-ASN1, US)
snap.licdn.com
2    2a00:1450:401b:801::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
www.google.de
5    151.101.112.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
http-blog-ivanti-com.disqus.com
referrer.disqus.com
1    104.244.42.69 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
10    172.227.117.156 (Cambridge, United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-117-156.deploy.static.akamaitechnologies.com
secure.livechatinc.com
1    199.15.215.200 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, US)
635-qzi-186.mktoresp.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
6    2400:cb00:2048:1::6810:4fa6 (United States)

ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
c.disquscdn.com
1    151.101.192.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
disqus.com
1    195.93.42.12 (United Kingdom)

ASN1668 (AOL-ATDN - AOL Transit Data Network, US)
PTR: adtech-ssp-ums-adtech-frr-a.evip.aol.com
ums.adtech.de
1    95.101.245.177 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-101-245-177.deploy.akamaitechnologies.com
dsum-sec.casalemedia.com
1    62.67.193.75 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
pixel.rubiconproject.com
1    198.47.127.15 (Redwood City, United States)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
simage2.pubmatic.com
1    151.101.114.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
trc.taboola.com
1    2a00:1288:110:422::3000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
ads.yahoo.com
2    54.247.69.81 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-69-81.eu-west-1.compute.amazonaws.com
d.adroll.com
1    23.251.140.207 (Mountain View, United States)

ASN15169 (GOOGLE - Google Inc., US)
PTR: 207.140.251.23.bc.googleusercontent.com
ads.kiosked.com
1    104.244.42.67 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    185.33.223.200 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
ib.adnxs.com
1    54.165.242.147 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-242-147.compute-1.amazonaws.com
idsync.rlcdn.com
1    173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
us-u.openx.net
1    2a00:1450:4001:821::2001 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
themes.googleusercontent.com
1    151.101.112.64 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
links.services.disqus.com
Apex Domain
Subdomains		 Transfer
27 ivanti.com
www.ivanti.com
blog.ivanti.com
319 KB
13 livechatinc.com
cdn.livechatinc.com
secure.livechatinc.com
64 KB
7 disqus.com
http-blog-ivanti-com.disqus.com
disqus.com
referrer.disqus.com
links.services.disqus.com
21 KB
6 disquscdn.com
c.disquscdn.com
185 KB
5 adroll.com
s.adroll.com
d.adroll.com
14 KB
3 facebook.net
connect.facebook.net
9 KB
3 optimonk.com
front.optimonk.com
19 KB
2 facebook.com
www.facebook.com
106 B
2 google.de
www.google.de
102 B
2 marketo.net
munchkin.marketo.net
4 KB
2 bing.com
bat.bing.com
3 KB
2 gstatic.com
fonts.gstatic.com
31 KB
1 googleusercontent.com
themes.googleusercontent.com
41 KB
1 openx.net
us-u.openx.net
43 B
1 rlcdn.com
idsync.rlcdn.com
43 B
1 adnxs.com
ib.adnxs.com
1 twitter.com
analytics.twitter.com
92 B
1 kiosked.com
ads.kiosked.com
43 B
1 yahoo.com
ads.yahoo.com
1 taboola.com
trc.taboola.com
1 pubmatic.com
simage2.pubmatic.com
1 B
1 rubiconproject.com
pixel.rubiconproject.com
42 B
1 casalemedia.com
dsum-sec.casalemedia.com
43 B
1 adtech.de
ums.adtech.de
1 mktoresp.com
635-qzi-186.mktoresp.com
43 B
1 t.co
t.co
92 B
1 licdn.com
snap.licdn.com
8 KB
1 zarget.com
cdn.zarget.com
72 KB
1 ads-twitter.com
static.ads-twitter.com
2 KB
1 googleadservices.com
www.googleadservices.com
4 KB
1 google-analytics.com
www.google-analytics.com
12 KB
1 googletagmanager.com
www.googletagmanager.com
21 KB
1 googleapis.com
fonts.googleapis.com
748 B
0 disqusads.com Failed
disqusads.com Failed
0 youtube.com Failed
www.youtube.com Failed
99 35
Domain Requested by
25 blog.ivanti.com www.ivanti.com
10 secure.livechatinc.com cdn.livechatinc.com
6 c.disquscdn.com http-blog-ivanti-com.disqus.com
3 http-blog-ivanti-com.disqus.com blog.ivanti.com
http-blog-ivanti-com.disqus.com
3 connect.facebook.net www.ivanti.com
connect.facebook.net
3 front.optimonk.com www.ivanti.com
front.optimonk.com
3 cdn.livechatinc.com www.ivanti.com
3 s.adroll.com www.googletagmanager.com
www.ivanti.com
s.adroll.com
2 referrer.disqus.com www.ivanti.com
2 d.adroll.com www.ivanti.com
2 www.facebook.com www.ivanti.com
2 www.google.de www.ivanti.com
2 munchkin.marketo.net www.ivanti.com
munchkin.marketo.net
2 bat.bing.com www.googletagmanager.com
www.ivanti.com
2 fonts.gstatic.com www.ivanti.com
2 www.ivanti.com blog.ivanti.com
1 links.services.disqus.com c.disquscdn.com
1 themes.googleusercontent.com www.ivanti.com
1 us-u.openx.net www.ivanti.com
1 idsync.rlcdn.com www.ivanti.com
1 ib.adnxs.com www.ivanti.com
1 analytics.twitter.com www.ivanti.com
1 ads.kiosked.com www.ivanti.com
1 ads.yahoo.com www.ivanti.com
1 trc.taboola.com www.ivanti.com
1 simage2.pubmatic.com www.ivanti.com
1 pixel.rubiconproject.com www.ivanti.com
1 dsum-sec.casalemedia.com www.ivanti.com
1 ums.adtech.de www.ivanti.com
1 disqus.com http-blog-ivanti-com.disqus.com
1 635-qzi-186.mktoresp.com munchkin.marketo.net
1 t.co www.ivanti.com
1 snap.licdn.com www.ivanti.com
1 cdn.zarget.com www.ivanti.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com www.ivanti.com
1 fonts.googleapis.com www.ivanti.com
0 disqusads.com Failed http-blog-ivanti-com.disqus.com
0 www.youtube.com Failed www.ivanti.com
99 41
Subject Issuer Validity Valid
*.ivanti.com
DigiCert SHA2 High Assurance Server CA		 2017-02-27 -
2020-03-03		 3 years crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-05-03 -
2017-07-26		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G2		 2017-05-03 -
2017-07-26		 3 months crt.sh
*.google.com
Google Internet Authority G2		 2017-05-03 -
2017-07-26		 3 months crt.sh
*.adroll.com
Symantec Class 3 Secure Server CA - G4		 2016-11-07 -
2018-01-06		 a year crt.sh
www.googleadservices.com
Google Internet Authority G2		 2017-05-03 -
2017-07-26		 3 months crt.sh
www.bing.com
Microsoft IT SSL SHA2		 2016-11-04 -
2018-05-04		 a year crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2016-06-08 -
2019-06-13		 3 years crt.sh
*.marketo.net
Symantec Class 3 Secure Server CA - G4		 2016-11-02 -
2017-11-02		 a year crt.sh
cdn.zarget.com
Amazon		 2016-09-12 -
2017-10-12		 a year crt.sh
*.livechatinc.com
Symantec Class 3 ECC 256 bit SSL CA - G2		 2016-11-16 -
2017-11-16		 a year crt.sh
*.optimonk.com
AlphaSSL CA - SHA256 - G2		 2017-04-25 -
2020-04-25		 3 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2016-02-16 -
2019-04-17		 3 years crt.sh
www.google.de
Google Internet Authority G2		 2017-05-03 -
2017-07-26		 3 months crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2015-02-04 -
2018-04-09		 3 years crt.sh
t.co
Symantec Class 3 EV SSL CA - G3		 2015-08-10 -
2017-08-10		 2 years crt.sh
*.mktoresp.com
Go Daddy Secure Certificate Authority - G2		 2015-12-02 -
2018-12-02		 3 years crt.sh
ssl565697.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2016-12-18 -
2017-12-18		 a year crt.sh
ums.adtech.de
Entrust Certification Authority - L1K		 2016-02-22 -
2019-02-21		 3 years crt.sh
san.casalemedia.com
GeoTrust SSL CA - G3		 2017-02-28 -
2017-09-30		 7 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2016-01-12 -
2019-03-01		 3 years crt.sh
*.pubmatic.com
COMODO RSA Organization Validation Secure Server CA		 2016-04-12 -
2019-05-27		 3 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2017-05-09 -
2017-11-16		 6 months crt.sh
ad.yieldmanager.com
Symantec Class 3 Secure Server CA - G4		 2015-08-20 -
2017-08-19		 2 years crt.sh
*.kiosked.com
RapidSSL SHA256 CA		 2016-08-19 -
2019-10-05		 3 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2015-07-30 -
2018-08-03		 3 years crt.sh
*.adnxs.com
GeoTrust SSL CA - G3		 2016-02-25 -
2018-05-26		 2 years crt.sh
*.rlcdn.com
Go Daddy Secure Certificate Authority - G2		 2017-05-08 -
2019-06-21		 2 years crt.sh
*.openx.net
GeoTrust SSL CA - G3		 2014-09-29 -
2017-06-07		 3 years crt.sh
*.googleusercontent.com
Google Internet Authority G2		 2017-05-03 -
2017-07-26		 3 months crt.sh
f.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2017-03-01 -
2018-09-03		 2 years crt.sh

This page contains 8 frames:

Primary Page: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Frame ID: 16068.1
Requests: 90 HTTP requests in this frame

Frame: https://www.youtube.com/embed/PAZw4jCkF-8
Frame ID: 16068.2
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=http-blog-ivanti-com&t_i=16684%20https%3A%2F%2Fwww.ivanti.com%2Fblog%2F%3Fp%3D16684&t_u=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&t_e=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&t_d=%0ABreaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20&t_t=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&s_o=default&l=
Frame ID: 16068.4
Requests: 1 HTTP requests in this frame

Frame: https://disqusads.com/ads-iframe/adsnative/?category=tech&display_bidding_enabled=0&stories_allowed=1&an_version=1&position=top&display_allowed=1&video_allowed=1&service=dynamic&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=http-blog-ivanti-com&forum_pk=4875862&forum_shortname=http-blog-ivanti-com&safetylevel=30&t=1494962303&anchorColor=%23da291c&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&typeface=serif&canonicalUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&disqus_version=7fb630f
Frame ID: 16068.5
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/licence/1082968/open_chat.cgi?groups=13&embedded=1&session_id=S1494962303.f28c40b709&server=secure.livechatinc.com
Frame ID: 16068.7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.livechatinc.com/fonts/minimal/livechat-minimal_337558d286.ttf?i0ym10
Frame ID: 16068.6
Requests: 3 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 16068.8
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 16068.9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

99
Requests

96 %
HTTPS

32 %
IPv6

35
Domains

41
Subdomains

38
IPs

5
Countries

830 kB
Transfer

2109 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 41
  • https://www.google.com/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=187978466.1494962303&jid=1870003936&_v=j54&z=1487134914
  • https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=187978466.1494962303&jid=1870003936&_v=j54&z=1487134914&slf_rd=1&random=3503015336
Request 45
  • https://d.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3?pv=53570580758.132744&cookie=&adroll_s_ref=&keyw=&rpu=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attac...
  • https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
Request 46
  • https://www.google.com/ads/user-lists/1016569662/?random=1494962303298&cv=8&fst=1494962303298&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5...
  • https://www.google.de/ads/user-lists/1016569662/?random=1494962303298&cv=8&fst=1494962303298&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&...
Request 61
  • https://d.adroll.com/cm/aol/out
  • https://ums.adtech.de/mapuser?providerid=1076;userid=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Request 62
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expiration=1526498303
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expiration=1526498303&C=1
Request 63
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expires=365
  • https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expires=365
Request 64
  • https://d.adroll.com/cm/pubmatic/out
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Request 65
  • https://d.adroll.com/cm/taboola/out
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Request 66
  • https://d.adroll.com/cm/r/out
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Request 68
  • https://ads.kiosked.com/match?bidder_id=2&external_user_id=21961632-9a0b-4c2a-a758-67f96219c6e2&publisher_id=&dsp_uuid=&dsp_id=
  • https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=21961632-9a0b-4c2a-a758-67f96219c6e2&publisher_id=&dsp_uuid=&dsp_id=
Request 69
  • https://d.adroll.com/cm/w/out
  • https://analytics.twitter.com/i/adsct?p_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&p_id=823423
Request 70
  • https://d.adroll.com/cm/x/out
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU%27)
Request 71
  • https://idsync.rlcdn.com/377928.gif?partner_uid=38b64aab074e2acd3a4b9eb5daa9d375
  • https://idsync.rlcdn.com/377928.gif?partner_uid=38b64aab074e2acd3a4b9eb5daa9d375&redirect=1
Request 72
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=38b64aab074e2acd3a4b9eb5daa9d375
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=38b64aab074e2acd3a4b9eb5daa9d375
Request 73
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=OLZKqwdOKs06S5612qnTdQ&google_ula=1535926
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0

