www.rewterz.com Open in urlscan Pro
198.199.112.140  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/	252 KB 42 KB	2997ms 2648ms	Document text/html	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash ebd4e9726475b27ab10e2505727495db5168fb6331b9b63e4558fbea274b0c70 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Connection Keep-Alive Content-Encoding gzip Content-Length 42185 Content-Type text/html; charset=UTF-8 Date Wed, 21 Jun 2023 11:32:00 GMT Keep-Alive timeout=5, max=100 Link <https://www.rewterz.com/wp-json/>; rel="https://api.w.org/" <https://www.rewterz.com/wp-json/wp/v2/posts/9408>; rel="alternate"; type="application/json" <https://www.rewterz.com/?p=9408>; rel=shortlink Server Apache Vary Accept-Encoding X-Nitro-Cache MISS X-Pingback https://www.rewterz.com/xmlrpc.php
GET H2	200	js Show response www.googletagmanager.com/gtag/	232 KB 82 KB	156ms 55ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-2H1K10XHV5 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eab2ddf5f47f318115450fe17f695ee462b3311150b4ec48bee3702352799a5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:03 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 83505 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Wed, 21 Jun 2023 11:32:03 GMT
GET H/1.1	200 OK	style.min.css www.rewterz.com/wp-includes/css/dist/block-library/	95 KB 13 KB	517ms 185ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:03 GMT Content-Encoding gzip Last-Modified Thu, 30 Mar 2023 02:17:41 GMT Server Apache ETag "17ced-5f814b285a60c-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 12736
GET H/1.1	200 OK	classic-themes.min.css www.rewterz.com/wp-includes/css/	291 B 530 B	499ms 165ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/css/classic-themes.min.css?ver=6.2.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:03 GMT Content-Encoding gzip Last-Modified Thu, 30 Mar 2023 02:17:41 GMT Server Apache ETag "123-5f814b28586cc-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 210
GET H/1.1	200 OK	general.min.css www.rewterz.com/wp-content/plugins/wp-job-openings/assets/css/	38 KB 7 KB	496ms 162ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.3.3 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 144ee8fd3d8997d932fe2b5497979e7cde8fda86b41b0c6e32e47faa8e1157e7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:03 GMT Content-Encoding gzip Last-Modified Tue, 07 Mar 2023 15:32:36 GMT Server Apache ETag "96c7-5f6511f051f05-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6453
GET H/1.1	200 OK	style.min.css www.rewterz.com/wp-content/plugins/wp-job-openings/assets/css/	18 KB 4 KB	512ms 173ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.3.3 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 36b74f0c72674951730e13d210bf20cbab196d2b93b00871195e03116dffc9d8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:03 GMT Content-Encoding gzip Last-Modified Tue, 07 Mar 2023 15:32:36 GMT Server Apache ETag "4985-5f6511f050f64-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 4087
GET H/1.1	200 OK	be.css www.rewterz.com/wp-content/themes/betheme/css/	409 KB 70 KB	537ms 198ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/css/be.css?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 0464d02ef20b968e99a9c1c064f6c7aeb922e11331c214b4e4aab08ec94044ca Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:03 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "6626b-5f5228a5f41ff-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100
GET H/1.1	200 OK	animations.min.css www.rewterz.com/wp-content/themes/betheme/assets/animations/	58 KB 6 KB	513ms 168ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 622a07604bb0030ba7094f0f1dcb5d1e9080164fd6ba4071a73452802378b55b Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:03 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "e83d-5f5228a629d66-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 5588
GET H/1.1	200 OK	fontawesome.css www.rewterz.com/wp-content/themes/betheme/fonts/fontawesome/	59 KB 13 KB	670ms 174ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 6a8f55d140604ca7fed7724ee5d45c06d445673636211543d30959c317a98a4b Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "ed1d-5f5228a62bca6-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 12852
GET H/1.1	200 OK	jplayer.blue.monday.min.css www.rewterz.com/wp-content/themes/betheme/assets/jplayer/css/	9 KB 2 KB	663ms 163ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 10f8e5f272c9ae8c8271ab51d7310aaf9c9bed694104dbe6ff10d99849d19ab8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "25ef-5f5228a629d66-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 2056
GET H/1.1	200 OK	responsive.css www.rewterz.com/wp-content/themes/betheme/css/	63 KB 12 KB	693ms 179ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/css/responsive.css?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 3ca06aa3199168ba5a6272840ef5d5f7f99a8d5086be17415ef17a70d3d5b44a Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "fd36-5f5228a5f41ff-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 11763
GET H2	200	css fonts.googleapis.com/	14 KB 928 B	149ms 50ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 92b98f79c7956baf3c45898fa528a3598101cada3def469aabadb5772f00b79f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 21 Jun 2023 11:32:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 21 Jun 2023 11:32:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 21 Jun 2023 11:32:03 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 915 B	147ms 48ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Barlow%3A400%2C700&display=swap&ver=6.2.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6c5317b40e8c94b9f818bc732a8fe76459749c85bd1c8a13d1986d30271b1685 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 21 Jun 2023 11:32:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 21 Jun 2023 11:32:03 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 21 Jun 2023 11:32:03 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response www.rewterz.com/wp-includes/js/	18 KB 5 KB	173ms 173ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Thu, 30 Mar 2023 02:17:41 GMT Server Apache ETag "4904-5f814b284bbab-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 5039
GET H/1.1	200 OK	jquery.min.js Show response www.rewterz.com/wp-includes/js/jquery/	88 KB 31 KB	537ms 185ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.4 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Thu, 30 Mar 2023 02:17:41 GMT Server Apache ETag "15ed7-5f814b283e0e9-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 31049
GET H/1.1	200 OK	jquery-migrate.min.js Show response www.rewterz.com/wp-includes/js/jquery/	13 KB 5 KB	531ms 176ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Thu, 30 Mar 2023 02:17:41 GMT Server Apache ETag "3470-5f814b283f089-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 4795
GET H/1.1	200 OK	logo_SVG-01.svg www.rewterz.com/wp-content/uploads/2022/11/	698 B 970 B	299ms 172ms	Image image/svg+xml	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2022/11/logo_SVG-01.svg Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 69840f2a0ed40b27bc7e919cc3c2c68be1dc3e1343c60bd21a4741af9abb8011 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Last-Modified Tue, 01 Nov 2022 09:38:43 GMT Server Apache ETag "2ba-5ec657d6fc196" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 698
