Submitted URL: https://blog.ret2.io/feed.xml|Ret2
Effective URL: https://blog.ret2.io/feed.xml%7CRet2
Submission: On September 11 via api from US

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 34 HTTP transactions.
The main IP is 54.156.166.146, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is blog.ret2.io.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 11th 2019. Valid for: 3 months.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
27 54.156.166.146 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 8
Domain
Subdomains
Transfer
27 ret2.io
45 MB
2 twitter.com
28 KB
2 google-analytics.com
18 KB
1 doubleclick.net
102 B
1 gstatic.com
9 KB
1 googletagmanager.com
26 KB
1 fonts.googleapis.com
701 B
34 7
Domain Requested by
27 blog.ret2.io blog.ret2.io
2 platform.twitter.com blog.ret2.io
platform.twitter.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 stats.g.doubleclick.net blog.ret2.io
1 fonts.gstatic.com blog.ret2.io
1 www.googletagmanager.com blog.ret2.io
1 fonts.googleapis.com blog.ret2.io
34 7
Subject / Issuer Validity Valid
blog.ret2.io
Let's Encrypt Authority X3
2019-08-11 -
2019-11-09
3 months
*.googleapis.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.google-analytics.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2018-11-19 -
2019-11-27
a year
*.google.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.g.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Web
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i
  • script /lightbox.*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

34 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
feed.xml%7CRet2
46 KB
13 KB
Document
General
Full URL
https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7c501fc40e06c447083a1f10359b1904d6ab50084a285264b31bde336ad3adc2

Request headers

Host
blog.ret2.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Server
nginx/1.10.3 (Ubuntu)
Date
Wed, 11 Sep 2019 14:42:40 GMT
Content-Type
text/html
Last-Modified
Fri, 06 Sep 2019 16:05:39 GMT
Transfer-Encoding
chunked
Connection
keep-alive
ETag
W/"5d7283d3-b905"
Content-Encoding
gzip
lightbox.min.css
/assets/css
3 KB
3 KB
Stylesheet
General
Full URL
https://blog.ret2.io/assets/css/lightbox.min.css
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
6ae3e827093ff912ba2929226fdd8392ad58e6112466f2adbd2c2e72cd794a48

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Last-Modified
Wed, 16 May 2018 16:20:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5afc5a3e-a30"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2608
main.css
/assets
10 KB
10 KB
Stylesheet
General
Full URL
https://blog.ret2.io/assets/main.css
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
95817028a98df538c5206245f6e2e0188ee72cc1cbe639cef2f70c6963827405

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Last-Modified
Fri, 06 Sep 2019 16:05:39 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5d7283d3-27c4"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10180
css?family=Open+Sans:300,400,600
fonts.googleapis.com
7 KB
701 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
dc561ac6b3c8c67d72212cba7eceb903a7a4b3a2e7a18b62b1841de9f73d6fee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Wed, 11 Sep 2019 14:42:40 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Wed, 11 Sep 2019 14:42:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Wed, 11 Sep 2019 14:42:40 GMT
Adblocked js?id=UA-106594012-2
www.googletagmanager.com/gtag
68 KB
26 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-106594012-2
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ccfd1441b90e544bc8162b7fcdff5f86993d57ff7dd774e72c6bd5bb08600127
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:42:40 GMT
content-encoding
br
last-modified
Wed, 11 Sep 2019 12:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
26610
x-xss-protection
0
expires
Wed, 11 Sep 2019 14:42:40 GMT
lightbox-plus-jquery.min.js
/assets/js
95 KB
95 KB
Script
General
Full URL
https://blog.ret2.io/assets/js/lightbox-plus-jquery.min.js
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
81baac0700556746cd054638239ad3eb246131b07dae8383a2fd1cf2a13888d1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Last-Modified
Wed, 16 May 2018 16:20:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5afc5a3e-17a32"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96818
anchor.min.js
/assets/js
5 KB
6 KB
Script
General
Full URL
https://blog.ret2.io/assets/js/anchor.min.js
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
95969184aae2df9032252ca95d7b38a3a38f1536d3994a25b416c309b7737a08

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Last-Modified
Wed, 13 Jun 2018 15:11:38 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b21342a-150d"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5389
logo-full.svg
/assets/img
8 KB
8 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/logo-full.svg
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2745615d507be9977498bb10d8bb93afc32e6135725fb2a5124f617d3c60342d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Last-Modified
Wed, 20 Sep 2017 04:30:45 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"59c1eef5-1e41"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7745
tsx_exploit_overview.png
/assets/img
80 KB
80 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/tsx_exploit_overview.png
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0a531a79d4dc36b3e20d15a3e96b1f90d03736a1f9c54087bb2c42742b4a8f40