99 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Redirect Chain
  • https://www.ivanti.com/blog/breaking-large-scale-cyber-attack-hits-uk-hospitals/
  • https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
 		61 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e84e846e94db077a2ffb4565f033b1f2c5596a81c199a679ac1ec1fa9730ebf5

Request headers

:path
/blog/breaking-large-scale-cyber-attack/
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
cache-control
no-cache
:authority
www.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:22 GMT
via
1.1 varnish
x-pingback
https://blog.ivanti.com/xmlrpc.php
x-cache
MISS
status
200
x-cache-hits
0
host-header
192fc2e7e50945beb8231a492d6a8024
content-encoding
gzip
x-served-by
cache-fra1238-FRA
server
cloudflare-nginx
x-timer
S1494962302.139498,VS0,VE846
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cf-ray
3600aeb45cb72378-FRA
link
<https://www.ivanti.com/blog/wp-json/>; rel="https://api.w.org/", <https://www.ivanti.com/blog/?p=16684>; rel=shortlink
x-proxy-cache
MISS

Redirect headers

date
Tue, 16 May 2017 19:18:22 GMT
server
cloudflare-nginx
status
301
location
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
cache-control
max-age=3600
set-cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302; expires=Wed, 16-May-18 19:18:22 GMT; path=/; domain=.ivanti.com; HttpOnly
cf-ray
3600aeb44c9c2378-FRA
expires
Tue, 16 May 2017 20:18:22 GMT
style.min.css
blog.ivanti.com/wp-content/plugins/social-warfare/css/ 		38 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/plugins/social-warfare/css/style.min.css?ver=2.2.3
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
1621ca430c41f7317bbd9cf271cd57c13dfb35053401a60f549e078c6327e320

Request headers

:path
/wp-content/plugins/social-warfare/css/style.min.css?ver=2.2.3
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
5645
last-modified
Fri, 28 Apr 2017 23:12:40 GMT
server
cloudflare-nginx
etag
"99a3-54e4235c1f99c-gzip"
vary
Accept-Encoding
content-type
text/css
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aeb9c90a2378-FRA
x-proxy-cache
MISS
style.css
blog.ivanti.com/wp-content/themes/colormag-pro/ 		53 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/themes/colormag-pro/style.css?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
b45a45e73ae0a2e7f299b1b4fd331fabbd3b10d91d09b16597a060fad0c1cef4

Request headers

:path
/wp-content/themes/colormag-pro/style.css?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 09 Dec 2016 22:51:18 GMT
server
cloudflare-nginx
etag
W/"11f4c-54341978ba580-gzip"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=14400
host-header
192fc2e7e50945beb8231a492d6a8024
cf-ray
3600aeb9c90b2378-FRA
x-proxy-cache
MISS
expires
Tue, 16 May 2017 23:18:23 GMT
css
fonts.googleapis.com/ 		5 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
ESF /
Resource Hash
b1d4939d1fb0046594b52884a198ccd506b9dcd6b47460300f6bacd85d4b074f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Open+Sans%3A400%2C600&ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
br
last-modified
Tue, 16 May 2017 19:18:23 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
x-xss-protection
1; mode=block
expires
Tue, 16 May 2017 19:18:23 GMT
font-awesome.min.css
blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

:path
/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
6666
last-modified
Fri, 09 Dec 2016 22:50:28 GMT
server
cloudflare-nginx
etag
"7187-543419490b500-gzip"
vary
Accept-Encoding
content-type
text/css
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aeb9c90c2378-FRA
x-proxy-cache
MISS
jquery.js
blog.ivanti.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
6c561e040160f503c6f608ff0584496cac1e0b3a5858ee628e007a14ac4d310f

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 09 Dec 2016 22:52:22 GMT
server
cloudflare-nginx
etag
W/"17ba0-543419b5c3580-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
host-header
192fc2e7e50945beb8231a492d6a8024
cf-ray
3600aeb9c90d2378-FRA
x-proxy-cache
MISS
expires
Tue, 16 May 2017 23:18:23 GMT
jquery-migrate.min.js
blog.ivanti.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
4014
last-modified
Fri, 09 Dec 2016 22:52:20 GMT
server
cloudflare-nginx
etag
"2748-543419b3db100-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aeb9c90e2378-FRA
x-proxy-cache
MISS
gtm4wp-form-move-tracker.js
blog.ivanti.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		1 KB
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.6.1
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b

Request headers

:path
/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.6.1
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2017 23:12:26 GMT
server
cloudflare-nginx
etag
W/"60a-54e4234ebb92d-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
host-header
192fc2e7e50945beb8231a492d6a8024
cf-ray
3600aeb9c90f2378-FRA
x-proxy-cache
MISS
expires
Tue, 16 May 2017 23:18:23 GMT
wp-emoji-release.min.js
blog.ivanti.com/wp-includes/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-includes/js/wp-emoji-release.min.js?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
4230
last-modified
Mon, 09 Jan 2017 05:32:26 GMT
server
cloudflare-nginx
etag
"2c96-545a2b1596e80-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aeb9f9242378-FRA
x-proxy-cache
MISS
Ivanti_rgb.png
blog.ivanti.com/wp-content/uploads/2017/01/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.ivanti.com/wp-content/uploads/2017/01/Ivanti_rgb.png
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
94688969a11935c2d2a428c856fd0b215894e9d222bc8bec7f0b2be768da1b6f

Request headers

:path
/wp-content/uploads/2017/01/Ivanti_rgb.png
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=4111
status
200
content-disposition
inline; filename="Ivanti_rgb.webp"
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
1962
last-modified
Fri, 13 Jan 2017 01:59:50 GMT
server
cloudflare-nginx
etag
"100f-545f03065d180"
vary
Accept
content-type
image/webp
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aeba092b2378-FRA
x-proxy-cache
HIT
cf-bgj
imgq:85
GettyImages-637950732-800x445.jpg
blog.ivanti.com/wp-content/uploads/2017/05/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.ivanti.com/wp-content/uploads/2017/05/GettyImages-637950732-800x445.jpg
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
7256e4064077953570228c5437c3e38294af3767f7dc0354314aa990e964a908

Request headers

:path
/wp-content/uploads/2017/05/GettyImages-637950732-800x445.jpg
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=84969
status
200
content-disposition
inline; filename="GettyImages-637950732-800x445.webp"
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
67834
last-modified
Sat, 13 May 2017 16:21:14 GMT
server
cloudflare-nginx
etag
"14be9-54f6a35f94641"
vary
Accept
content-type
image/webp
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aeba19452378-FRA
x-proxy-cache
MISS
cf-bgj
imgq:85
TimeToPatch.png
blog.ivanti.com/wp-content/uploads/2017/05/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.ivanti.com/wp-content/uploads/2017/05/TimeToPatch.png
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
ff2e8abb5cc499228fed8901f071c013c4510ec9d99d1f6df171405e0472b627

Request headers

:path
/wp-content/uploads/2017/05/TimeToPatch.png
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=67449
status
200
content-disposition
inline; filename="TimeToPatch.webp"
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
22268
last-modified
Sat, 13 May 2017 13:51:18 GMT
server
cloudflare-nginx
etag
"10779-54f681dc55f58"
vary
Accept
content-type
image/webp
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aeba19462378-FRA
x-proxy-cache
HIT
cf-bgj
imgq:85
gtm.js
www.googletagmanager.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
34d69de48b65bde0c3e64cb5b11b72d46825c897121be7309fdf7533fa3d2f0f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:path
/gtm.js?id=GTM-58NJHGM
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googletagmanager.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
21350
x-xss-protection
1; mode=block
expires
Tue, 16 May 2017 19:18:23 GMT
PAZw4jCkF-8
www.youtube.com/embed/ Frame 1606 		0
0
cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v13/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
pragma
no-cache
origin
https://www.ivanti.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
Origin
https://www.ivanti.com

Response headers

date
Mon, 15 May 2017 17:00:12 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:46:39 GMT
server
sffe
age
94691
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
15572
x-xss-protection
1; mode=block
expires
Tue, 15 May 2018 17:00:12 GMT
MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
fonts.gstatic.com/s/opensans/v13/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
pragma
no-cache
origin
https://www.ivanti.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=4.7.4
Origin
https://www.ivanti.com

Response headers

date
Sun, 14 May 2017 23:30:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 27 Apr 2015 23:45:12 GMT
server
sffe
age
157682
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
16164
x-xss-protection
1; mode=block
expires
Mon, 14 May 2018 23:30:21 GMT
fontawesome-webfont.woff2
blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path
/wp-content/themes/colormag-pro/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
pragma
no-cache
origin
https://www.ivanti.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
referer
https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://blog.ivanti.com/wp-content/themes/colormag-pro/fontawesome/css/font-awesome.min.css?ver=4.4.0
Origin
https://www.ivanti.com

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
71896
last-modified
Fri, 09 Dec 2016 22:50:32 GMT
server
cloudflare-nginx
etag
"118d8-5434194cdbe00"
vary
Accept-Encoding
access-control-allow-origin
https://www.ivanti.com
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
set-cookie
__cfduid=d9f9bfb10b6f23273a203601c2d4b3e031494962303; expires=Wed, 16-May-18 19:18:23 GMT; path=/; domain=.ivanti.com; HttpOnly
accept-ranges
bytes
cf-ray
3600aeba4bc42738-FRA
x-proxy-cache
MISS
analytics.js
www.google-analytics.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 May 2017 01:31:56 GMT
server
Golfe2
age
4147
date
Tue, 16 May 2017 18:09:16 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
12267
expires
Tue, 16 May 2017 20:09:16 GMT
roundtrip.js
s.adroll.com/j/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.157 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-185-157.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3b96a9e5098a4e3aee948a8277e558ff1de56c055ec5b6399db481a27d3e5c4c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
s.adroll.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

x-amz-version-id
YrQyGI1lvCPL9YiBfYqWLzIOWw223rnx
Content-Encoding
gzip
ETag
"eed90a231548261e9189f0900fd0bc77"
x-amz-request-id
F9CEC0C10B9D71BD
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
8158
x-amz-id-2
jOT30RHI8AGQwl4DSJ03xguNiuxF2cNslllKJrXOygRBuTMQn8dU/3pfC+MgczRlTCWoXTmDBpw=
Last-Modified
Mon, 15 May 2017 23:44:40 GMT
Server
AmazonS3
Date
Tue, 16 May 2017 19:18:23 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
conversion_async.js
www.googleadservices.com/pagead/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
fra15s24-in-f226.1e100.net
Software
cafe /
Resource Hash
7ebb06267aa575b87263b3699bfe3680e364caba99458536f484e8f993dfe279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/conversion_async.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.googleadservices.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
7418607575082404417
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=86400
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length
4406
x-xss-protection
1; mode=block
expires
Tue, 16 May 2017 19:18:23 GMT
Cookie set bat.js
bat.bing.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1e616b6c247a49d421851c467056873dd9aaa9e1cf3900bb161ae1b1889f84ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
bat.bing.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:22 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 May 2017 15:29:32 GMT
Server
Microsoft-IIS/10.0
X-MSEdge-Ref
Ref A: 92B8AA4F5A3E4802AADA62B2B22CC324 Ref B: FRAEDGE0207 Ref C: Tue May 16 12:18:23 2017 PST
ETag
"05660e558c3d21:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private,max-age=1800
Set-Cookie
MUID=09865618FB356E713FE25C9CFF356D4A; domain=.bing.com; expires=Sun, 10-Jun-2018 19:18:23 GMT; path=/; MR=0; domain=bat.bing.com; expires=Sun, 12-Nov-2017 19:18:23 GMT; path=/; MUIDB=33B8EB11729C6AD825B6E19573EE6B85; path=/; httponly; expires=Thu, 16-May-2019 19:18:23 GMT
Accept-Ranges
bytes
Content-Length
3324
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-58NJHGM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.48 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
4f87c2b0b342c2382eb83be1b1426678e85e786249cf7ba876cf79c77b85f661