GET H/1.1	200 OK	xdrLogo.png www.rewterz.com/wp-content/uploads/2023/01/	22 KB 22 KB	168ms 168ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/xdrLogo.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash d7eb51bb7aabba4a0d85a021d286e20bc61936489cb99799df6fcb9cca869222 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Thu, 05 Jan 2023 09:23:34 GMT Server Apache ETag "5671-5f180daefe39c" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 22129
GET H/1.1	200 OK	center_new.png www.rewterz.com/wp-content/uploads/2023/01/	139 KB 139 KB	187ms 187ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/center_new.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 69669e774c4670c09ac0ece7710be2e33fedcb9d09b3a1c8d0eee21ec34a0818 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Fri, 06 Jan 2023 12:13:11 GMT Server Apache ETag "22b14-5f1975757bf86" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 142100
GET H/1.1	200 OK	studio_01_Mascot_New.png www.rewterz.com/wp-content/uploads/2023/03/	747 KB 747 KB	172ms 171ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/03/studio_01_Mascot_New.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 0d73eb7b3d25c799af7030f4a09d2f3e72a34363c2138394ba64ab1949e0715c Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Tue, 07 Mar 2023 11:04:37 GMT Server Apache ETag "baaf9-5f64d60a1ddb8" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 764665
GET H/1.1	200 OK	16.jpg www.rewterz.com/wp-content/uploads/2023/01/	564 KB 564 KB	170ms 170ms	Image image/jpeg	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/16.jpg Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 012e41bd55f857e7c536648c35aec07874e675ce185f8cbeec60321033216ff3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Mon, 02 Jan 2023 10:09:41 GMT Server Apache ETag "8cee8-5f145264d5423" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 577256
GET H/1.1	200 OK	pdf-file-1.png www.rewterz.com/wp-content/uploads/2023/01/	2 KB 2 KB	184ms 184ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/pdf-file-1.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 5bfe5d69340acac94e1b747712544d0159bee54813320aabe93d515627fa491f Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Mon, 02 Jan 2023 10:28:27 GMT Server Apache ETag "842-5f145696c5f02" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 2114
GET H/1.1	200 OK	play_btn_Small.png www.rewterz.com/wp-content/uploads/2023/01/	20 KB 20 KB	181ms 169ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/play_btn_Small.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash dd13bf8404f7b89c916472f108c02bc5ff01c4e2b0a7b69e25fc6866167b7f2a Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Mon, 02 Jan 2023 13:48:02 GMT Server Apache ETag "4e60-5f1483333c4e4" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=91 Content-Length 20064
GET H/1.1	200 OK	play_btn_hover_Small.png www.rewterz.com/wp-content/uploads/2023/01/	20 KB 20 KB	179ms 165ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/play_btn_hover_Small.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 33b724f0a45fe4e11d070c9b03014746021873af3f8c59e00219d41a63d93158 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Mon, 02 Jan 2023 13:48:03 GMT Server Apache ETag "4f1d-5f148333f4e19" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 20253
GET H/1.1	200 OK	leadership.png www.rewterz.com/wp-content/uploads/2023/01/	50 KB 50 KB	165ms 165ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/leadership.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash ea89b577a7f8970538905ed7405dd6bf3c37ff5a36e311cecb9442efd7c75ad8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Mon, 02 Jan 2023 13:20:21 GMT Server Apache ETag "c8cd-5f147d02fc1d4" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 51405
GET H/1.1	200 OK	help.png www.rewterz.com/wp-content/uploads/2023/01/	26 KB 26 KB	169ms 168ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/help.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash a27e221b35f35950178fbc5afe974015a5f485b5ae91ca8ffe5847e768a3c1ee Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Mon, 02 Jan 2023 13:24:37 GMT Server Apache ETag "689c-5f147df77eabf" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=90 Content-Length 26780
POST H2	204	collect region1.google-analytics.com/g/	0 245 B	61ms 26ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-2H1K10XHV5&gtm=45je36e2&_p=1454610947&cid=1288688510.1687347124&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1687347123&sct=1&seg=0&dl=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&dt=Rewterz%20Threat%20Alert%20-%20Exploitation%20of%20Pulse%20Connect%20Secure%20Zero-Day%20%E2%80%93%20Active%20IOCs%20-%20Rewterz&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2H1K10XHV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Wed, 21 Jun 2023 11:32:03 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.rewterz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	logo_SVG-01-svg.svg www.rewterz.com/wp-content/uploads/2023/03/	702 B 974 B	537ms 536ms	Image image/svg+xml	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/03/logo_SVG-01-svg.svg Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 253aac5658624549e30b156b64476a924aca040cb36538cfdf46dcdac5579923 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Fri, 10 Mar 2023 23:23:22 GMT Server Apache ETag "2be-5f6940c18b4bb" Content-Type image/svg+xml Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 702
GET H/1.1	200 OK	advisory-1619163936.png app.sirp.io/uploads/1/advisory/	396 KB 396 KB	731ms 162ms	Image image/png	104.236.170.110 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://app.sirp.io/uploads/1/advisory/advisory-1619163936.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.236.170.110 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS app.sirp.io Software Apache / Resource Hash b8e57a80e243d47b39c7ae42cd12b083b1a485c7008cdb4575a0aa7d9101dce3 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Mon, 07 Mar 2022 12:30:55 GMT Server Apache ETag "62f7b-5d9a00929523f;5fd0fe65f8b75" Content-Type image/png Access-Control-Allow-Origin * Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 405371
GET H/1.1	200 OK	divider-2.css www.rewterz.com/wp-content/themes/betheme/css/elements/	138 KB 49 KB	224ms 210ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/css/elements/divider-2.css?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash d96ae3f9718f46225174532e9c446f4a1979b2bda1d7822fb92ee7a18cb6d5ef Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "2269b-5f5228a5f41ff-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 49658
GET H/1.1	200 OK	post-15053.css www.rewterz.com/wp-content/uploads/betheme/css/	3 KB 1012 B	171ms 167ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/uploads/betheme/css/post-15053.css?ver=1687347121 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash f12c0ebc91ff90bd7d8b20d0c724e0fb32021a933a6b0ff9ca656213172f89c1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Fri, 10 Mar 2023 22:20:41 GMT Server Apache ETag "d7f-5f6932bf94a8e-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 693