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Last-Modified
Wed, 26 Jun 2019 16:14:29 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5d1399e5-140c1"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
82113
lighthouse_commit_visualization.gif
/assets/img
9 MB
9 MB
Image
General
Full URL
https://blog.ret2.io/assets/img/lighthouse_commit_visualization.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
64f18482e750e22f9f9aca9e2fd0cc4c965421791c43aa8e1056d1830d0290d5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Last-Modified
Wed, 10 Oct 2018 15:24:30 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5bbe19ae-97f5e6"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9958886
wargames_title_card.gif
/assets/img
3 MB
3 MB
Image
General
Full URL
https://blog.ret2.io/assets/img/wargames_title_card.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
33987be92709945cfffcc3f4f74d6d39f6f96fad7f8c195026cb79a271759b1e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Tue, 11 Sep 2018 15:47:48 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b97e3a4-2931a3"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2699683
p2o_sandbox_escape_demo.gif
/assets/img
401 KB
401 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/p2o_sandbox_escape_demo.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
62116924512cf08558fbe23cc9b8f03d2514ba2f940ff2a60c5fe90da3c5b4d7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Tue, 28 Aug 2018 15:47:33 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b856e95-6439d"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
410525
p2o_frida_mac_fuzzing.gif
/assets/img
28 MB
28 MB
Image
General
Full URL
https://blog.ret2.io/assets/img/p2o_frida_mac_fuzzing.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
abc245f52947175d44deddbf3a885f38f0aec88605d3efcf4f955354d786b47e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 25 Jul 2018 16:38:27 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b58a783-1b84c79"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28855417
p2o_jsc_arb_code.gif
/assets/img
468 KB
469 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/p2o_jsc_arb_code.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
b3349558e1bb2939591ae6f238c426bf80d8f03b252b840fb3d33ca317055663

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 11 Jul 2018 17:01:34 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b4637ee-75137"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
479543
p2o_rr_replay_rebirth.gif
/assets/img
13 KB
14 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/p2o_rr_replay_rebirth.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
67902dbaeaf6095d53c02ab43ffa243637058dc044f9265f4b0b97c9142e5781

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 13 Jun 2018 15:11:38 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b21342a-351e"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13598
p2o_testcase.png
/assets/img
160 KB
160 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/p2o_testcase.png
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5af17c89fbae089457c3056d74a31b1228891af3b7768b565d7a169454d39944

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 13 Jun 2018 15:11:38 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b21342a-27fca"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
163786
p2o_laptop.jpg
/assets/img
297 KB
298 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/p2o_laptop.jpg
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fdfb272d3c7ca53802682b0a19e69dc84361fd00bb43b1d33098011d245e3164

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Tue, 05 Jun 2018 15:17:00 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b16a96c-4a55c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
304476
ethrays_comments.gif
/assets/img
947 KB
948 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/ethrays_comments.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
2e9dd46eadba10e0c52b79cd5d41b6581c83271c8cab64a31dc0989dd2a5df5f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 16 May 2018 16:20:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5afc5a3e-ecda8"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
970152
lighthouse_prefix_functions.gif
/assets/img
204 KB
205 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/lighthouse_prefix_functions.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
347059835567374a659bf97b162f2ac2ea2879d51f86da8a252c72c3a15d8e05

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Thu, 07 Dec 2017 15:31:30 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5a295ed2-33139"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
209209
hexrays_decompiler_demo.gif
/assets/img
43 KB
44 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/hexrays_decompiler_demo.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
06a71ae02f14fb3ad6816b63c6beb11867b1a0238ad3ef60790dd6253a7820e3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Thu, 16 Nov 2017 15:18:56 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5a0dac60-ad1b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
44315
ripr_demo.gif
/assets/img
849 KB
850 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/ripr_demo.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
654ac8d3fbcce6d7521f486f8a389916b3dbc917da6b34b10e53b4e5cafe9984

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Tue, 05 Jun 2018 15:17:00 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5b16a96c-d45f2"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
869874
flare_subleq.gif
/assets/img
1010 KB
1010 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/flare_subleq.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
216e1abd298f47e1af9967dda30219fec911193438f6cc20f3ec556b1b0d085e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Tue, 17 Oct 2017 14:39:52 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"59e61638-fc62a"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1033770
lighthouse_v0.6.png
/assets/img
107 KB
107 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/lighthouse_v0.6.png
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
9c49be15cecdd518ffd251126c42fe5c701c8524f1c8d1b41257c0059d951a98