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
static.ads-twitter.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Age
69718
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Connection
keep-alive
Content-Length
1963
X-Served-By
cache-tw-fra1-cr1-4-TWFRA1
Last-Modified
Wed, 28 Dec 2016 23:53:52 GMT
X-Timer
S1494962303.200925,VS0,VE0
Etag
"d5d9df51a4d7293c6a63d37d9b36655a+gzip"
Vary
Accept-Encoding,Host
Content-Type
application/javascript; charset=utf-8
Via
1.1 varnish
Cache-Control
no-cache
Accept-Ranges
bytes
munchkin.js
munchkin.marketo.net/ 		1 KB
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.45.199 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-45-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
883de2757b75c91b86d6363bea71ce63e9104a61b243191367ef642a50e8e44e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
munchkin.marketo.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 02 May 2017 03:28:44 GMT
Server
Apache
ETag
"52f682487162dca00a8db14347d422ac:1493695724"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
721
105543.js
cdn.zarget.com/80509/ 		264 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.zarget.com/80509/105543.js
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.90.112 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-90-112.jfk6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f73730d3854da675deec7d4bac6cc4a42c324db1caf4cdd91e20a7b8d84dcb67

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
cdn.zarget.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Fri, 12 May 2017 01:38:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 May 2017 23:51:52 GMT
Server
AmazonS3
Age
33
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 89dbe128b639cdc1367dfadc360947d0.cloudfront.net (CloudFront)
Cache-Control
max-age=120
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
TRtfwGDznZK6jjO_OZ8bxjrtmiVYDfmSuR9vmFkaHAtJYNGjVdDZDQ==
tracking.js
cdn.livechatinc.com/ 		150 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.100.185.64 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-185-64.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
f5e1b14529a9e35ce4caf1e8b0bad54823bd67f04300f0caad49ac3f6cd1700a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
cdn.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 May 2017 09:26:33 GMT
Server
Apache
ETag
"1c0545-25942-54f8ca69ee440"
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=42384
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39516
Expires
Wed, 17 May 2017 07:04:47 GMT
preload.js
front.optimonk.com/public/15473/js/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://front.optimonk.com/public/15473/js/preload.js
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.202.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-51-202-68.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7c5ffd72b77134dc61aca30e5b68f84f25ed274a8f5db202e589aa24c419a8cb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
front.optimonk.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Expires
Wed, 16 May 2018 19:18:23 GMT
Cache-Control
no-cache, max-age=31536000, public
transfer-encoding
chunked
Connection
keep-alive
X-UA-Compatible
IE=Edge,chrome=1
fbevents.js
connect.facebook.net/en_US/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
0ca776e8668becd670dda66f0d273a9074f852951abf18ba5340441c5fd0c94b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/fbevents.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
content-length
8816
x-xss-protection
0
pragma
public
x-fb-debug
qSBCr/kMyUALhKgV+LXVniqMQy2GHBQdJPt6jZeZGsl4TDLXeIFoRdH2MT9MpSrv3ftYqHx/3t9ioc/TQmO2EQ==
x-frame-options
DENY
date
Tue, 16 May 2017 19:18:23 GMT
strict-transport-security
max-age=15552000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:78:18c::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
b314be9bd5782c13508c0802d599b366f2fa7e2a78909f2eda47db76ed7530f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
snap.licdn.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Feb 2017 20:34:49 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7727
GetWellQuick_BlogBanner.jpg
blog.ivanti.com/wp-content/uploads/2017/05/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.ivanti.com/wp-content/uploads/2017/05/GetWellQuick_BlogBanner.jpg
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
127842d6e466cac5bde82cd727067ca1e1bce783d768828fd1d858c247e0f40d

Request headers

:path
/wp-content/uploads/2017/05/GetWellQuick_BlogBanner.jpg
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
HIT
cf-polished
qual=85, origFmt=jpeg, origSize=61980
status
200
content-disposition
inline; filename="GetWellQuick_BlogBanner.webp"
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
11726
last-modified
Mon, 15 May 2017 19:40:17 GMT
server
cloudflare-nginx
etag
"f21c-54f953982bdc7"
vary
Accept
content-type
image/webp
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca3a2378-FRA
x-proxy-cache
HIT
cf-bgj
imgq:85
GettyImages-488808075-390x205.jpg
blog.ivanti.com/wp-content/uploads/2016/07/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.ivanti.com/wp-content/uploads/2016/07/GettyImages-488808075-390x205.jpg
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
46454cb37736b2a0ac901597c888974a6c62a45bb01ec2536913c1519d9675e6

Request headers

:path
/wp-content/uploads/2016/07/GettyImages-488808075-390x205.jpg
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
REVALIDATED
cf-polished
origSize=26509
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
24700
last-modified
Thu, 12 Jan 2017 02:58:35 GMT
server
cloudflare-nginx
etag
"678d-545dce4a9acc0"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca3b2378-FRA
x-proxy-cache
MISS
cf-bgj
imgq:85
GettyImages-521696932-e1486674941664-390x205.jpg
blog.ivanti.com/wp-content/uploads/2017/02/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.ivanti.com/wp-content/uploads/2017/02/GettyImages-521696932-e1486674941664-390x205.jpg
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
ae2b8d3b25db6bdf22afd91d5754501d6a52bdf4e89697c4b41f3f6ee3ea65c4

Request headers

:path
/wp-content/uploads/2017/02/GettyImages-521696932-e1486674941664-390x205.jpg
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=21420
status
200
content-disposition
inline; filename="GettyImages-521696932-e1486674941664-390x205.webp"
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
18846
last-modified
Thu, 09 Feb 2017 21:15:48 GMT
server
cloudflare-nginx
etag
"53ac-5481f7c37932e"
vary
Accept
content-type
image/webp
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca3c2378-FRA
x-proxy-cache
MISS
cf-bgj
imgq:85
GettyImages-491604230-390x205.jpg
blog.ivanti.com/wp-content/uploads/2017/03/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.ivanti.com/wp-content/uploads/2017/03/GettyImages-491604230-390x205.jpg
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
5e7d6933dea4768d974405f69c102bf1172abac86ce9145ae9b8a46473dc53e6

Request headers

:path
/wp-content/uploads/2017/03/GettyImages-491604230-390x205.jpg
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
REVALIDATED
cf-polished
qual=85, origFmt=jpeg, origSize=15176
status
200
content-disposition
inline; filename="GettyImages-491604230-390x205.webp"
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
11568
last-modified
Fri, 17 Mar 2017 20:43:05 GMT
server
cloudflare-nginx
etag
"3b48-54af339824468"
vary
Accept
content-type
image/webp
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca3d2378-FRA
x-proxy-cache
MISS
cf-bgj
imgq:85
script.min.js
blog.ivanti.com/wp-content/plugins/social-warfare/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/plugins/social-warfare/js/script.min.js?ver=2.2.3
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
3b25b859a065148a4b45ffd5b8df4e39fd7d0f77810cbba9897869910149579e

Request headers

:path
/wp-content/plugins/social-warfare/js/script.min.js?ver=2.2.3
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
3488
last-modified
Fri, 28 Apr 2017 23:12:40 GMT
server
cloudflare-nginx
etag
"251c-54e4235c2110c-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca302378-FRA
x-proxy-cache
MISS
comment-reply.min.js
blog.ivanti.com/wp-includes/js/ 		1 KB
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-includes/js/comment-reply.min.js?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
589
last-modified
Fri, 09 Dec 2016 22:52:09 GMT
server
cloudflare-nginx
etag
"436-543419a95d840-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca322378-FRA
x-proxy-cache
HIT
jquery.newsTicker.min.js
blog.ivanti.com/wp-content/themes/colormag-pro/js/news-ticker/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/themes/colormag-pro/js/news-ticker/jquery.newsTicker.min.js?ver=1.0.0
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
1987264e8499e4ccdbad444bacf77e0a266dc4665a894d970f92f554ef7ca23b

Request headers

:path
/wp-content/themes/colormag-pro/js/news-ticker/jquery.newsTicker.min.js?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
1102
last-modified
Fri, 09 Dec 2016 22:51:08 GMT
server
cloudflare-nginx
etag
"da9-5434196f30f00-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca332378-FRA
x-proxy-cache
MISS
navigation.min.js
blog.ivanti.com/wp-content/themes/colormag-pro/js/ 		1015 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/themes/colormag-pro/js/navigation.min.js?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
41f3fe4ce62f3d3f75f6ca8d5c801832f4dc941028ed09cd2ddf5a5b9f0712d3

Request headers

:path
/wp-content/themes/colormag-pro/js/navigation.min.js?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
309
last-modified
Fri, 09 Dec 2016 22:51:07 GMT
server
cloudflare-nginx
etag
"3f7-5434196e3ccc0-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca342378-FRA
x-proxy-cache
HIT
jquery.fitvids.min.js
blog.ivanti.com/wp-content/themes/colormag-pro/js/fitvids/ 		2 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/themes/colormag-pro/js/fitvids/jquery.fitvids.min.js?ver=20150311
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
28b0b03f51551de0682bed42b4cb9d56508a09f636ff48e3f97df64473d311d4

Request headers

:path
/wp-content/themes/colormag-pro/js/fitvids/jquery.fitvids.min.js?ver=20150311
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
961
last-modified
Fri, 09 Dec 2016 22:51:03 GMT
server
cloudflare-nginx
etag
"7d0-5434196a6c3c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca352378-FRA
x-proxy-cache
MISS
colormag-custom.min.js
blog.ivanti.com/wp-content/themes/colormag-pro/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/themes/colormag-pro/js/colormag-custom.min.js?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
3d4e26de67ea97302d6fe75f2177e1efa710724633e9af46f52ab195d5ebdfb5

Request headers

:path
/wp-content/themes/colormag-pro/js/colormag-custom.min.js?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
1272
last-modified
Fri, 09 Dec 2016 22:51:02 GMT
server
cloudflare-nginx
etag
"fac-5434196978180-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca362378-FRA
x-proxy-cache
MISS
wp-embed.min.js
blog.ivanti.com/wp-includes/js/ 		1 KB
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-includes/js/wp-embed.min.js?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
751
last-modified
Mon, 09 Jan 2017 05:32:26 GMT
server
cloudflare-nginx
etag
"576-545a2b1596e80-gzip"
vary
Accept-Encoding
content-type
application/javascript
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
3600aebaca372378-FRA
x-proxy-cache
MISS
disqus.js
blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/ 		1 KB
572 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
bfb06dfa993502132397ad9589ab6ba754382bce89650d951026c33a8466f8e6

Request headers

:path
/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2017 23:12:34 GMT
server
cloudflare-nginx
etag
W/"85b-54e423566600f-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
host-header
192fc2e7e50945beb8231a492d6a8024
cf-ray
3600aebaca382378-FRA
x-proxy-cache
HIT
expires
Tue, 16 May 2017 23:18:23 GMT
count.js
blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/ 		703 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/count.js?ver=4.7.4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
7d36c045b22d6da0b15fc356fe9309e24ac61f20768d2f216f890d042111136f

Request headers

:path
/wp-content/plugins/disqus-comment-system/media/js/count.js?ver=4.7.4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Apr 2017 23:12:34 GMT
server
cloudflare-nginx
etag
W/"36f-54e423566600f-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
host-header
192fc2e7e50945beb8231a492d6a8024
cf-ray
3600aebaca392378-FRA
x-proxy-cache
HIT
expires
Tue, 16 May 2017 23:18:23 GMT
sw-icon-font.woff
blog.ivanti.com/wp-content/plugins/social-warfare/fonts/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://blog.ivanti.com/wp-content/plugins/social-warfare/fonts/sw-icon-font.woff?ver=2.2.3
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
c2fd8786984ff6182f4907ad66c53558d8a246bb0a2c197f871297d3c6290e7e