GET H/1.1	200 OK	post-14912.css www.rewterz.com/wp-content/uploads/betheme/css/	9 KB 1 KB	203ms 185ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/uploads/betheme/css/post-14912.css?ver=1687347121 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 4e8a9350b17a5c92c5c33ae67cfbc575c50bb24e063ae6c67de39f434e268504 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Fri, 06 Jan 2023 12:33:32 GMT Server Apache ETag "258b-5f197a028f6f5-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 947
GET H/1.1	200 OK	post-15034.css www.rewterz.com/wp-content/uploads/betheme/css/	3 KB 810 B	202ms 184ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/uploads/betheme/css/post-15034.css?ver=1687347122 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 2ac04cbc489f6c69a5bed5993816ca5a983e6c10dd14cab2092596964f74beeb Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Mon, 13 Mar 2023 16:52:33 GMT Server Apache ETag "a8c-5f6caeffd50ef-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 491
GET H/1.1	200 OK	post-15056.css www.rewterz.com/wp-content/uploads/betheme/css/	3 KB 1015 B	198ms 180ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/uploads/betheme/css/post-15056.css?ver=1687347122 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 244dd85b66678390394327aa34686f20a528e5176eb1a2d389a3b168dc8b1d5b Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Fri, 10 Mar 2023 22:22:16 GMT Server Apache ETag "bcc-5f6933194f0b4-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 696
GET H/1.1	200 OK	post-15053.css www.rewterz.com/wp-content/uploads/betheme/css/	3 KB 1012 B	189ms 170ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/uploads/betheme/css/post-15053.css?ver=1687347122 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash f12c0ebc91ff90bd7d8b20d0c724e0fb32021a933a6b0ff9ca656213172f89c1 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Fri, 10 Mar 2023 22:20:41 GMT Server Apache ETag "d7f-5f6932bf94a8e-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 693
GET H/1.1	200 OK	post-14912.css www.rewterz.com/wp-content/uploads/betheme/css/	9 KB 1 KB	190ms 175ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/uploads/betheme/css/post-14912.css?ver=1687347122 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 4e8a9350b17a5c92c5c33ae67cfbc575c50bb24e063ae6c67de39f434e268504 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Fri, 06 Jan 2023 12:33:32 GMT Server Apache ETag "258b-5f197a028f6f5-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 947
GET H/1.1	200 OK	post-15056.css www.rewterz.com/wp-content/uploads/betheme/css/	3 KB 1015 B	169ms 168ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/uploads/betheme/css/post-15056.css?ver=1687347123 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 244dd85b66678390394327aa34686f20a528e5176eb1a2d389a3b168dc8b1d5b Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Fri, 10 Mar 2023 22:22:16 GMT Server Apache ETag "bcc-5f6933194f0b4-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 696
GET H/1.1	200 OK	rs6.css www.rewterz.com/wp-content/plugins/revslider/public/assets/css/	57 KB 12 KB	174ms 173ms	Stylesheet text/css	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.4 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 95f59f9a4a19697496edc01bb55011ea4056f90625cc816a7f18256f056a6258 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Tue, 01 Nov 2022 08:24:40 GMT Server Apache ETag "e394-5ec647490eac1-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 12467
GET H2	200	6553015.js Show response js.hs-scripts.com/	2 KB 1 KB	472ms 402ms	Script application/javascript	2606:4700::6812:853b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/6553015.js?integration=WordPress&ver=10.1.24 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:853b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 43fa6ce6e34b4806e82b7644adcda1c4d241c8a2380145618bf149856c94d746 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:04 GMT content-encoding br cf-cache-status EXPIRED x-hubspot-correlation-id 7214fef1-db37-4b7a-87e2-c8da664719de x-evy-trace-route-service-name envoyset-translator x-envoy-upstream-service-time 12 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 26712d68-3dcf-42b6-aa32-7cbade776bdf last-modified Wed, 21 Jun 2023 09:38:38 GMT server cloudflare x-trace 2B7DB5017F7F3A68C0B578082686AD6274B61D3569000000000000000000 vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://www.rewterz.com x-evy-trace-virtual-host all cache-control public, max-age=60 access-control-allow-credentials true x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-zqxft cf-ray 7dabedc8482a1e1c-FRA expires Wed, 21 Jun 2023 11:33:04 GMT
GET H/1.1	200 OK	rbtools.min.js Show response www.rewterz.com/wp-content/plugins/revslider/public/assets/js/	161 KB 61 KB	172ms 169ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.4 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Tue, 01 Nov 2022 08:24:40 GMT Server Apache ETag "285db-5ec647490eac1-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93
GET H/1.1	200 OK	rs6.min.js Show response www.rewterz.com/wp-content/plugins/revslider/public/assets/js/	397 KB 104 KB	186ms 186ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.4 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 1544b2ce742950f3428a134f1f3043cf841ba73639f19f04ded8c9e0e5d893c5 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:06 GMT Content-Encoding gzip Last-Modified Tue, 01 Nov 2022 08:24:40 GMT Server Apache ETag "63433-5ec647490eac1-gzip" Vary Accept-Encoding Transfer-Encoding chunked Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=89
GET H/1.1	200 OK	script.min.js Show response www.rewterz.com/wp-content/plugins/wp-job-openings/assets/js/	48 KB 15 KB	170ms 170ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.3.3 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 7330d7da68ac64bdbe4f341176ea7f6a78826ba6681b34ad29d72be3c8d0cd59 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Content-Encoding gzip Last-Modified Tue, 07 Mar 2023 15:32:36 GMT Server Apache ETag "beab-5f6511f04ffc4-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 15214
GET H/1.1	200 OK	core.min.js Show response www.rewterz.com/wp-includes/js/jquery/ui/	21 KB 7 KB	167ms 166ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Thu, 30 Mar 2023 02:17:41 GMT Server Apache ETag "53be-5f814b283f089-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 7099
GET H/1.1	200 OK	tabs.min.js Show response www.rewterz.com/wp-includes/js/jquery/ui/	12 KB 4 KB	171ms 170ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Wed, 02 Nov 2022 02:21:52 GMT Server Apache ETag "2ea1-5ec7380f14fe2-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 3915
GET H/1.1	200 OK	debouncedresize.min.js Show response www.rewterz.com/wp-content/themes/betheme/js/plugins/	472 B 630 B	175ms 174ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 7c5a0e187e68ccbf13dafd079e2c46c7917cc60b6959e5a881da324958f34d92 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "1d8-5f5228a5d5d9c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 297
GET H/1.1	200 OK	magnificpopup.min.js Show response www.rewterz.com/wp-content/themes/betheme/js/plugins/	20 KB 7 KB	167ms 166ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "4f10-5f5228a5d5d9c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 7323
GET H/1.1	200 OK	menu.js Show response www.rewterz.com/wp-content/themes/betheme/js/	3 KB 1 KB	173ms 173ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/menu.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "b2b-5f5228a5d4dfc-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 1015