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Mon, 02 Oct 2017 14:02:43 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"59d24703-1aa87"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109191
posix_flag.gif
/assets/img
106 KB
106 KB
Image
General
Full URL
https://blog.ret2.io/assets/img/posix_flag.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
74ccd7f73051a13c59553c4b3342940312685e329714abd96218325100cf377e

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 20 Sep 2017 04:30:45 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"59c1eef5-1a6ca"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108234
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-106594012-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
7147
date
Wed, 11 Sep 2019 12:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 11 Sep 2019 14:43:33 GMT
widgets.js
platform.twitter.com
94 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A7) /
Resource Hash
01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Sep 2019 22:21:05 GMT
Server
ECS (fcn/41A7)
Etag
"e1e1dc1ca60d338ed4a19d4b34207784+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
28436
data:truncated
data:truncated
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
data:truncated
data:truncated
715 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
data:truncated
data:truncated
178 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
299 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3d5b21692435e785aa0e698356735093bb93f6c2f61410c49761ee2448f7289

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
243 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
381 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600
Origin
https://blog.ret2.io
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:49 GMT
server
sffe
age
666076
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
9132
x-xss-protection
0
expires
Wed, 02 Sep 2020 21:41:24 GMT
sia_poc.mp4
/assets/img
462 KB
462 KB
Media
General
Full URL
https://blog.ret2.io/assets/img/sia_poc.mp4
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
fc54dcea59811fe736f177ff0cd31dbbc5cb97fa721183f52b0aebf38b2df9b5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/feed.xml%7CRet2
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Range
bytes=0-

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 28 Aug 2019 17:05:18 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5d66b44e-73606"
Content-Type
video/mp4
Content-Range
bytes 0-472581/472582
Connection
keep-alive
Content-Length
472582
data:truncated
data:truncated
547 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
516 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
prev.png
/assets/images
1 KB
2 KB
Image
General
Full URL
https://blog.ret2.io/assets/images/prev.png
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/assets/js/lightbox-plus-jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/assets/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 16 May 2018 16:20:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5afc5a3e-550"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1360
next.png
/assets/images
1 KB
2 KB
Image
General
Full URL
https://blog.ret2.io/assets/images/next.png
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/assets/js/lightbox-plus-jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/assets/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 16 May 2018 16:20:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5afc5a3e-546"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1350
Verified loading.gif
/assets/images
8 KB
9 KB
Image
General
Full URL
https://blog.ret2.io/assets/images/loading.gif
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/assets/js/lightbox-plus-jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
Verified resource
lightbox2/2.8.2/images/loading.gif at cdnjs.com, project lightbox2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/assets/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 16 May 2018 16:20:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5afc5a3e-211c"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8476
close.png
/assets/images
280 B
527 B
Image
General
Full URL
https://blog.ret2.io/assets/images/close.png
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/assets/js/lightbox-plus-jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.166.146 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-156-166-146.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://blog.ret2.io/assets/css/lightbox.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 14:42:41 GMT
Last-Modified
Wed, 16 May 2018 16:20:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
"5afc5a3e-118"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
280
data:truncated
data:truncated
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/gif
Adblocked collect?v=1&aip=1&t=dc&_r=3&tid=UA-106594012-2&cid=2110480575.1568212961&jid=341575447&_gid=1465327767.1568212961&gjid=1921271871&_v=j79&z=308286796
stats.g.doubleclick.net/r
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1187106008&t=pageview&_s=1&dl=https%3A%2F%2Fblog.ret2.io%2Ffeed.xml%257CRet2&ul=en-us&de=UTF-8&dt=RET2%20Systems%20Blog&sd=24-bit&sr=1600x120...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106594012-2&cid=2110480575.1568212961&jid=341575447&_gid=1465327767.1568212961&gjid=1921271871&_v=j79&z=308286796
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106594012-2&cid=2110480575.1568212961&jid=341575447&_gid=1465327767.1568212961&gjid=1921271871&_v=j79&z=308286796
Requested by
Host: blog.ret2.io
URL: https://blog.ret2.io/feed.xml%7CRet2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.ret2.io/feed.xml%7CRet2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 11 Sep 2019 14:42:41 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Sep 2019 14:42:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106594012-2&cid=2110480575.1568212961&jid=341575447&_gid=1465327767.1568212961&gjid=1921271871&_v=j79&z=308286796
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=https%3A%2F%2Fblog.ret2.io
platform.twitter.com/widgets
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.d9084ca5af1ffbe01c8d444cfadfa6fe.html?origin=https%3A%2F%2Fblog.ret2.io
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DE) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://blog.ret2.io/feed.xml%7CRet2
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://blog.ret2.io/feed.xml%7CRet2