Request headers

:path
/wp-content/plugins/social-warfare/fonts/sw-icon-font.woff?ver=2.2.3
pragma
no-cache
origin
https://www.ivanti.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
blog.ivanti.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin
https://www.ivanti.com

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
cf-cache-status
HIT
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-length
5004
last-modified
Fri, 28 Apr 2017 23:12:40 GMT
server
cloudflare-nginx
etag
"138c-54e4235c214f4"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
https://www.ivanti.com
expires
Tue, 16 May 2017 23:18:23 GMT
cache-control
public, max-age=14400
set-cookie
__cfduid=d76afe2c3c8255ccb5ec464e9a86dd5fd1494962303; expires=Wed, 16-May-18 19:18:23 GMT; path=/; domain=.ivanti.com; HttpOnly
accept-ranges
bytes
cf-ray
3600aebaec442738-FRA
x-proxy-cache
MISS
ga-audiences
www.google.de/pagead/
Redirect Chain
  • https://www.google.com/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=187978466.1494962303&jid=1870003936&_v=j54&z=1487134914
  • https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=187978466.1494962303&jid=1870003936&_v=j54&z=1487134914&slf_rd=1&random=3503015336
 		42 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=187978466.1494962303&jid=1870003936&_v=j54&z=1487134914&slf_rd=1&random=3503015336
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=187978466.1494962303&jid=1870003936&_v=j54&z=1487134914&slf_rd=1&random=3503015336
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.de
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2017 19:18:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 May 2017 19:18:23 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/pagead/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-88957721-1&cid=187978466.1494962303&jid=1870003936&_v=j54&z=1487134914&slf_rd=1&random=3503015336
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
http-blog-ivanti-com.disqus.com/ 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://http-blog-ivanti-com.disqus.com/embed.js
Requested by
Host: blog.ivanti.com
URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
openresty /
Resource Hash
72d0786e64e11daee3c6838ef45dc0c4b8b827772125f3d64d096e4df825546c
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
http-blog-ivanti-com.disqus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
18194
count.js
http-blog-ivanti-com.disqus.com/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://http-blog-ivanti-com.disqus.com/count.js
Requested by
Host: blog.ivanti.com
URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/count.js?ver=4.7.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
http-blog-ivanti-com.disqus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
259361
P3P
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 11 May 2017 20:08:03 GMT
Server
nginx
ETag
"5914c4a3-367"
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Fastly-Debug-Digest
b6f975ecd04a5ce489da7a841091c3fab14aef5410aa4ba7ad8fdad8e7244bef
Cache-Control
public, max-age=86400
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
munchkin.js
munchkin.marketo.net/151/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/151/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.45.199 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-108-45-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
munchkin.marketo.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 Aug 2015 02:19:08 GMT
Server
Apache
ETag
"bd3daad4a1e88a1196d76b6dd3c9deed:1440037148"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR" policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
3503
Expires
Thu, 24 Aug 2017 19:18:23 GMT
FFO7TZIFCFDQLOBYNKQ5EZ.js
s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/
Redirect Chain
  • https://d.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3?pv=53570580758.132744&cookie=&adroll_s_ref=&keyw=&rpu=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attac...
  • https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.157 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-185-157.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
aedb197e0068e18a917fc32550d35e62544499ca06b83324cca9f0d88a3dfa59

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
s.adroll.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

x-amz-version-id
EXzFHjIx43XlGcq7hBj04cRBwg6Y4lVd
Content-Encoding
gzip
ETag
"252a608fd24cf0c64b1570ae2b1dfe90"
x-amz-request-id
DD2462BCF43758D4
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
3932
x-amz-id-2
qadpCZq25xoocZiq3LOA9cIFt/pq49aIdRbNCOW2rI9evxZa5/z7oflZuEx337hslCdqjZ3sBcE=
Last-Modified
Wed, 29 Mar 2017 00:44:23 GMT
Server
AmazonS3
Date
Tue, 16 May 2017 19:18:23 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Tue, 16 May 2017 19:18:23 GMT
X-Segment-Display-Name
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection
keep-alive
Content-Length
0
Pragma
no-cache
X-Conversion-Value
0.0
Server
nginx/1.10.2
X-Rule
*
X-Segment-Eid
FFO7TZIFCFDQLOBYNKQ5EZ
Location
https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
Cache-Control
no-store, no-cache, must-revalidate
X-Pixel-Eid
M7DED2HG3BAN5O3GZ46YT3
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:22 GMT; Max-Age=34128000; Path=/
X-Segment-Name
*
X-Advertisable-Eid
G24WZIE6VBGA3PWU7NRQRR
X-Conversion-Currency
/
www.google.de/ads/user-lists/1016569662/
Redirect Chain
  • https://www.google.com/ads/user-lists/1016569662/?random=1494962303298&cv=8&fst=1494962303298&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5...
  • https://www.google.de/ads/user-lists/1016569662/?random=1494962303298&cv=8&fst=1494962303298&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&...
 		42 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/user-lists/1016569662/?random=1494962303298&cv=8&fst=1494962303298&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&data=window%3Dgoogle_tag_params&frm=0&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&tiba=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&async=1&cdct=2&random=1700246569&fpvtc=/1016569662/%3Frandom%3D1343649374%26cv%3D8%26fst%3D1494961200000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26data%3Dwindow%253Dgoogle_tag_params%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.ivanti.com%252Fblog%252Fbreaking-large-scale-cyber-attack%252F%26tiba%3DBreaking%253A%2520WannaCry%2520Ransomware%2520Exploding%2520Across%2520the%2520Globe%2520-%2520Ivanti%2520Blog%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:401b:801::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ads/user-lists/1016569662/?random=1494962303298&cv=8&fst=1494962303298&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&data=window%3Dgoogle_tag_params&frm=0&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&tiba=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&async=1&cdct=2&random=1700246569&fpvtc=/1016569662/%3Frandom%3D1343649374%26cv%3D8%26fst%3D1494961200000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26data%3Dwindow%253Dgoogle_tag_params%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.ivanti.com%252Fblog%252Fbreaking-large-scale-cyber-attack%252F%26tiba%3DBreaking%253A%2520WannaCry%2520Ransomware%2520Exploding%2520Across%2520the%2520Globe%2520-%2520Ivanti%2520Blog%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google.de
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 May 2017 19:18:23 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 16 May 2017 19:18:23 GMT
x-content-type-options
nosniff
server
adclick_server
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/user-lists/1016569662/?random=1494962303298&cv=8&fst=1494962303298&num=1&fmt=3&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=5&u_nmime=7&data=window%3Dgoogle_tag_params&frm=0&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&tiba=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&async=1&cdct=2&random=1700246569&fpvtc=/1016569662/%3Frandom%3D1343649374%26cv%3D8%26fst%3D1494961200000%26num%3D1%26fmt%3D3%26guid%3DON%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_his%3D2%26u_tz%3D0%26u_java%3Dfalse%26u_nplug%3D5%26u_nmime%3D7%26data%3Dwindow%253Dgoogle_tag_params%26frm%3D0%26url%3Dhttps%253A%252F%252Fwww.ivanti.com%252Fblog%252Fbreaking-large-scale-cyber-attack%252F%26tiba%3DBreaking%253A%2520WannaCry%2520Ransomware%2520Exploding%2520Across%2520the%2520Globe%2520-%2520Ivanti%2520Blog%26async%3D1%26cdct%3D2&ipr=y&ulfeg=n
cache-control
private, max-age=43200
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
1287
x-xss-protection
1; mode=block
expires
Tue, 16 May 2017 19:18:23 GMT
2089655881261153
connect.facebook.net/signals/config/ 		236 B
188 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2089655881261153?v=2.7.9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
44b39a06e25dbe68dcf48809d15dd3374692a575456978fd694ee13903ef92f9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/2089655881261153?v=2.7.9
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
OYABnQ1HGI0wF/9sJRAj37/F4kZejIoUiB6yKXcr2z9+aTTkhzR8vPk4yD22ecziP5F0RenQQ2YGDOLNlDn0tw==
x-frame-options
DENY
date
Tue, 16 May 2017 19:18:23 GMT
strict-transport-security
max-age=15552000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/i/ 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx61s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nx61s&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
t.co
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 200 OK
x-twitter-response-tags
BouncerCompliant
x-xss-protection
1; mode=block
x-response-time
105
pragma
no-cache
last-modified
Tue, 16 May 2017 19:18:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1317cf7f1c7f9867f30aaa14b294083d
x-transaction
00b47e5f0080c95b
expires
Tue, 31 Mar 1981 05:00:00 GMT
0
bat.bing.com/action/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5601375&Ver=2&mid=ef7a5c68-b3c1-6496-d1b0-6151f07228bb&evt=pageLoad&sid=537a4002-1&lt=1182&pi=-1748725250&lg=en-US&sw=1600&sh=1200&sc=24&tl=Breaking:%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog&p=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&r=&rn=687063
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.107.21.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
bat.bing.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
MUID=09865618FB356E713FE25C9CFF356D4A; MR=0; MUIDB=33B8EB11729C6AD825B6E19573EE6B85
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Tue, 16 May 2017 19:18:22 GMT
Cache-Control
no-cache, must-revalidate
Server
Microsoft-IIS/10.0
X-MSEdge-Ref
Ref A: 243FBE80E55E41A2A93D6E684DFCB76D Ref B: FRAEDGE0207 Ref C: Tue May 16 12:18:23 2017 PST
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Cookie set get_dynamic_config.js
secure.livechatinc.com/licence/1082968/ 		694 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/get_dynamic_config.js?t=1494962303334&referrer=&url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&params=&jsonp=__lc_data_222929&groups=13
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
7f3ec89315a54f68561ebe3eb2a7886f81ba348a517ff6f95e016b63594929b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Server
Cowboy
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0; Version=1; Expires=Sun, 14-Jun-2020 19:18:23 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
361
Expires
Tue, 16 May 2017 19:18:23 GMT
Cookie set visitWebPage
635-qzi-186.mktoresp.com/webevents/ 		43 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://635-qzi-186.mktoresp.com/webevents/visitWebPage?_mchNc=1494962303338&_mchCn=&_mchId=635-QZI-186&_mchTk=_mch-ivanti.com-1494962303337-88376&_mchWs=j1RQdQ%253D%253D&_mchHo=www.ivanti.com&_mchPo=&_mchRu=%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&_mchPc=https%3A&_mchVr=151&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/151/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
199.15.215.200 San Mateo, United States, ASN53580 (MARKETO - MARKETO, US),
Reverse DNS
Software
Apache /
Resource Hash
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Pragma
no-cache
Origin
https://www.ivanti.com
Accept-Encoding
gzip, deflate, sdch, br
Host
635-qzi-186.mktoresp.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin
https://www.ivanti.com

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:24 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 16 May 2017 14:18:24 -0500
Server
Apache
Connection
Keep-Alive
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Set-Cookie
BIGipServersjiweb-mch_https=!O0FuJCFYf7PlURs7UjDbfG4cOByWJZhLNUF61XkcQMGAWbpucbIXvln5BJA8NI6+gCVXWJgmIIxtTA4=; path=/
Content-Type
image/gif
Keep-Alive
timeout=5, max=100
Content-Length
43
Expires
-1
load
front.optimonk.com/public/15473/js/ 		61 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.optimonk.com/public/15473/js/load
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/public/15473/js/preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.202.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-51-202-68.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f3c92ca80d62bcff22da8b353a664456fc92f6764879beba9654e0cda5f35f69