GET H/1.1	200 OK	visible.min.js Show response www.rewterz.com/wp-content/themes/betheme/js/plugins/	608 B 711 B	174ms 173ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "260-5f5228a5d5d9c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 378
GET H/1.1	200 OK	animations.min.js Show response www.rewterz.com/wp-content/themes/betheme/assets/animations/	2 KB 960 B	164ms 163ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash aeae8ba7d9c8ee997a8ddb5f5ec82381ed7851b750e4d1f466a1f19fad7a8462 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "726-5f5228a629d66-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 627
GET H/1.1	200 OK	jplayer.min.js Show response www.rewterz.com/wp-content/themes/betheme/assets/jplayer/	51 KB 13 KB	191ms 190ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "cd61-5f5228a629d66-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=93 Content-Length 12708
GET H/1.1	200 OK	enllax.min.js Show response www.rewterz.com/wp-content/themes/betheme/js/plugins/	2 KB 862 B	169ms 168ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "604-5f5228a5d5d9c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 529
GET H/1.1	200 OK	translate3d.js Show response www.rewterz.com/wp-content/themes/betheme/js/parallax/	4 KB 2 KB	169ms 168ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 19906e9585e0f90c005878ee2c63fcd8d1ed933a0ef6bea16bb1a2226b075b40 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "fd1-5f5228a5d4dfc-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=95 Content-Length 1318
GET H/1.1	200 OK	scripts.js Show response www.rewterz.com/wp-content/themes/betheme/js/	119 KB 25 KB	174ms 174ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/scripts.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 3a361233bda60ece89c72e31125475a33d1e981a810d14237117ec5b195be142 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "1dbd8-5f5228a5d4dfc-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 25265
GET H/1.1	200 OK	comment-reply.min.js Show response www.rewterz.com/wp-includes/js/	3 KB 2 KB	166ms 164ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-includes/js/comment-reply.min.js?ver=6.2.2 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Wed, 25 May 2022 02:19:29 GMT Server Apache ETag "ba5-5dfccb3f62866-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 1351
GET H/1.1	200 OK	isotope.min.js Show response www.rewterz.com/wp-content/themes/betheme/js/plugins/	34 KB 10 KB	171ms 170ms	Script application/javascript	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/js/plugins/isotope.min.js?ver=26.7.2.1 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash ee61cd1f7ca665a583657d1dee5250e253e8e05327557e4de1d1e8b6450804e0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Content-Encoding gzip Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "89eb-5f5228a5d5d9c-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=96 Content-Length 9763
GET H2	200	7cHqv4kjgoGqM7E3_-gs51os.woff2 fonts.gstatic.com/s/barlow/v12/	20 KB 21 KB	189ms 79ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Fri, 16 Jun 2023 07:44:45 GMT x-content-type-options nosniff age 445639 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20960 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:18:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 15 Jun 2024 07:44:45 GMT
GET H2	200	7cHqv4kjgoGqM7E3t-4s51os.woff2 fonts.gstatic.com/s/barlow/v12/	21 KB 22 KB	149ms 39ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3t-4s51os.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 65a47caa5183b035bf78d0f93adbe5cea500333410259c54abf2de356740df7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 14:43:36 GMT x-content-type-options nosniff age 334108 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21724 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:29:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Jun 2024 14:43:36 GMT
GET H2	200	7cHpv4kjgoGqM7E_DMs5.woff2 fonts.gstatic.com/s/barlow/v12/	21 KB 21 KB	210ms 125ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 12:19:51 GMT x-content-type-options nosniff age 342733 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21144 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:43:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Jun 2024 12:19:51 GMT
POST H/1.1	200 OK	/ www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/	0 0	583ms 224ms	Fetch text/html	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash Request headers Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundarylHbqpAVWM7w7cBSD Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Cache-Control no-cache Server Apache Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 0 Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	/ www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/	13 B 277 B	1320ms 1319ms	Ping text/html	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 8d9d6702a15e078f14d99abace58ab6dc1d9684e57bae9cf5db74b77dc12997e Request headers Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryfI55MRnsBdf2iBLp Response headers Date Wed, 21 Jun 2023 11:32:06 GMT Server Apache X-Nitro-Beacon FORWARD Content-Type text/html; charset=UTF-8 Cache-Control no-cache X-Nitro-Proxy-Purge true Connection Keep-Alive Keep-Alive timeout=5, max=93 Content-Length 13
GET H/1.1	200 OK	BG_RED.jpg www.rewterz.com/wp-content/uploads/2023/03/	159 KB 159 KB	256ms 182ms	Image image/jpeg	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/03/BG_RED.jpg Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash ead896ede9c5838d91a0158c1f561fb5387133080c96be126310889390ea33b8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Last-Modified Tue, 07 Mar 2023 10:50:11 GMT Server Apache ETag "27a28-5f64d2d014e63" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=97 Content-Length 162344
GET H/1.1	200 OK	icons.woff www.rewterz.com/wp-content/themes/betheme/fonts/mfn/	80 KB 80 KB	270ms 169ms	Font application/font-woff	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://www.rewterz.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/wp-content/themes/betheme/css/be.css?ver=26.7.2.1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677 Request headers Referer https://www.rewterz.com/wp-content/themes/betheme/css/be.css?ver=26.7.2.1 Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:04 GMT Last-Modified Mon, 20 Feb 2023 14:33:02 GMT Server Apache ETag "13e28-5f5228a629d66" Content-Type application/font-woff Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 81448
GET H2	200	HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2 fonts.gstatic.com/s/barlowcondensed/v12/	21 KB 21 KB	159ms 95ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B46r2z3bWuQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8320299532b4b81498d5b3714d49c9d5938883b55f4c2a1efe6f105bf4a942bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 16:34:10 GMT x-content-type-options nosniff age 327474 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21440 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:46:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Jun 2024 16:34:10 GMT