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 11 Sep 2019 14:42:41 GMT
Etag
"7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified
Mon, 09 Sep 2019 22:11:15 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40DE)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5816
data:truncated
data:truncated
196 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 42
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1187106008&t=pageview&_s=1&dl=https%3A%2F%2Fblog.ret2.io%2Ffeed.xml%257CRet2&ul=en-us&de=UTF-8&dt=RET2%20Systems%20Blog&sd=24-bit&sr=1600x120...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106594012-2&cid=2110480575.1568212961&jid=341575447&_gid=1465327767.1568212961&gjid=1921271871&_v=j79&z=308286796

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| dataLayer function| gtag string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| lightbox function| AnchorJS object| anchors object| twttr object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| __twttrll object| __twttr

0 Cookies

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

blog.ret2.io
fonts.googleapis.com
fonts.gstatic.com
platform.twitter.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com


2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81a::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9a
54.156.166.146

01d6aaec4ff29f98c9a96f9ecdeffa2168e4f8e3e4e2ca8ee9aa73e858f38323
06a71ae02f14fb3ad6816b63c6beb11867b1a0238ad3ef60790dd6253a7820e3
0a531a79d4dc36b3e20d15a3e96b1f90d03736a1f9c54087bb2c42742b4a8f40
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
216e1abd298f47e1af9967dda30219fec911193438f6cc20f3ec556b1b0d085e
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
2745615d507be9977498bb10d8bb93afc32e6135725fb2a5124f617d3c60342d
2e9dd46eadba10e0c52b79cd5d41b6581c83271c8cab64a31dc0989dd2a5df5f
33987be92709945cfffcc3f4f74d6d39f6f96fad7f8c195026cb79a271759b1e
347059835567374a659bf97b162f2ac2ea2879d51f86da8a252c72c3a15d8e05
3ee0806e69f2ae70a2267a58ac5fc5d52b5aa7aca6f3c0c08adad605fd8fbc16
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5af17c89fbae089457c3056d74a31b1228891af3b7768b565d7a169454d39944
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
62116924512cf08558fbe23cc9b8f03d2514ba2f940ff2a60c5fe90da3c5b4d7
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
63271dcce1a2518271ecc2b0bdcc5afc9c5f0968a8635e0f97a4c9747309eb82
634123ee29b1f3ea68a9dd4b8f7e38808766984516bb97202ef7186784ba995e
64f18482e750e22f9f9aca9e2fd0cc4c965421791c43aa8e1056d1830d0290d5
654ac8d3fbcce6d7521f486f8a389916b3dbc917da6b34b10e53b4e5cafe9984
67902dbaeaf6095d53c02ab43ffa243637058dc044f9265f4b0b97c9142e5781
6ae3e827093ff912ba2929226fdd8392ad58e6112466f2adbd2c2e72cd794a48
74ccd7f73051a13c59553c4b3342940312685e329714abd96218325100cf377e
7c501fc40e06c447083a1f10359b1904d6ab50084a285264b31bde336ad3adc2
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
81baac0700556746cd054638239ad3eb246131b07dae8383a2fd1cf2a13888d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95817028a98df538c5206245f6e2e0188ee72cc1cbe639cef2f70c6963827405
95969184aae2df9032252ca95d7b38a3a38f1536d3994a25b416c309b7737a08
9c49be15cecdd518ffd251126c42fe5c701c8524f1c8d1b41257c0059d951a98
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d2d8043c302d3a9da9277374a53e2285c471d5dc8397885b4931b82771d5cae
a3d5b21692435e785aa0e698356735093bb93f6c2f61410c49761ee2448f7289
abc245f52947175d44deddbf3a885f38f0aec88605d3efcf4f955354d786b47e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3349558e1bb2939591ae6f238c426bf80d8f03b252b840fb3d33ca317055663
ccfd1441b90e544bc8162b7fcdff5f86993d57ff7dd774e72c6bd5bb08600127
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dc561ac6b3c8c67d72212cba7eceb903a7a4b3a2e7a18b62b1841de9f73d6fee
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
fc54dcea59811fe736f177ff0cd31dbbc5cb97fa721183f52b0aebf38b2df9b5
fd882c134a0d98ed3b6a87eb94b3e4e4b3c7787ee153518f9f75482e9ff10094
fdfb272d3c7ca53802682b0a19e69dc84361fd00bb43b1d33098011d245e3164