Request headers

Pragma
no-cache
Origin
https://www.ivanti.com
Accept-Encoding
gzip, deflate, br
Host
front.optimonk.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Content-Length
98
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin
https://www.ivanti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Expires
Wed, 16 May 2018 19:18:23 GMT
Cache-Control
no-cache, max-age=31536000, public
transfer-encoding
chunked
Connection
keep-alive
X-UA-Compatible
IE=Edge,chrome=1
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2089655881261153&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962303461&v=2.7.9&ec=0&o=4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=2089655881261153&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962303461&v=2.7.9&ec=0&o=4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
fr=0DGXplAcKFWJNDQdq..BZG1B_...1.0.BZG1B_.; expires=Monday, 14-Aug-2017 19:18:23 GMT; path=/; domain=.facebook.com; HttpOnly
content-length
44
expires
Tue, 16 May 2017 19:18:23 GMT
get_static_config.13.1544.3.5.1197.412.143.304.5.4.47.2.7.js
secure.livechatinc.com/licence/1082968/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/get_static_config.13.1544.3.5.1197.412.143.304.5.4.47.2.7.js?&jsonp=__lc_data_static_config&groups=13
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
0afc90352ecc913458dee869009342ee6c4bc2627dfcf4da64c3a3496bd86d4d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
__livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Server
Cowboy
Vary
Accept-Encoding
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
1591
Expires
Tue, 16 May 2017 19:28:06 GMT
lounge.5d3e12b2c6dfd2d251a2140f75c4f7b9.css
c.disquscdn.com/next/embed/styles/ 		74 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.5d3e12b2c6dfd2d251a2140f75c4f7b9.css
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
a827505d3c24dac2be8a2082474ab5249aae5dd2e9a9bbf1e2d68cd913d97493
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/next/embed/styles/lounge.5d3e12b2c6dfd2d251a2140f75c4f7b9.css
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
c.disquscdn.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
14758
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Tue, 09 May 2017 20:35:01 GMT
server
cloudflare-nginx
fastly-debug-digest
5e9119e286a859f10bd181e17e41d1e2b8ba56bc53c58c8f9832ce015e649370
etag
"591227f5-39a6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
3600aebd4edf63a9-FRA
expires
Wed, 09 May 2018 20:42:28 GMT
common.bundle.94805df7d922d8c7efc1170776463a6c.js
c.disquscdn.com/next/embed/ 		241 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.94805df7d922d8c7efc1170776463a6c.js
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
8815fd355ba9c854703f40ac3bb489ab1a41b5d8dba919590dc67b6284239334
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

:path
/next/embed/common.bundle.94805df7d922d8c7efc1170776463a6c.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
c.disquscdn.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
content-length
82571
timing-allow-origin
*
last-modified
Fri, 28 Apr 2017 17:57:06 GMT
server
cloudflare-nginx
fastly-debug-digest
b14e257277e531988fd36469a0a0351aa5570917ba44adb82f5c04456bc0c3fd
etag
"59038272-1428b"
strict-transport-security
max-age=300; includeSubdomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
3600aebd4ee063a9-FRA
expires
Sat, 28 Apr 2018 18:01:46 GMT
lounge.bundle.d084be950e0f51ab6f06a54619af4c90.js
c.disquscdn.com/next/embed/ 		333 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.d084be950e0f51ab6f06a54619af4c90.js
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
fe0358e3de4b6b30b75037d25b083852693fc0942ea4bb0824fb2a447c273bf1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/next/embed/lounge.bundle.d084be950e0f51ab6f06a54619af4c90.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
c.disquscdn.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
status
200
strict-transport-security
max-age=300; includeSubdomains
content-length
85159
x-xss-protection
1; mode=block
timing-allow-origin
*
last-modified
Mon, 15 May 2017 18:39:23 GMT
server
cloudflare-nginx
fastly-debug-digest
2b5ab6b3bee555924b938ded7c6b699daa36930b882a4b455d8c6982c9e704d2
etag
"5919f5db-14ca7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
3600aebd4ee163a9-FRA
expires
Tue, 15 May 2018 18:49:02 GMT
config.js
disqus.com/next/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
f1d0cd6a8d28ec361d452601c4f9c6ec2b9f2651c4a6017b8ba4bbfdd7543a79
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
disqus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
45
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1476
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin
*
sendrolling.js
s.adroll.com/j/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/G24WZIE6VBGA3PWU7NRQRR/M7DED2HG3BAN5O3GZ46YT3/FFO7TZIFCFDQLOBYNKQ5EZ.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.100.185.157 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-185-157.deploy.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4125a8a182a4ab66fa42f836528265b9251a6674fe723e4e08c3c4f050167beb

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
s.adroll.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

x-amz-version-id
DCdta4yOMK.dXSP_scJrHWcfLA8ZfeXW
Content-Encoding
gzip
ETag
"dc33501e63068fdcec9da49b539debbe"
x-amz-request-id
15AF1CFF192A0CDC
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2012
x-amz-id-2
VA3/5j+gZv9VXAYzuCjVZZhkE36xZsbQnsISE4RiePC9dSAbjXSkar8I1njhl62Qjhnk9DVDDUM=
Last-Modified
Tue, 16 May 2017 01:31:29 GMT
Server
AmazonS3
Date
Tue, 16 May 2017 19:18:23 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
271199226557619
connect.facebook.net/signals/config/ 		232 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/271199226557619?v=2.7.9
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
08eb6809b57f86b397767cd23ab0f7453f812ed4f62da7514279fb1badd0bb9c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/signals/config/271199226557619?v=2.7.9
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self' *.m-freeway.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
Q3g+hCsen1qirC0eKhUSa/H+gATNf26FlZvAI/Q1D4xlV2wSGj8SxhobufYRV+lXoBZi6In2qewLFjvouM3UoQ==
x-frame-options
DENY
date
Tue, 16 May 2017 19:18:23 GMT
strict-transport-security
max-age=15552000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
mapuser
ums.adtech.de/
Redirect Chain
  • https://d.adroll.com/cm/aol/out
  • https://ums.adtech.de/mapuser?providerid=1076;userid=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ums.adtech.de/mapuser?providerid=1076;userid=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.0
Security
TLS 1.2, RSA, AES_128_CBC
Server
195.93.42.12 , United Kingdom, ASN1668 (AOL-ATDN - AOL Transit Data Network, US),
Reverse DNS
adtech-ssp-ums-adtech-frr-a.evip.aol.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
ums.adtech.de
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-store, no-cache
Connection
keep-alive
Content-Length
0
Expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ums.adtech.de/mapuser?providerid=1076;userid=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:22 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
102
Cookie set rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expiration=1526498303
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expiration=1526498303&C=1
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expiration=1526498303&C=1
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.245.177 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-101-245-177.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
dsum-sec.casalemedia.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
CMID=WRtQf7lQJ8QAADUgtywAAACC; CMPS=1137
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=WRtQf7lQJ8QAADUgtywAAACC;domain=casalemedia.com;path=/;expires=Wed, 16 May 2018 19:18:23 GMT CMPS=1137;domain=casalemedia.com;path=/;expires=Mon, 14 Aug 2017 19:18:23 GMT CMPRO=1137;domain=casalemedia.com;path=/;expires=Mon, 14 Aug 2017 19:18:23 GMT CMST=WRtQf1kbUH8A;domain=casalemedia.com;path=/;expires=Wed, 17 May 2017 19:18:23 GMT CMDD=;domain=casalemedia.com;path=/;expires=Wed, 17 May 2017 19:18:23 GMT CMRUM3=69591b507f2760MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU;domain=casalemedia.com;path=/;expires=Wed, 16 May 2018 19:18:23 GMT CMSC=WRtQfw**;domain=casalemedia.com;path=/;
Content-Type
image/gif
Content-Length
43
Expires
Tue, 16 May 2017 19:18:23 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
Apache
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expiration=1526498303&C=1
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
CMID=WRtQf7lQJ8QAADUgtywAAACC;domain=casalemedia.com;path=/;expires=Wed, 16 May 2018 19:18:23 GMT CMPS=1137;domain=casalemedia.com;path=/;expires=Mon, 14 Aug 2017 19:18:23 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Tue, 16 May 2017 19:18:23 GMT
Cookie set tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expires=365
  • https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expires=365
 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?cookie_redirect=1&v=194538&nid=3644&put=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expires=365
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
62.67.193.75 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
pixel.rubiconproject.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
c=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rpb=194538%3D1; Domain=.rubiconproject.com; Expires=Thu, 15-Jun-2017 19:18:23 GMT; Path=/ put_3644=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU; Domain=.rubiconproject.com; Expires=Wed, 16-May-2018 18:59:59 GMT; Path=/ rpx=194538%3D64619%2C0%2C1%2C%2C; Domain=.pixel.rubiconproject.com; Expires=Thu, 15-Jun-2017 19:18:23 GMT; Path=/ khaos=J2RXYG41-1P-33VQ; Domain=.rubiconproject.com; Expires=Wed, 15-Nov-2017 07:18:23 GMT; Path=/
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
X-RPHost
dYTTO0IavJH-PBIUPWTEJg
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
Rubicon Project
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
/tap.php?cookie_redirect=1&v=194538&nid=3644&put=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&expires=365
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
c=1; Path=/
Content-Length
0
Expires
0
Cookie set Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
 		1 B
1 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, 3DES_EDE_CBC
Server
198.47.127.15 Redwood City, United States, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
simage2.pubmatic.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
X-lat
Pug22012:0:1040
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Set-Cookie
KRTBCOOKIE_10=22808-MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&KRTB&22883-MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU; domain=pubmatic.com; expires=Wed, 20-Jun-2018 19:18:23 GMT; path=/ PUBRETARGET=dummy; domain=pubmatic.com; expires=Tue, 16-May-2017 19:18:23 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; expires=Mon, 14-Aug-2017 19:18:23 GMT; path=/
Cache-Control
no-store, no-cache, private
Connection
close
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:22 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
161
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/sg/adroll-network/1/rtb-h/?taboola_hm=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
trc.taboola.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
via
1.1 varnish
x-timer
S1494962304.754007,VS0,VE9
x-served-by
cache-hhn1543-HHN
x-cache
MISS
status
204
x-cache-hits
0
set-cookie
t_gid=8d385f0c-618a-44c1-9973-25ea1d8fa5b7;Path=/;Domain=.taboola.com;Expires=Wed, 16-May-2018 19:18:23 GMT taboola_usg=GgQQmc5A;Path=/;Domain=.taboola.com;Expires=Wed, 16-May-2018 19:18:23 GMT
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:23 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
111
pixel
ads.yahoo.com/
Redirect Chain
  • https://d.adroll.com/cm/r/out
  • https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:422::3000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
ads.yahoo.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Server
ATS
Connection
keep-alive
Age
0
Content-Length
0
Strict-Transport-Security
max-age=0

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:23 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
181
Cookie set out
d.adroll.com/cm/f/ 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/f/out
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.69.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-69-81.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
d.adroll.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:23 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Cookie set match
ads.kiosked.com/ul_cb/
Redirect Chain
  • https://ads.kiosked.com/match?bidder_id=2&external_user_id=21961632-9a0b-4c2a-a758-67f96219c6e2&publisher_id=&dsp_uuid=&dsp_id=
  • https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=21961632-9a0b-4c2a-a758-67f96219c6e2&publisher_id=&dsp_uuid=&dsp_id=
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=21961632-9a0b-4c2a-a758-67f96219c6e2&publisher_id=&dsp_uuid=&dsp_id=
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.251.140.207 Mountain View, United States, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
207.140.251.23.bc.googleusercontent.com
Software
nginx/1.7.10 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
ads.kiosked.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
tuuid=cec1968f-56dd-4742-9228-e2720dfa4405; tuuid_last_update=1494962304
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:24 GMT
Server
nginx/1.7.10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Set-Cookie
tuuid=cec1968f-56dd-4742-9228-e2720dfa4405; path=/; expires=Thu, 16-May-2019 19:18:24 GMT; domain=ads.kiosked.com tuuid_last_update=1494962304; path=/; expires=Thu, 16-May-2019 19:18:24 GMT; domain=ads.kiosked.com tuuid=; path=/; expires=Mon, 01-Mar-2004 00:00:00 GMT umdd=!2,,21961632-9a0b-4c2a-a758-67f96219c6e2,264205104; path=/; expires=Thu, 16-May-2019 19:18:24 GMT; domain=ads.kiosked.com
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:24 GMT
Server
nginx/1.7.10
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.kiosked.com/ul_cb/match?bidder_id=2&external_user_id=21961632-9a0b-4c2a-a758-67f96219c6e2&publisher_id=&dsp_uuid=&dsp_id=
Connection
keep-alive
Set-Cookie
tuuid=cec1968f-56dd-4742-9228-e2720dfa4405; path=/; expires=Thu, 16-May-2019 19:18:24 GMT; domain=ads.kiosked.com tuuid_last_update=1494962304; path=/; expires=Thu, 16-May-2019 19:18:24 GMT; domain=ads.kiosked.com
Content-Length
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adsct
analytics.twitter.com/i/
Redirect Chain
  • https://d.adroll.com/cm/w/out
  • https://analytics.twitter.com/i/adsct?p_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&p_id=823423
 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&p_id=823423
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/i/adsct?p_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&p_id=823423
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
analytics.twitter.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 200 OK
x-twitter-response-tags
BouncerCompliant
x-connection-hash
f684e96ad69125469fb01e00e3630b3a
x-xss-protection
1; mode=block
x-response-time
227
pragma
no-cache
last-modified
Tue, 16 May 2017 19:18:23 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
set-cookie
guest_id=v1%3A149496230383836450; Domain=.twitter.com; Path=/; Expires=Thu, 16-May-2019 19:18:23 UTC
x-transaction
00279e47000b22b3
expires
Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://analytics.twitter.com/i/adsct?p_user_id=MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU&p_id=823423
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:23 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
109
pxj
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out
  • https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU%27)
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU%27)
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.33.223.200 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.11.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
ib.adnxs.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:25 GMT
X-Proxy-Origin
148.251.45.170; 148.251.45.170; 308.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.70:80
AN-X-Request-Uuid
9050e8f3-e4f5-497b-a8c9-4defa1bd3e60
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('MzhiNjRhYWIwNzRlMmFjZDNhNGI5ZWI1ZGFhOWQzNzU')
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375; Version=1; Expires=Fri, 15-Jun-2018 19:18:23 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
113
Cookie set 377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/377928.gif?partner_uid=38b64aab074e2acd3a4b9eb5daa9d375
  • https://idsync.rlcdn.com/377928.gif?partner_uid=38b64aab074e2acd3a4b9eb5daa9d375&redirect=1
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=38b64aab074e2acd3a4b9eb5daa9d375&redirect=1
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.242.147 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-242-147.compute-1.amazonaws.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
idsync.rlcdn.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
ck1=ck1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Set-Cookie
rlas3=pCL41RwT5Xdd+4P7OurfIvJgKkDvnjzDkB3gzSnluwWMyA9jEACu5w==;Domain=.rlcdn.com;Expires=Sun, 12-Nov-2017 19:18:21 GMT rtn1-z=IaPVs8VHz+TQGzCL2GvoNnuw+nqIJYuQvMoNSymbV1M=;Domain=.rlcdn.com;Expires=Sun, 12-Nov-2017 19:18:21 GMT
P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Content-Length
43
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1