GET H2	200	HTxwL3I-JCGChYJ8VI-L6OO_au7B47rxz3bWuQ.woff2 fonts.gstatic.com/s/barlowcondensed/v12/	20 KB 20 KB	202ms 141ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlowcondensed/v12/HTxwL3I-JCGChYJ8VI-L6OO_au7B47rxz3bWuQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa1895205efb0ef0fa4232b6289c46a12bf07b9493598c2d50d3afe6d9ce9d9d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 23:21:30 GMT x-content-type-options nosniff age 303034 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20180 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:34:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Jun 2024 23:21:30 GMT
GET H2	200	7cHrv4kjgoGqM7E_Cfs7wH8.woff2 fonts.gstatic.com/s/barlow/v12/	23 KB 23 KB	193ms 143ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHrv4kjgoGqM7E_Cfs7wH8.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 51d0115090b2cfd0cb581cbf62ee79bb94fdcb3f9c2432d39d3adacd8888ccef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 16:50:59 GMT x-content-type-options nosniff age 326465 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23564 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:09:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Jun 2024 16:50:59 GMT
GET H2	200	7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2 fonts.gstatic.com/s/barlow/v12/	23 KB 23 KB	167ms 162ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlow/v12/7cHsv4kjgoGqM7E_CfOA5WouvTo.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb5b9606af67dddd2d12d66ae06688d5b57725f9774d68a7c7c4fb409b54efa3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Tue, 20 Jun 2023 18:42:48 GMT x-content-type-options nosniff age 60556 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23368 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:11:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Jun 2024 18:42:48 GMT
GET H/1.1	200 OK	NEW_LOGO_FINAL-02-1024x149.png www.rewterz.com/wp-content/uploads/2023/03/	3 KB 3 KB	169ms 169ms	Image image/png	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/03/NEW_LOGO_FINAL-02-1024x149.png Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 122abffe0f44a214b7e36bb897b2c908cf50bc5d460ff89c39d35abcc4a354fe Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:06 GMT Last-Modified Thu, 09 Mar 2023 09:31:20 GMT Server Apache ETag "be1-5f6744eab1f36" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=92 Content-Length 3041
GET H2	200	conversations-embed.js Show response js.usemessages.com/	75 KB 22 KB	87ms 32ms	Script application/javascript	2606:4700::6811:64ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6553015.js?integration=WordPress&ver=10.1.24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:64ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bbbe9c4d273a13abdade0522f1d5323410659451ef72fb80c16f372ae206b282 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:05 GMT x-amz-version-id QamE4Oe0AGtrfJSqbw051Y47gukyknvh via 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront) cf-cache-status HIT content-encoding br x-amz-cf-pop IAD12-P3 age 375 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13423/bundles/project.js&cfRay=7dabe4a39e363638-IAD x-cache Hit from cloudfront cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 5 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c3d2d3c1-7611-4ce6-82dd-d79aff4abf66 last-modified Tue, 13 Jun 2023 10:43:24 UTC server cloudflare etag W/"bd6464fa791153e75807e46f33ec851c" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status MISS x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-5flz8 cf-ray 7dabedccceb33645-FRA x-amz-cf-id N1yf4nCtgB8ZTPF1ddPZHwX7_wqBZX_exG84sXr3jEOk4sqXh2LuLA== x-hs-target-asset conversations-embed/static-1.13423/bundles/project.js
GET H2	200	6553015.js Show response js.hs-analytics.net/analytics/1687347000000/	66 KB 21 KB	153ms 134ms	Script text/javascript	2606:4700::6810:8ace CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1687347000000/6553015.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6553015.js?integration=WordPress&ver=10.1.24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8ace , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae717b7dbb8cbd476c9f80ca2ec675364967dd5a918bbe76bb65f8ce97a28d45 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:05 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id YRPCY569WGYVD851 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-envoy-upstream-service-time 19 x-amz-id-2 sX62OJ/s3hH8z9xkuswm+I9KDhmdDp1AngXPrVCreEqZr+k/kJhFYxf65G6aPYIFBcaOXkti4yI= x-evy-trace-listener listener_https x-request-id 6fc686b4-abb1-4d8a-b4ed-42c6fe37038c x-evy-trace-route-configuration listener_https/all last-modified Thu, 15 Jun 2023 14:52:05 GMT server cloudflare etag W/"58c78f46940cf482b8f3f22bc3446cd0" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-9vnjb cache-control max-age=300,public access-control-allow-credentials false cf-ray 7dabedcc9b941c05-FRA expires Wed, 21 Jun 2023 11:37:05 GMT
GET H2	200	banner.js Show response js.hs-banner.com/v2/6553015/	208 KB 64 KB	490ms 450ms	Script text/javascript	2606:4700::6812:18c4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/6553015/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6553015.js?integration=WordPress&ver=10.1.24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 23a02c4c543582246ff45f0ddc223bf0730c2ca264e00937bb0b4d45d441771f Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:05 GMT x-amz-version-id tNIu1pctAcH7eRLUXDhTeERhuj7EShT7 content-encoding br cf-cache-status REVALIDATED x-amz-request-id 9JV38D96D7RJDWF3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-envoy-upstream-service-time 75 x-amz-id-2 k96ax1hqjunNkVlEzSjhwWdGkWW6ZeKLao79C5lNcgt2iETOpfToV8HYc/nzzeE5O0WooufWTFU= x-evy-trace-listener listener_https x-request-id cbc889c8-c1c1-41c5-a4cf-aac5eb8039ca x-evy-trace-route-configuration listener_https/all last-modified Thu, 15 Jun 2023 19:26:02 GMT server cloudflare etag W/"3589b594396a1134a0b9095c571dee72" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.rewterz.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7 vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 7dabedccbed991ea-FRA expires Wed, 21 Jun 2023 11:37:05 GMT
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 25 KB	155ms 126ms	Script application/javascript	2606:4700::6811:69c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/6553015.js?integration=WordPress&ver=10.1.24 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3 Request headers Referer https://www.rewterz.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:05 GMT x-amz-version-id S1jmwKbmrdTaJO._teNI0LpuWSvl4WIJ via 1.1 68a3b1d5c75429221abc685a453afb60.cloudfront.net (CloudFront) cf-cache-status EXPIRED content-encoding br x-amz-cf-pop IAD12-P3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.378/bundles/project.js&cfRay=7dabedccaa3b3a84-IAD x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9f6f6147-ee24-4068-8c2e-b417b7760b38 last-modified Tue, 13 Jun 2023 09:45:35 UTC server cloudflare etag W/"b19afd994dc32a5784e74169cca8128a" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-h6thn cf-ray 7dabedccaa3b3a84-FRA x-amz-cf-id O9sr4wmE7N5EzNcVPLXKjFBcF35_QgNLXmIUEeXU2SmvHCvs6X_GYw== x-hs-target-asset collected-forms-embed-js/static-1.378/bundles/project.js
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	115 B 449 B	126ms 120ms	XHR application/json	2606:4700::6811:69c7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=6553015&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:69c7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c10433f7319eb6d8004fa831a042b8a5e126505f0ed9de60eceba149f484de5 Request headers Accept application/json, text/plain, */* Referer https://www.rewterz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:05 GMT content-encoding br cf-cache-status DYNAMIC x-hubspot-correlation-id 031eab50-180c-4af7-a747-d0ed35b8888b x-evy-trace-route-service-name envoyset-translator x-envoy-upstream-service-time 9 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 192f49fe-0cae-4ffd-abbf-d5552cef44f7 server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.rewterz.com x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-s8xd8 access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 7dabedce4c6c3a84-FRA
OPTIONS H2	200	public api.hubspot.com/livechat-public/v1/message/ Frame	0 0	160ms 116ms	Preflight text/plain	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=6553015&conversations-embed=static-1.13423&mobile=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&traceId=6c7eed493cb64a9bba39b0cbbfc3d716 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept */* Access-Control-Request-Headers x-hubspot-messages-uri Access-Control-Request-Method GET Origin https://www.rewterz.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://www.rewterz.com allow HEAD,GET,OPTIONS alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7dabedcedb653672-FRA content-length 18 content-type text/plain; charset=utf-8 date Wed, 21 Jun 2023 11:32:05 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqYCCCuTzXBtbYg4SKCez2Frj%2FTCmoMpvLKz8I9ZvcSYdSAdgoKoQdQxW5Fd7EUXVTYGRUKuPlhx2vZU16gtWVINdOjNelLcmK4m6SzD1yKDkLZJWyt7%2FLgit3i66DntMprErlIyVt2o5OH6XA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding x-envoy-upstream-service-time 2 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-6wnvv x-evy-trace-virtual-host all x-hubspot-correlation-id cb78ef97-a235-4a5f-9296-612e13c18206 x-request-id 2205c41e-2148-4e2a-8882-4e6dccd8d6e2 x-trace 2BE18AD94322164DF2F9832D1A62EBFA89397595A3000000000000000000
GET H2	200	public Show response api.hubspot.com/livechat-public/v1/message/	3 KB 2 KB	197ms 197ms	XHR application/json	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=6553015&conversations-embed=static-1.13423&mobile=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&traceId=6c7eed493cb64a9bba39b0cbbfc3d716 Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56ebd151883c4e419757bbadfeb6d35d6eafdd573c568b555115a6ab2de3eeae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.rewterz.com/ accept-language de-DE,de;q=0.9 X-HubSpot-Messages-Uri https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:05 GMT content-encoding gzip cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 1bdc5809-0c82-4df9-b1f8-3be0cc0d82e1 x-envoy-upstream-service-time 65 alt-svc h3=":443"; ma=86400 content-length 1307 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 1e2eea18-8048-44ef-93a0-9d81cdc2703b server cloudflare x-trace 2BA0684E0FE64A211DD874F0E83875786E9518A891000000000000000000 vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://www.rewterz.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-nbhzm cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=814r95oI9%2Fdien3AnXddJpVjtCtJNmaJyEmL6nuFbIWgiJ0E3OuZO0%2FwWWe41ElaCSbY3Fuxi3GtNYsMn03EoKZmKxpo15fIacJfZiKCW7wZjQX7q86TbU5tL0yyqN8bTdBhgcCYi52%2FU24gDQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 7dabedcf9cd23672-FRA access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
GET H2	200	HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2 fonts.gstatic.com/s/barlowcondensed/v12/	20 KB 20 KB	48ms 45ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/barlowcondensed/v12/HTx3L3I-JCGChYJ8VI-L6OO_au7B6xHT2g.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Barlow%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic%7CBarlow+Condensed%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.2.2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash af91213cd670d6270b32ebdeb00a09625f6b74ccd780d12ff6724a14ea1efaff Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.rewterz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Sat, 17 Jun 2023 15:23:50 GMT x-content-type-options nosniff age 331695 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20200 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:28:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 16 Jun 2024 15:23:50 GMT
GET H/1.1	200 OK	News-80x80.jpg www.rewterz.com/wp-content/uploads/2023/01/	1 KB 1 KB	186ms 162ms	Image image/jpeg	198.199.112.140 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://www.rewterz.com/wp-content/uploads/2023/01/News-80x80.jpg Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.199.112.140 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS www.rewterz.com Software Apache / Resource Hash 3b15bd0a2a53f75e8ea01ffa8305831aa1237eb21365708ddfe62f1456851549 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers Date Wed, 21 Jun 2023 11:32:05 GMT Last-Modified Wed, 04 Jan 2023 14:33:12 GMT Server Apache ETag "46f-5f171106f3616" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=94 Content-Length 1135
GET H2	200	6c7eed493cb64a9bba39b0cbbfc3d716 Show response app.hubspot.com/conversations-visitor/6553015/threads/utk/ Frame F380	53 KB 19 KB	198ms 165ms	Document text/html	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/conversations-visitor/6553015/threads/utk/6c7eed493cb64a9bba39b0cbbfc3d716?uuid=18bbbbc4d4c247c2ad8d7b133aa8e766&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewterz.com&inApp53=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&url=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f43a1fd53a01024b894670187b107eeec4f37531f32cef718083a7b4972c901 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://www.rewterz.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-credentials false age 2191 alt-svc h3=":443"; ma=86400 cache-control max-age=600 cache-tag staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod cf-cache-status DYNAMIC cf-ray 7dabedd11bf730f3-FRA content-encoding br content-security-policy-report-only script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.15875/html/index.html&cfRay=7dabedd11bf730f3&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F6553015%2Fthreads%2Futk%2F6c7eed493cb64a9bba39b0cbbfc3d716%3Fuuid%3D18bbbbc4d4c247c2ad8d7b133aa8e766%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Drewterz.com%26inApp53%3Dfalse%26messagesUtk%3D6c7eed493cb64a9bba39b0cbbfc3d716%26url%3Dhttps%253A%252F%252Fwww.rewterz.com%252Frewterz-news%252Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.rewterz.com%2F&cfenv=prod&pdt=2023-06-21&csp=ro content-type text/html; charset=utf-8 date Wed, 21 Jun 2023 11:32:06 GMT etag W/"57da7fac47f6118b412fde3e5779c8a0" last-modified Tue, 13 Jun 2023 10:43:24 UTC report-to {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} reporting-endpoints default="https://send.hsbrowserreports.com/csp/reports?cfRay=7dabedd11bf730f3&resource=conversations-visitor-ui/static-1.15875/html/index.html" server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding via 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront) x-amz-cf-id 3Rhi2UXNRFmowvRqRgzELXfols0JEmmXyxt7tAhQfrfnZhe6ZMpGMA== x-amz-cf-pop IAD12-P3 x-amz-replication-status COMPLETED x-amz-server-side-encryption AES256 x-amz-version-id pdsNN44Ej5eBKCZ5KXHR6.D0UlCNBixd x-cache Hit from cloudfront x-envoy-upstream-service-time 7 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-57ff77fcd-mm66x x-evy-trace-virtual-host all x-hs-cache-status MISS x-hs-target-asset conversations-visitor-ui/static-1.15875/html/index.html x-hs-worker-debug-mode false x-request-id 1059d536-3435-40e3-a0de-f52babbd1a55