Redirect headers

P3P
CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
Location
https://idsync.rlcdn.com/377928.gif?partner_uid=38b64aab074e2acd3a4b9eb5daa9d375&redirect=1
Set-Cookie
ck1=ck1;Domain=.rlcdn.com;Expires=Sun, 12-Nov-2017 19:18:22 GMT
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Type
image/gif; charset=ISO-8859-1
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=38b64aab074e2acd3a4b9eb5daa9d375
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=38b64aab074e2acd3a4b9eb5daa9d375
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=38b64aab074e2acd3a4b9eb5daa9d375
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/11.75.6 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
us-u.openx.net
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
i=e32117d9-6a2c-4949-4a5c-6c066272dc3b|1494962303
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
OXGW/11.75.6
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=38b64aab074e2acd3a4b9eb5daa9d375
Date
Tue, 16 May 2017 19:18:23 GMT
Server
OXGW/11.75.6
Set-Cookie
i=e32117d9-6a2c-4949-4a5c-6c066272dc3b|1494962303; Version=1; Expires=Wed, 16-May-2018 19:18:23 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Content-Length
0
P3P
CP="CUR ADM OUR NOR STA NID"
Cookie set in
d.adroll.com/cm/g/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=OLZKqwdOKs06S5612qnTdQ&google_ula=1535926
  • https://d.adroll.com/cm/g/in?google_ula=1535926,0
 		35 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in?google_ula=1535926,0
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.69.81 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-69-81.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
d.adroll.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:23 GMT
Server
nginx/1.10.2
P3P
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Set-Cookie
__adroll=38b64aab074e2acd3a4b9eb5daa9d375-g_1494962303; Version=1; Expires=Fri, 15-Jun-2018 19:18:23 GMT; Max-Age=34128000; Path=/
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
X-Result
g.-1.-1.1535926.0.-1

Redirect headers

pragma
no-cache
date
Tue, 16 May 2017 19:18:23 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control
no-cache, must-revalidate
set-cookie
id=226674d0753c00ff||t=1494962303|et=730|cs=002213fd485fb320c48e13e975; expires=Thu, 16-May-2019 19:18:23 GMT; path=/; domain=.doubleclick.net test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT IDE=AHWqTUlaNAuJoJKVBsAZRm2B6263YB74NAEG0_wuw1gT_5nb0yDF9HsUyg; expires=Thu, 16-May-2019 19:18:23 GMT; path=/; domain=.doubleclick.net; HttpOnly
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="37,36,35",quic=":443"; ma=2592000; v="37,36,35"
content-length
246
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
frontError.php
front.optimonk.com/logger/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://front.optimonk.com/logger/frontError.php?account=15473&type=load
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/public/15473/js/preload.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.51.202.68 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-51-202-68.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Origin
https://www.ivanti.com
Accept-Encoding
gzip, deflate, br
Host
front.optimonk.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Content-Length
1159
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin
https://www.ivanti.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
none
Server
Apache
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Expires
Tue, 16 May 2017 19:18:23 GMT
Cache-Control
max-age=0, public
Connection
keep-alive
Content-Length
0
X-UA-Compatible
IE=Edge,chrome=1
/
disqus.com/embed/comments/ Frame 1606 		0
0
/
disqusads.com/ads-iframe/adsnative/ Frame 1606 		0
0
event.gif
referrer.disqus.com/juggler/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4igbonh10jrsiq&experiment=network_default&variant=fallthrough&service=dynamic&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&area=top&product=embed&forum=http-blog-ivanti-com&zone=thread&version=cc9da4ac74e3e5dced15c079995f3bfd&page_url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&page_referrer=&object_type=provider&object_id=adsnative&provider=adsnative&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&event=activity&section=default&verb=call&adjective=1&forum_id=4875862
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
referrer.disqus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
localization.en.13.3632191afe35222a6b78c04d457adc0d_24aa645f930e654d97d96659424d4d73.js
secure.livechatinc.com/licence/1082968/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/localization.en.13.3632191afe35222a6b78c04d457adc0d_24aa645f930e654d97d96659424d4d73.js?jsonp=__lc_lang
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
b1e76d1a44cff87d061990a48267b376ed8b58187430a7c6ef5c21abcfc3cb4b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
__livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Content-Encoding
gzip
Server
Cowboy
ETag
165135007116453010677466573200534084151
Vary
Accept-Encoding
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
2689
Expires
Tue, 16 May 2017 19:28:23 GMT
Cookie set ping
secure.livechatinc.com/licence/1082968/ 		73 B
73 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/ping?t=1494962303702&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962303.f28c40b709%22%2C%22group%22%3A13%7D%2C%22page%22%3A%7B%22title%22%3A%22Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20-%20Ivanti%20Blog%22%2C%22url%22%3A%22https%3A%5C%2F%5C%2Fwww.ivanti.com%5C%2Fblog%5C%2Fbreaking-large-scale-cyber-attack%5C%2F%22%7D%2C%22script_version%22%3A%7B%22tracking_env%22%3A%22production%22%2C%22tracking_version%22%3A%2220170515092623%22%7D%7D&jsonp=__lc_ping_335604
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
bdaee9fcff9f218a76cdefdd9db00a21ce4d5d16b4d5a4c29c831e79ef1bdfae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
__livechat=lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_visit_number%3D0%26lc_page_view%3D0%26lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_integration_params%3D%26lc_last_operator_per_skill%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:24 GMT
Server
Cowboy
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0; Version=1; Expires=Sun, 14-Jun-2020 19:18:23 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly __livechat_lastvisit=ivanti.com%3D1494962303; Version=1; Expires=Sun, 14-Jun-2020 19:18:23 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
73
Expires
Tue, 16 May 2017 19:18:24 GMT
open_chat.cgi
secure.livechatinc.com/licence/1082968/ Frame 1606 		0
0
livechat-minimal_337558d286.ttf
cdn.livechatinc.com/fonts/minimal/ Frame 1606 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.livechatinc.com/fonts/minimal/livechat-minimal_337558d286.ttf?i0ym10
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.100.185.64 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-185-64.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
ac82716f6558269fa49ea2cc3aede2586e26946cf1cfad9691704d1b2bc0a227

Request headers

Pragma
no-cache
Origin
https://www.ivanti.com
Accept-Encoding
gzip, deflate, sdch, br
Host
cdn.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Origin
https://www.ivanti.com

Response headers

Date
Tue, 16 May 2017 19:18:23 GMT
Last-Modified
Thu, 08 Dec 2016 12:32:56 GMT
Server
Apache
ETag
"1c28d0-b88-54324d640ae00"
Content-Type
font/ttf
Access-Control-Allow-Origin
*
Cache-Control
public, private, max-age=18984996
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2952
Expires
Fri, 22 Dec 2017 12:54:59 GMT
9k-RPmcnxYEPm8CNFsH2gg.woff
themes.googleusercontent.com/static/fonts/lato/v6/ Frame 1606 		49 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://themes.googleusercontent.com/static/fonts/lato/v6/9k-RPmcnxYEPm8CNFsH2gg.woff
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2001 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
c56d3ae16344120475d9ea84cf1814c94390896586be0e2c19447cc98e4a66f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/static/fonts/lato/v6/9k-RPmcnxYEPm8CNFsH2gg.woff
pragma
no-cache
origin
https://www.ivanti.com
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
themes.googleusercontent.com
:scheme
https
x-client-data
CIi2yQEIpLbJAQ==
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Origin
https://www.ivanti.com

Response headers

date
Tue, 16 May 2017 19:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1
status
200
alt-svc
quic=":443"; ma=2592000; v="37,36,35"
content-length
42359
x-xss-protection
1; mode=block
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 16 May 2018 19:18:22 GMT
/
www.facebook.com/tr/ 		44 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=271199226557619&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962303746&cd[segment_eid]=FFO7TZIFCFDQLOBYNKQ5EZ&v=2.7.9&ec=0&o=4
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

:path
/tr/?id=271199226557619&ev=PageView&dl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&rl=&if=false&ts=1494962303746&cd[segment_eid]=FFO7TZIFCFDQLOBYNKQ5EZ&v=2.7.9&ec=0&o=4
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
image/webp,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
cookie
fr=0DGXplAcKFWJNDQdq..BZG1B_...1.0.BZG1B_.
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:23 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
content-length
44
expires
Tue, 16 May 2017 19:18:23 GMT
alfie.f51946af45e0b561c60f768335c9eb79.js
c.disquscdn.com/next/embed/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
e61c7f56c3fb5b17270ffd87a4c738d40cd2370b9a192b0234dc3bbb90bc89b9
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

:path
/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
c.disquscdn.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:24 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
content-length
6603
timing-allow-origin
*
last-modified
Mon, 24 Oct 2016 20:57:14 GMT
server
cloudflare-nginx
fastly-debug-digest
baac760ca1e6f62ea6380d62d4f07b5dfbb97755c19df0448623d4ede950e2e4
etag
"580e75aa-19cb"
strict-transport-security
max-age=300; includeSubdomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
3600aec0183b63a9-FRA
expires
Wed, 25 Oct 2017 19:15:13 GMT
ping
links.services.disqus.com/api/ 		179 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&subId=4875862&v=1&jsonp=vglnk_jsonp_14949623040360
Requested by
Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.64 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
9ebe09507288060349bb7800292c8368387c394e6bf33335a1ce1d50a221f69e

Request headers

Pragma
no-cache
Origin
https://www.ivanti.com
Accept-Encoding
gzip, deflate, sdch, br
Host
links.services.disqus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
disqus_unique=4iekkav3qnfm8t
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Origin
https://www.ivanti.com

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:24 GMT
Via
1.1 varnish
Server
Apache-Coyote/1.1
X-Timer
S1494962304.063160,VS0,VE30
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.ivanti.com
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript;charset=UTF-8
Content-Length
179
X-Served-By
cache-hhn1548-HHN
/
www.ivanti.com/blog/breaking-large-scale-cyber-attack/ 		17 B
76 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/?cf_action=sync_comments&post_id=16684
Requested by
Host: blog.ivanti.com
URL: https://blog.ivanti.com/wp-content/plugins/disqus-comment-system/media/js/disqus.js?ver=4.7.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2400:cb00:2048:1::6818:8310 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
4534997b249e629ce477624b7616511c9d2cea2f5562dcbf230ea091a0a4135f

Request headers

:path
/blog/breaking-large-scale-cyber-attack/?cf_action=sync_comments&post_id=16684
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.ivanti.com
cookie
__cfduid=d5bad23af82978200cab6159b80768b831494962302; _ga=GA1.2.187978466.1494962303; _gid=GA1.2.1267898024.1494962303; _gat_UA-88957721-1=1; _uetsid=_uet537a4002; _mkto_trk=id:635-QZI-186&token:_mch-ivanti.com-1494962303337-88376; __ar_v4=%7CG24WZIE6VBGA3PWU7NRQRR%3A20170515%3A1%7CM7DED2HG3BAN5O3GZ46YT3%3A20170515%3A1%7CFFO7TZIFCFDQLOBYNKQ5EZ%3A20170515%3A1; optiMonkClient={"15473":{"fv":1494962303,"lv":1494962303,"nopv":1,"ca":{"25":{"act":0,"cr":"28","s":"init","tua":0,"nod":0,"app":0},"26":{"act":0,"cr":"30","s":"init","tua":0,"nod":0,"app":0},"27":{"act":0,"cr":"32","s":"init","tua":0,"nod":0,"app":0},"28":{"act":0,"cr":"50","s":"init","tua":0,"nod":0,"app":0},"29":{"act":0,"cr":"36","s":"init","tua":0,"nod":0,"app":0},"31":{"act":0,"cr":"38","s":"init","tua":0,"nod":0,"app":0},"34":{"act":0,"cr":"44","s":"init","tua":0,"nod":0,"app":0},"38":{"act":0,"cr":"54","s":"init","tua":0,"nod":0,"app":0},"47":{"act":0,"cr":"87","s":"init","tua":0,"nod":0,"app":0}}}}; optiMonkSession=1494962302; __lc.visitor_id.1082968=S1494962303.f28c40b709; lc_window_state=minimized
:scheme
https
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

cf-ray
3600aec09e432378-FRA
date
Tue, 16 May 2017 19:18:24 GMT
via
1.1 varnish
server
cloudflare-nginx
x-timer
S1494962304.099072,VS0,VE301
x-served-by
cache-fra1238-FRA
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
status
200
host-header
192fc2e7e50945beb8231a492d6a8024
content-encoding
gzip
x-proxy-cache
MISS
x-cache-hits
0
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1606 		337 B
262 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

:path
/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
c.disquscdn.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:24 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
content-length
244
timing-allow-origin
*
last-modified
Thu, 10 Nov 2016 18:57:57 GMT
server
cloudflare-nginx
fastly-debug-digest
ddbb547324842fbef412f9cb6a75e494efb72ac30deb102492dc2845863dccf3
etag
"5824c335-f4"
strict-transport-security
max-age=300; includeSubdomains
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
3600aec0e8d163a9-FRA
expires
Fri, 10 Nov 2017 19:10:06 GMT
realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 1606 		337 B
262 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6810:4fa6 , United States, ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

:path
/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
pragma
no-cache
accept-encoding
gzip, deflate, sdch, br
accept-language
en-US,en;q=0.8
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
c.disquscdn.com
referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
:scheme
https
:method
GET
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

date
Tue, 16 May 2017 19:18:24 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
content-length
244
timing-allow-origin
*
last-modified
Thu, 10 Nov 2016 18:57:57 GMT
server
cloudflare-nginx
fastly-debug-digest
ddbb547324842fbef412f9cb6a75e494efb72ac30deb102492dc2845863dccf3
etag
"5824c335-f4"
strict-transport-security
max-age=300; includeSubdomains
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
cf-ray
3600aec0f8d563a9-FRA
expires
Fri, 10 Nov 2017 19:10:06 GMT
count-data.js
http-blog-ivanti-com.disqus.com/ 		396 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://http-blog-ivanti-com.disqus.com/count-data.js?1=14916%20https%3A%2F%2Fwww.ivanti.com%2Fblog%2F%3Fp%3D14916&1=16684%20https%3A%2F%2Fwww.ivanti.com%2Fblog%2F%3Fp%3D16684&1=6404%20http%3A%2F%2Fblog.ivanti.com%2F%3Fp%3D6404&1=72%20http%3A%2F%2Fivantiblog.com%2F%3Fp%3D72
Requested by
Host: http-blog-ivanti-com.disqus.com
URL: https://http-blog-ivanti-com.disqus.com/count.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
1ca471edd96dff09fab383d62f187aac7209961c20bc2a6b6359c75d50c46bb8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
http-blog-ivanti-com.disqus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
disqus_unique=4iekkav3qnfm8t; G_ENABLED_IDPS=google
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:24 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Age
0
X-Frame-Options
SAMEORIGIN
Connection
keep-alive
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary
Accept-Encoding
Cache-Control
public, max-age=600
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=UTF-8
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
255
X-XSS-Protection
1; mode=block
event.gif
referrer.disqus.com/juggler/ 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4igbonh10jrsiq&experiment=network_default&variant=fallthrough&service=dynamic&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&area=top&product=embed&forum=http-blog-ivanti-com&zone=thread&version=cc9da4ac74e3e5dced15c079995f3bfd&page_url=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&page_referrer=&object_type=provider&object_id=adsnative&provider=adsnative&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&event=activity&section=default&verb=fail&adverb=no_height&forum_id=4875862
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
referrer.disqus.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
disqus_unique=4iekkav3qnfm8t; G_ENABLED_IDPS=google
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:24 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Cookie set ping
secure.livechatinc.com/licence/1082968/ 		744 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/ping?t=1494962308703&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962303.f28c40b709%22%7D%7D&jsonp=__lc_ping_142583
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
1dc6d145ec2ae60eb0df36060aa130d95203aeab815822a3571cb8aaef83de0b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
3rdparty=allow; recent_window=60513799; __livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3D%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D0%26lc_ok_invitation%3D0; __livechat_lastvisit=ivanti.com%3D1494962303; message_text=; main_window_timestamp=1494962308661; main_window_timestamp_13=1494962308662
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:28 GMT
Content-Encoding
gzip
Server
Cowboy
Vary
Accept-Encoding
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3DOQ22684AGS%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D1%26lc_ok_invitation%3D0; Version=1; Expires=Sun, 14-Jun-2020 19:18:28 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly __livechat_lastvisit=ivanti.com%3D1494962308; Version=1; Expires=Sun, 14-Jun-2020 19:18:28 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
495
Expires
Tue, 16 May 2017 19:18:28 GMT
2c29f444a62cb388437c09afcb9b6948.jpeg
cdn.livechatinc.com/s3/1082968/avatars/ Frame 1606 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.livechatinc.com/s3/1082968/avatars/2c29f444a62cb388437c09afcb9b6948.jpeg
Requested by
Host: www.ivanti.com
URL: https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
95.100.185.64 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-185-64.deploy.akamaitechnologies.com
Software
Apache /
Resource Hash
eb2522243f4b2e6540c25b145f40826dd4b785cc85b720d3bdc96f236092306a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
cdn.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
image/webp,image/*,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Date
Tue, 16 May 2017 19:18:29 GMT
Cache-Control
public, private, max-age=62964285
Server
Apache
Connection
keep-alive
Content-Type
image/jpeg
Content-Length
17579
Expires
Wed, 15 May 2019 13:23:14 GMT
Cookie set ping
secure.livechatinc.com/licence/1082968/ 		40 B
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/ping?t=1494962313704&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962303.f28c40b709%22%7D%7D&jsonp=__lc_ping_719904
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
4858a3f2426c269c8cdc400715c0df967a36fe055cb8bfa2d096df315230d3ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
3rdparty=allow; recent_window=60513799; __livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3DOQ22684AGS%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D1%26lc_ok_invitation%3D0; __livechat_lastvisit=ivanti.com%3D1494962308; common_iwcs_13=%7B%2213%22%3A%7B%22timestamp%22%3A1494962309%2C%22responseCommand%22%3A%220116R%22%2C%22originalRequest%22%3A%22IWCS0116C%5ES1494962303.f28c40b709%5E1082968%5E13%5E%22%2C%22response%22%3A%5B%22IWCS0116R%22%2C%221%22%2C%220%22%5D%7D%7D; message_text=; main_window_timestamp=1494962313661; main_window_timestamp_13=1494962313662
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:33 GMT
Server
Cowboy
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat_lastvisit=ivanti.com%3D1494962313; Version=1; Expires=Sun, 14-Jun-2020 19:18:33 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
40
Expires
Tue, 16 May 2017 19:18:33 GMT
Cookie set ping
secure.livechatinc.com/licence/1082968/ 		40 B
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/ping?t=1494962318705&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962303.f28c40b709%22%7D%7D&jsonp=__lc_ping_521459
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
d795f92c86a0440a1e52652d126e4df74dacc75c78785e2e3d1fbe1cde53f6e9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
3rdparty=allow; recent_window=60513799; __livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3DOQ22684AGS%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D1%26lc_ok_invitation%3D0; __livechat_lastvisit=ivanti.com%3D1494962313; common_iwcs_13=%7B%2213%22%3A%7B%22timestamp%22%3A1494962314%2C%22responseCommand%22%3A%220116R%22%2C%22originalRequest%22%3A%22IWCS0116C%5ES1494962303.f28c40b709%5E1082968%5E13%5E%22%2C%22response%22%3A%5B%22IWCS0116R%22%2C%221%22%2C%220%22%5D%7D%7D; message_text=; main_window_timestamp=1494962318661; main_window_timestamp_13=1494962318662
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:38 GMT
Server
Cowboy
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat_lastvisit=ivanti.com%3D1494962318; Version=1; Expires=Sun, 14-Jun-2020 19:18:38 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
40
Expires
Tue, 16 May 2017 19:18:38 GMT
Cookie set ping
secure.livechatinc.com/licence/1082968/ 		40 B
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/ping?t=1494962323705&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962303.f28c40b709%22%7D%7D&jsonp=__lc_ping_572018
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
5018eb22184cb7d81803f553948883222a6680d85b9f2131483d2def63219cd3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
3rdparty=allow; recent_window=60513799; __livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3DOQ22684AGS%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D1%26lc_ok_invitation%3D0; __livechat_lastvisit=ivanti.com%3D1494962318; common_iwcs_13=%7B%2213%22%3A%7B%22timestamp%22%3A1494962319%2C%22responseCommand%22%3A%220116R%22%2C%22originalRequest%22%3A%22IWCS0116C%5ES1494962303.f28c40b709%5E1082968%5E13%5E%22%2C%22response%22%3A%5B%22IWCS0116R%22%2C%221%22%2C%220%22%5D%7D%7D; message_text=; main_window_timestamp=1494962323661; main_window_timestamp_13=1494962323662
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:43 GMT
Server
Cowboy
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat_lastvisit=ivanti.com%3D1494962323; Version=1; Expires=Sun, 14-Jun-2020 19:18:43 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
40
Expires
Tue, 16 May 2017 19:18:43 GMT
Cookie set ping
secure.livechatinc.com/licence/1082968/ 		40 B
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/ping?t=1494962329706&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962303.f28c40b709%22%7D%7D&jsonp=__lc_ping_386750
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
bd1182e53978ead84b95d225efaee27ba3a88718f5c9008f7077675f5f2d2f8f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
3rdparty=allow; recent_window=60513799; __livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3DOQ22684AGS%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D1%26lc_ok_invitation%3D0; __livechat_lastvisit=ivanti.com%3D1494962323; message_text=; common_iwcs_13=%7B%2213%22%3A%7B%22timestamp%22%3A1494962329%2C%22responseCommand%22%3A%220116R%22%2C%22originalRequest%22%3A%22IWCS0116C%5ES1494962303.f28c40b709%5E1082968%5E13%5E%22%2C%22response%22%3A%5B%22IWCS0116R%22%2C%221%22%2C%220%22%5D%7D%7D; main_window_timestamp=1494962329661; main_window_timestamp_13=1494962329662
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:49 GMT
Server
Cowboy
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat_lastvisit=ivanti.com%3D1494962329; Version=1; Expires=Sun, 14-Jun-2020 19:18:49 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
40
Expires
Tue, 16 May 2017 19:18:49 GMT
Cookie set ping
secure.livechatinc.com/licence/1082968/ 		40 B
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.livechatinc.com/licence/1082968/ping?t=1494962335707&data=%7B%22visitor%22%3A%7B%22id%22%3A%22S1494962303.f28c40b709%22%7D%7D&jsonp=__lc_ping_914172
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
172.227.117.156 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-117-156.deploy.static.akamaitechnologies.com
Software
Cowboy /
Resource Hash
7b120fd352cbb1801b35f04093815d8b36fbe3c1d75727ffc87fff175f8473d9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, sdch, br
Host
secure.livechatinc.com
Accept-Language
en-US,en;q=0.8
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36
Accept
*/*
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
Cookie
3rdparty=allow; recent_window=60513799; __livechat=lc_session%3DS1494962303.f28c40b709%26lc_nick%3D%26lc_lang%3Den%26lc_last_operator_key%3D%26lc_client_version%3D%26lc_last_conference_id%3D%26lc_goals_achieved%3D%26lc_auto_invites_shown%3DOQ22684AGS%26lc_integration_params%3D%26lc_last_operator_key_per_skill%3D%26lc_last_visit%3D1494962303%26lc_visit_number%3D1%26lc_page_view%3D1%26lc_chat_number%3D0%26lc_all_invitation%3D1%26lc_ok_invitation%3D0; __livechat_lastvisit=ivanti.com%3D1494962329; common_iwcs_13=%7B%2213%22%3A%7B%22timestamp%22%3A1494962334%2C%22responseCommand%22%3A%220116R%22%2C%22originalRequest%22%3A%22IWCS0116C%5ES1494962303.f28c40b709%5E1082968%5E13%5E%22%2C%22response%22%3A%5B%22IWCS0116R%22%2C%221%22%2C%220%22%5D%7D%7D; message_text=; main_window_timestamp=1494962335661; main_window_timestamp_13=1494962335662
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.ivanti.com/blog/breaking-large-scale-cyber-attack/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.81 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 May 2017 19:18:55 GMT
Server
Cowboy
Connection
keep-alive
P3P
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
max-age=0, no-cache, no-store
Set-Cookie
__livechat_lastvisit=ivanti.com%3D1494962335; Version=1; Expires=Sun, 14-Jun-2020 19:18:55 GMT; Max-Age=97200000; Domain=.livechatinc.com; Path=/licence/1082968; HttpOnly
Content-Type
application/x-javascript
Content-Length
40
Expires
Tue, 16 May 2017 19:18:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.youtube.com
URL
https://www.youtube.com/embed/PAZw4jCkF-8
Domain
disqus.com
URL
https://disqus.com/embed/comments/?base=default&f=http-blog-ivanti-com&t_i=16684%20https%3A%2F%2Fwww.ivanti.com%2Fblog%2F%3Fp%3D16684&t_u=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&t_e=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&t_d=%0ABreaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe%20&t_t=Breaking%3A%20WannaCry%20Ransomware%20Exploding%20Across%20the%20Globe&s_o=default&l=
Domain
disqusads.com
URL
https://disqusads.com/ads-iframe/adsnative/?category=tech&display_bidding_enabled=0&stories_allowed=1&an_version=1&position=top&display_allowed=1&video_allowed=1&service=dynamic&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=http-blog-ivanti-com&forum_pk=4875862&forum_shortname=http-blog-ivanti-com&safetylevel=30&t=1494962303&anchorColor=%23da291c&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&typeface=serif&canonicalUrl=https%3A%2F%2Fwww.ivanti.com%2Fblog%2Fbreaking-large-scale-cyber-attack%2F&disqus_version=7fb630f
Domain
secure.livechatinc.com
URL
https://secure.livechatinc.com/licence/1082968/open_chat.cgi?groups=13&embedded=1&session_id=S1494962303.f28c40b709&server=secure.livechatinc.com

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://blog.ivanti.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api error URL: https://front.optimonk.com/public/15473/js/preload.js(Line 62)
Message:
load
console-api log URL: https://cdn.zarget.com/80509/105543.js(Line 3)
Message:
Zarget :

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

635-qzi-186.mktoresp.com
ads.kiosked.com
ads.yahoo.com
analytics.twitter.com
bat.bing.com
blog.ivanti.com
c.disquscdn.com
cdn.livechatinc.com
cdn.zarget.com
connect.facebook.net
d.adroll.com
disqus.com
disqusads.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
http-blog-ivanti-com.disqus.com
ib.adnxs.com
idsync.rlcdn.com
links.services.disqus.com
munchkin.marketo.net
pixel.rubiconproject.com
referrer.disqus.com
s.adroll.com
secure.livechatinc.com
simage2.pubmatic.com
snap.licdn.com
static.ads-twitter.com
t.co
themes.googleusercontent.com
trc.taboola.com
ums.adtech.de
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ivanti.com
www.youtube.com
disqus.com
disqusads.com
secure.livechatinc.com
www.youtube.com
104.108.45.199
104.244.42.67
104.244.42.69
104.244.43.48
13.107.21.200
151.101.112.134
151.101.112.64
151.101.114.2
151.101.192.134
172.227.117.156
173.241.240.143
185.33.223.200
195.93.42.12
198.47.127.15
199.15.215.200
216.58.205.226
23.251.140.207
2400:cb00:2048:1::6810:4fa6
2400:cb00:2048:1::6818:8310
2a00:1288:110:422::3000
2a00:1450:4001:821::2001
2a00:1450:4001:821::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
2a00:1450:401b:801::2003
2a02:26f0:78:18c::25ea
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
46.51.202.68
52.85.90.112
54.165.242.147
54.247.69.81
62.67.193.75
95.100.185.157
95.100.185.64
95.101.245.177
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
08eb6809b57f86b397767cd23ab0f7453f812ed4f62da7514279fb1badd0bb9c
0afc90352ecc913458dee869009342ee6c4bc2627dfcf4da64c3a3496bd86d4d
0ca776e8668becd670dda66f0d273a9074f852951abf18ba5340441c5fd0c94b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127842d6e466cac5bde82cd727067ca1e1bce783d768828fd1d858c247e0f40d
1621ca430c41f7317bbd9cf271cd57c13dfb35053401a60f549e078c6327e320
1987264e8499e4ccdbad444bacf77e0a266dc4665a894d970f92f554ef7ca23b
1b1ca0f15010e0124bd4ca481404643c88f7eda1b276e9554d0ed83fb45b7e30
1ca471edd96dff09fab383d62f187aac7209961c20bc2a6b6359c75d50c46bb8
1dc6d145ec2ae60eb0df36060aa130d95203aeab815822a3571cb8aaef83de0b
1e616b6c247a49d421851c467056873dd9aaa9e1cf3900bb161ae1b1889f84ac
28b0b03f51551de0682bed42b4cb9d56508a09f636ff48e3f97df64473d311d4
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
34d69de48b65bde0c3e64cb5b11b72d46825c897121be7309fdf7533fa3d2f0f
3b25b859a065148a4b45ffd5b8df4e39fd7d0f77810cbba9897869910149579e
3b96a9e5098a4e3aee948a8277e558ff1de56c055ec5b6399db481a27d3e5c4c
3d4e26de67ea97302d6fe75f2177e1efa710724633e9af46f52ab195d5ebdfb5
4125a8a182a4ab66fa42f836528265b9251a6674fe723e4e08c3c4f050167beb
41f3fe4ce62f3d3f75f6ca8d5c801832f4dc941028ed09cd2ddf5a5b9f0712d3
44b39a06e25dbe68dcf48809d15dd3374692a575456978fd694ee13903ef92f9
4534997b249e629ce477624b7616511c9d2cea2f5562dcbf230ea091a0a4135f
46454cb37736b2a0ac901597c888974a6c62a45bb01ec2536913c1519d9675e6
4858a3f2426c269c8cdc400715c0df967a36fe055cb8bfa2d096df315230d3ac
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f87c2b0b342c2382eb83be1b1426678e85e786249cf7ba876cf79c77b85f661
5018eb22184cb7d81803f553948883222a6680d85b9f2131483d2def63219cd3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549bffa1c6d412e36a8eab7630e90783665ac071220b220be545478500cae0f8
585107ada7f42329cd4d6ab1d1e87fdf26f4994e8f47d72a44ee8ab5bd291288
5e7d6933dea4768d974405f69c102bf1172abac86ce9145ae9b8a46473dc53e6
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
6c561e040160f503c6f608ff0584496cac1e0b3a5858ee628e007a14ac4d310f
7256e4064077953570228c5437c3e38294af3767f7dc0354314aa990e964a908
72d0786e64e11daee3c6838ef45dc0c4b8b827772125f3d64d096e4df825546c
7b120fd352cbb1801b35f04093815d8b36fbe3c1d75727ffc87fff175f8473d9
7c5ffd72b77134dc61aca30e5b68f84f25ed274a8f5db202e589aa24c419a8cb
7d36c045b22d6da0b15fc356fe9309e24ac61f20768d2f216f890d042111136f
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7ebb06267aa575b87263b3699bfe3680e364caba99458536f484e8f993dfe279
7f3ec89315a54f68561ebe3eb2a7886f81ba348a517ff6f95e016b63594929b9
8815fd355ba9c854703f40ac3bb489ab1a41b5d8dba919590dc67b6284239334
883de2757b75c91b86d6363bea71ce63e9104a61b243191367ef642a50e8e44e
8a4e4d87eb5124ff8ace838e9e12db5b279607a0773d2b91cd079d85d426089b
94688969a11935c2d2a428c856fd0b215894e9d222bc8bec7f0b2be768da1b6f
9ebe09507288060349bb7800292c8368387c394e6bf33335a1ce1d50a221f69e
a827505d3c24dac2be8a2082474ab5249aae5dd2e9a9bbf1e2d68cd913d97493
ac82716f6558269fa49ea2cc3aede2586e26946cf1cfad9691704d1b2bc0a227
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae2b8d3b25db6bdf22afd91d5754501d6a52bdf4e89697c4b41f3f6ee3ea65c4
aedb197e0068e18a917fc32550d35e62544499ca06b83324cca9f0d88a3dfa59
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d4939d1fb0046594b52884a198ccd506b9dcd6b47460300f6bacd85d4b074f
b1e76d1a44cff87d061990a48267b376ed8b58187430a7c6ef5c21abcfc3cb4b
b314be9bd5782c13508c0802d599b366f2fa7e2a78909f2eda47db76ed7530f2
b45a45e73ae0a2e7f299b1b4fd331fabbd3b10d91d09b16597a060fad0c1cef4
bd1182e53978ead84b95d225efaee27ba3a88718f5c9008f7077675f5f2d2f8f
bdaee9fcff9f218a76cdefdd9db00a21ce4d5d16b4d5a4c29c831e79ef1bdfae
bfb06dfa993502132397ad9589ab6ba754382bce89650d951026c33a8466f8e6
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c2fd8786984ff6182f4907ad66c53558d8a246bb0a2c197f871297d3c6290e7e
c56d3ae16344120475d9ea84cf1814c94390896586be0e2c19447cc98e4a66f0
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d795f92c86a0440a1e52652d126e4df74dacc75c78785e2e3d1fbe1cde53f6e9
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c7f56c3fb5b17270ffd87a4c738d40cd2370b9a192b0234dc3bbb90bc89b9
e84e846e94db077a2ffb4565f033b1f2c5596a81c199a679ac1ec1fa9730ebf5
e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9
eb2522243f4b2e6540c25b145f40826dd4b785cc85b720d3bdc96f236092306a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f1d0cd6a8d28ec361d452601c4f9c6ec2b9f2651c4a6017b8ba4bbfdd7543a79
f3c92ca80d62bcff22da8b353a664456fc92f6764879beba9654e0cda5f35f69
f5e1b14529a9e35ce4caf1e8b0bad54823bd67f04300f0caad49ac3f6cd1700a
f73730d3854da675deec7d4bac6cc4a42c324db1caf4cdd91e20a7b8d84dcb67
fe0358e3de4b6b30b75037d25b083852693fc0942ea4bb0824fb2a447c273bf1
ff2e8abb5cc499228fed8901f071c013c4510ec9d99d1f6df171405e0472b627