GET H2	200	bundle.production.js Show response static.hsappstatic.net/head-dlb/static-1.338/ Frame F380	44 KB 17 KB	98ms 22ms	Script application/javascript	2606:4700::6812:8c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/head-dlb/static-1.338/bundle.production.js Requested by Host: app.hubspot.com URL: https://app.hubspot.com/conversations-visitor/6553015/threads/utk/6c7eed493cb64a9bba39b0cbbfc3d716?uuid=18bbbbc4d4c247c2ad8d7b133aa8e766&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewterz.com&inApp53=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&url=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef39ee441c4e7792c5cda9a8bd86ddce96d9b17bda0cc9f7187f1a70ce9b3ed5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://app.hubspot.com/ Origin https://app.hubspot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:06 GMT x-amz-version-id uq4ahwTgbmdDVq3iqHPHE8OZSufTo1wc via 1.1 208ab0ac2954d96f741046080d24645c.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop PMO50-C1 age 1786012 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Fri, 28 Apr 2023 15:18:57 GMT server cloudflare etag W/"d4a36ffcc533bcbae2a557884d3059e8" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hubspot.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30n2QYmShwXJAD65wZx7vWscrNOr%2BvqqqUCKyoIHS2k0mgkBZKIYfzn9Qig2%2BvK9gH1%2FzsZSrtiUtKd5spN8HZ7GE%2FUSpo8TsJvwUKXjCfXAv8RuaUO5v19FDAOXVPlYgsYVorWgDwfAo0yK9aPZDd23pwI%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-credentials true cache-control public, max-age=31536000 cf-ray 7dabedd2ac042c3d-FRA x-amz-cf-id CWQwxkgJv9lIX6jSWNk7SXzGJAsip48ZP6p_SIBBcjCXvqI8K83nEA== expires Thu, 20 Jun 2024 11:32:06 GMT
GET H2	200	visitor.css static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/ Frame F380	20 KB 4 KB	111ms 36ms	Stylesheet text/css	2606:4700::6812:8c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/conversations-visitor-ui/static-1.14945/sass/visitor.css Requested by Host: app.hubspot.com URL: https://app.hubspot.com/conversations-visitor/6553015/threads/utk/6c7eed493cb64a9bba39b0cbbfc3d716?uuid=18bbbbc4d4c247c2ad8d7b133aa8e766&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewterz.com&inApp53=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&url=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36d655313c51c3540e79a4ed3bff5be86110779b4e25043a6e78150a58cdbc66 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://app.hubspot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:06 GMT x-amz-version-id eTttM9S_vWGkXsa3G13R54bOHuRyRlPL via 1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA2-C1 age 1938423 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Mon, 06 Mar 2023 22:24:16 GMT server cloudflare etag W/"8b2053a9d9199e217c1f3e61d80f5d90" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDcSf40JiPh4kWyahegI%2BhKeABhPzcrwvomFJ6RANGLKHfAfzkHG4qiOVvhO4dt9eR3JCqxjf3u6%2Fi3CQbAnanBL%2BSgvgz3enJcGwa5qpX7UtraLHPWIfHFNIPiRhr5SqeiPeZ%2F6Xmvbo7GMpYR0kxh83DY%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 7dabedd2aed32c6b-FRA x-amz-cf-id wKj5nWOeceW4faTuyOKl0ecR0Sxrzo9DvoSxn8nVQRJd6WYEVcDrtA== expires Thu, 20 Jun 2024 11:32:06 GMT
GET H2	200	bundle.production.js Show response static.hsappstatic.net/hubspot-dlb/static-1.392/ Frame F380	294 KB 94 KB	98ms 23ms	Script application/javascript	2606:4700::6812:8c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/hubspot-dlb/static-1.392/bundle.production.js Requested by Host: app.hubspot.com URL: https://app.hubspot.com/conversations-visitor/6553015/threads/utk/6c7eed493cb64a9bba39b0cbbfc3d716?uuid=18bbbbc4d4c247c2ad8d7b133aa8e766&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewterz.com&inApp53=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&url=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a827ba0a43cbeb52e1f7c01fac1d8526f1a927ef58d5a0bc4ea4047a8b47f075 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://app.hubspot.com/ Origin https://app.hubspot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:06 GMT x-amz-version-id GyJQrIoHDRIfCuwwSVVsJwX13g1Qp9_O via 1.1 21c2c1b3872c539a34b64bcf45f4054c.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P2 age 1715535 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Thu, 06 Apr 2023 11:56:47 GMT server cloudflare etag W/"90cd3e4c19469ce68f12da7dbe18af11" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hubspot.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeM9%2B7Mbvya7xj7yBX0vODkX9Yww6%2B5FUYWdnMbKTMmLyCpq8ylqewkQDdl1yFI0NKOF2t9nNAU7JA1Gba05Fh50tqOlavCZxodaK4DPvMH0BhSqRUJ%2FFJpt%2BISSmOayhhJSw4BXcaUp%2F6rONHIwo%2B2djhE%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-credentials true cache-control public, max-age=31536000 cf-ray 7dabedd2ac112c3d-FRA x-amz-cf-id m7-s90rpfBNXAmOE7aFBsWTdqjpXPKv6frnwaGlEeeqRptBYA5QHOQ== expires Thu, 20 Jun 2024 11:32:06 GMT
GET H2	200	visitor.js Show response static.hsappstatic.net/conversations-visitor-ui/static-1.15875/bundles/ Frame F380	609 KB 179 KB	101ms 26ms	Script application/javascript	2606:4700::6812:8c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/conversations-visitor-ui/static-1.15875/bundles/visitor.js Requested by Host: app.hubspot.com URL: https://app.hubspot.com/conversations-visitor/6553015/threads/utk/6c7eed493cb64a9bba39b0cbbfc3d716?uuid=18bbbbc4d4c247c2ad8d7b133aa8e766&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewterz.com&inApp53=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&url=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2dd6d3ca05d70d8c0b7aea1555a09c5121fc83f24064caacb32066b25cb760b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://app.hubspot.com/ Origin https://app.hubspot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:06 GMT x-amz-version-id gzX1w2KZcg7KeqTrg75XcJMiuZCnlpxJ via 1.1 c5631edd47be47cbc339631b47891370.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop OTP50-C1 age 650908 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Tue, 13 Jun 2023 17:55:03 GMT server cloudflare etag W/"4468d23f08a4175c529ac970d4450693" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hubspot.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfQipVbTP2bU5Y1Rda%2F2G0vcuejqwzEFmKHBVNwzXyokDNNcRC7zTIv3o%2BBDT9vlCah2yYtkeREgOQlCkwMV3E%2FAhS1W3WTP2RpfhSOwfY1YuCRCJE2jm%2FxhUN%2BnS4hL3pAWLY%2BKAEuC6OTlE0DAsaZFAdQ%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-credentials true cache-control public, max-age=31536000 cf-ray 7dabedd2ac162c3d-FRA x-amz-cf-id ekQBPJ8lTyOlMwrm4TpQszjjPvekvp84c4KosEyI36P-QeAB3ZJRng== expires Thu, 20 Jun 2024 11:32:06 GMT
GET H2	200	i18n-data-data-locales-en-us.js Show response static.hsappstatic.net/conversations-visitor-ui/static-1.15785/ Frame F380	776 B 869 B	17ms 15ms	Script application/javascript	2606:4700::6812:8c65 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/conversations-visitor-ui/static-1.15785/i18n-data-data-locales-en-us.js Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15875/bundles/visitor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:8c65 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5773922958407876324a55ff40662ecd526f8829178ab8790a6e8dce853b3f5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://app.hubspot.com/ Origin https://app.hubspot.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:06 GMT x-amz-version-id SpNiq4P9pGdDdfmtMtY74SmCGTt9GDKN via 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P2 age 1893090 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Fri, 26 May 2023 19:36:10 GMT server cloudflare etag W/"28c9a8bedc7c9bf5c53a75a4a0be86eb" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin https://app.hubspot.com report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGuXnXe39R7OCYp%2Bvl%2B2Q4sTN%2FIe5SIq2B0Ft98eplfG0%2BvFRdlJjqzsyKAo8GlqVDAmja0KeKIXE8k5%2BXonm%2BJ2719gD%2Fnq4eSu1NRhv8dcEq57%2FVLvkSFrXJpzgt3TJk0o%2FNeW0QohX4ewU9yfred2k8w%3D"}],"group":"cf-nel","max_age":604800} vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-credentials true cache-control public, max-age=31536000 cf-ray 7dabedd3cdcf2c3d-FRA x-amz-cf-id pBJ_Eu0JeYUAI902pXYsZtjX-uY55zegfK7Y0Q93tIta9H1EyKqFHw== expires Thu, 20 Jun 2024 11:32:06 GMT
GET H2	200	favicon.png cdn2.hubspot.net/hub/6553015/hubfs/ Frame F380	2 KB 3 KB	138ms 89ms	Image image/webp	2606:4700::6812:cfc9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.hubspot.net/hub/6553015/hubfs/favicon.png?width=108&height=108 Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:cfc9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f363b641e93d4e79a4834a6da6fbec0035347989b39fff374db06996bd9ebe1f Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none' X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://app.hubspot.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:06 GMT via 1.1 eb30892e0d329aead17e943e1b1cc5ae.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none' cache-tag F-29133801061,P-6553015,FLS-ALL alt-svc h3=":443"; ma=86400 content-length 1764 cf-resized internal=ok/m q=0 n=325+0 c=0+4 v=2023.4.2 l=1764 last-modified Fri, 08 May 2020 11:08:22 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cf8zaELJXCX13JfDiEgdtnhWptUn9Bg2vL7Sxl6y2PDQ:e1ba69882e5783477d3eb58c5b517ed0" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOGG3K4YT6mg8uuyXsIE3AKSWoYAjnX1risOawn5h4J0tkBED1Az6zVI9qeo81bYh6V7A49kfsvPKlY1MBcSjl3TC0vZ%2FIm5lp2%2FZbDX%2Bmc1RKXrmolyqXXIeJVVvdXUfJbOlf%2BaMbJdcLBFNh0%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 7dabedd4de1f3627-FRA
POST H2	204	rhumb app.hubspot.com/api/cartographer/v1/ Frame F380	0 1 KB	142ms 137ms	Ping text/plain	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.15875 Requested by Host: static.hsappstatic.net URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.15875/bundles/visitor.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://app.hubspot.com/conversations-visitor/6553015/threads/utk/6c7eed493cb64a9bba39b0cbbfc3d716?uuid=18bbbbc4d4c247c2ad8d7b133aa8e766&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=rewterz.com&inApp53=false&messagesUtk=6c7eed493cb64a9bba39b0cbbfc3d716&url=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Wed, 21 Jun 2023 11:32:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id f2d6cba0-1a7b-452f-b8d8-2eefbe3cc96c x-envoy-upstream-service-time 4 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 2f7a8a76-6b87-412c-b774-cbc0d259cd7b server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obfK0I3zRiMkgUVcpP5kPxcKc6V%2B2zvsWDS9LYE2FpLVb7lXb2IH8P1oA0GZcjJV1WVZrXlJz00yZxcd%2FPXdoshxM6gGkR9UL2s%2B%2Fo8q9unVRvpi1BQoPDitgqF7bNom5ZPcExm5xxbT46lrhw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://app.hubspot.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-598c95b5b7-xrsrb access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet, X-HubSpot-Auth-Failure access-control-max-age 604800 access-control-allow-credentials true x-evy-trace-virtual-host all cf-ray 7dabedd4a85230f3-FRA access-control-allow-headers Authorization, Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer timing-allow-origin *
GET H2	200	__ptq.gif track.hubspot.com/	45 B 522 B	146ms 144ms	Image image/gif	2606:4700::6813:9b53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3485376358&v=1.1&a=6553015&ct=blog-post&rcu=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&pu=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&t=Rewterz+Threat+Alert+-+Exploitation+of+Pulse+Connect+Secure+Zero-Day+%E2%80%93+Active+IOCs+-+Rewterz&cts=1687347126544&vi=09b78acf60b1c1c8da7d3813805a4750&nc=true&u=107359773.09b78acf60b1c1c8da7d3813805a4750.1687347126536.1687347126536.1687347126536.1&b=107359773.1.1687347126538&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers date Wed, 21 Jun 2023 11:32:06 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id eb32a1d8-fca6-4111-88ff-997f884f04f0 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 8 alt-svc h3=":443"; ma=86400 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c2eec903-0d2f-4772-a4ca-f03c0c0c2977 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxJdjSD6EQs105dHYRhZBLV8CwdgN6Ok%2B4klJullt0Unpj%2Bx8zz4HE6%2B257Kz8S7gctMh2zGadPuOaYa7lIAg5T42ZDJWbFgSazijrEqOxTzwiLiHicGtNYRh89cRr8KHL2vti6esgkWi5z92rZA"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-5f6448c676-p7wls x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 7dabedd4f89b30f3-FRA x-robots-tag none
POST H2	200	/ to.getnitropack.com/	20 B 458 B	105ms 46ms	Ping text/html	2400:52e0:1e00::1079:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://to.getnitropack.com/ Requested by Host: www.rewterz.com URL: https://www.rewterz.com/rewterz-news/rewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1079 / PHP/8.1.17 Resource Hash a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://www.rewterz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryeOtSmNezPeLvZEaJ Response headers date Wed, 21 Jun 2023 11:32:06 GMT content-encoding none strict-transport-security max-age=15724800; includeSubDomains cdn-edgestorageid 1079 x-powered-by PHP/8.1.17 cdn-cachedat 06/21/2023 11:32:06 cdn-pullzone 234442 content-length 20 server BunnyCDN-DE1-1079 cdn-proxyver 1.03 cdn-requestpullcode 200 content-type text/html; charset=UTF-8 access-control-allow-origin * cdn-uid b7e07321-6c82-48dc-b332-ec6b5d5d2a32 cache-control public, max-age=0 cdn-requestid 0d7b48cd5b615b0759af312811e37258 cdn-requestcountrycode DE cdn-requestpullsuccess True
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	18ms 16ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-2H1K10XHV5&gtm=45je36e2&_p=1454610947&cid=1288688510.1687347124&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1687347123&sct=1&seg=0&dl=https%3A%2F%2Fwww.rewterz.com%2Frewterz-news%2Frewterz-threat-alert-exploitation-of-pulse-connect-secure-zero-day-active-iocs%2F&dt=Rewterz%20Threat%20Alert%20-%20Exploitation%20of%20Pulse%20Connect%20Secure%20Zero-Day%20%E2%80%93%20Active%20IOCs%20-%20Rewterz&en=scroll&epn.percent_scrolled=90&_et=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-2H1K10XHV5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.rewterz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36 Response headers pragma no-cache date Wed, 21 Jun 2023 11:32:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.rewterz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT