sysdream.com Open in urlscan Pro
2606:4700:3035::6818:7f29 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
Submission: On August 11 via api (August 11th 2020, 6:47:55 pm UTC) from US

Summary HTTP 20 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3035::6818:7f29, located in United States and belongs to CLOUDFLARENET, US. The main domain is sysdream.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 1st 2020. Valid for: a year.

This is the only time sysdream.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3035::6818:7f29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
20	5

15 2606:4700:3035::6818:7f29 (United States)

ASN13335 (CLOUDFLARENET, US)

sysdream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	sysdream.com sysdream.com	1 MB
2	gstatic.com fonts.gstatic.com	18 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	doubleclick.net stats.g.doubleclick.net	99 B
1	googleapis.com fonts.googleapis.com	840 B
20	5

	Domain	Requested by
15	sysdream.com	sysdream.com
2	fonts.gstatic.com	sysdream.com
2	www.google-analytics.com	1 redirects sysdream.com
1	stats.g.doubleclick.net	sysdream.com
1	fonts.googleapis.com	sysdream.com
20	5

This site contains links to these domains. Also see Links.

Domain
github.com
www.linkedin.com
www.youtube.com
twitter.com
www.google.fr
malice.fr
www.hubone.fr

Subject Issuer	Validity	Valid
sysdream.com Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
Frame ID: 21378863BB7541ED691A37A8A610031B
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1130 kB
Transfer

1494 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://github.com/sysdream
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sysdream
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/SysdreamLab
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/sysdream
Title:

Search URL Search Domain Scan URL

URL: https://github.com/jeedom/core/commit/fafe84cb9bbd491a931748e7b4fe7d2851877a33
Title: https://github.com/jeedom/core/commit/fafe84cb9bbd491a931748e7b4fe7d2851877a33

Search URL Search Domain Scan URL

URL: https://github.com/jeedom/core
Title: https://github.com/jeedom/core

Search URL Search Domain Scan URL

URL: https://www.google.fr/maps/place/14+Place+Marie-Jeanne+Bassot,+92300+Levallois-Perret/@48.8977402,2.2840176,17z/data=!3m1!4b1!4m2!3m1!1s0x47e66f802c1b477d:0x3a8e90296cd362a6
Title: 14 place Marie-Jeanne Bassot 92300 Levallois-Perret France

Search URL Search Domain Scan URL

URL: https://malice.fr/
Title: Plateforme de Cyber-entrainement

Search URL Search Domain Scan URL

URL: https://www.hubone.fr/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2085804414&t=pageview&_s=1&dl=https%3A%2F%2Fsysdream.com%2Fnews%2Flab%2F2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution%2F&ul=en-us&de=UTF-8&dt=Sysdream%2C%20%5BCVE-2020-9036%5D%20Jeedom%20XSS%20leading%20to%20Remote%20Code%20Execution&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1127122029&gjid=2055125385&cid=1145235057.1597171656&tid=UA-234945-1&_gid=126617951.1597171656&_r=1&z=835399980 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-234945-1&cid=1145235057.1597171656&jid=1127122029&_gid=126617951.1597171656&gjid=2055125385&_v=j83&z=835399980

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/ 27 KB
7 KB 308ms
257ms Document
text/html 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d8cca8b404b02cf910b52aace49b7fb5921708c408d818cdad9433cbfded7e1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

:method: GET
:authority: sysdream.com
:scheme: https
:path: /news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 11 Aug 2020 18:47:35 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d6b5445da05f61ff0274001307dbac0f81597171655; expires=Thu, 10-Sep-20 18:47:35 GMT; path=/; domain=.sysdream.com; HttpOnly; SameSite=Lax hl=fr; expires=Wed, 11-Aug-2021 18:47:35 GMT; Max-Age=31536000; path=/
vary: Accept-Encoding
cache-control: no-cache, private
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
strict-transport-security: max-age=31536000
x-frame-options: DENY
cf-cache-status: DYNAMIC
cf-request-id: 0480727bb6000064a357b57200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5c14203f8f7d64a3-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 7 KB
840 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,300

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 11 Aug 2020 18:17:32 GMT
server: ESF
date: Tue, 11 Aug 2020 18:47:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Aug 2020 18:47:35 GMT

GET
H2 200 app.css
sysdream.com/assets/styles/ 203 KB
34 KB 88ms
87ms Stylesheet
text/css 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sysdream.com/assets/styles/app.css

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1249a1157e4fab721d9bb62329b4c8064e7d0695219188dee3fecb1cee6d3302

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
cf-request-id: 0480727cbd000064a357b64200000001
last-modified: Fri, 22 May 2020 09:29:01 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5ec79b5d-32ab9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
cf-ray: 5c142041287c64a3-FRA

GET
H2 200 vendors.js Show response
sysdream.com/assets/script/ 207 KB
61 KB 121ms
120ms Script
application/javascript 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sysdream.com/assets/script/vendors.js

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cebfc0c9750bef5aaaa4b38d60cb23ed36820944f28daa667b67da697c9b497

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
status: 200
cf-request-id: 0480727cbd000064a357b65200000001
last-modified: Fri, 22 May 2020 09:28:55 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5ec79b57-33ae1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
cf-ray: 5c142041287e64a3-FRA

GET
H2 200 app.js Show response
sysdream.com/assets/script/ 208 B
245 B 85ms
85ms Script
application/javascript 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sysdream.com/assets/script/app.js

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2819de9c9213c16ca20f67b6a236a7ff1a87c570fcb3c0cc5e30d3d9d2d8835f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
cf-request-id: 0480727d24000064a357b67200000001
last-modified: Fri, 22 May 2020 09:28:42 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5ec79b4a-d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
cf-ray: 5c142041d8e164a3-FRA

GET
H2 200 sysdream.webp
sysdream.com/assets/images/logo/ 9 KB
9 KB 71ms
70ms Image
image/webp 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/assets/images/logo/sysdream.webp

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fc84c2a8fde4e2c0fd59dbf0863250f3ed8eb3f18b874c9123371ae2534367c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 9532
cf-request-id: 0480727d3e000064a357b69200000001
last-modified: Fri, 22 May 2020 09:29:02 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b5e-253c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142041f90164a3-FRA

GET
H2 200 90be2c85dcc1bae9c7712644e661523b1c60a9db.png
sysdream.com/uploads/media/default/0001/01/ 8 KB
9 KB 84ms
83ms Image
image/png 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/uploads/media/default/0001/01/90be2c85dcc1bae9c7712644e661523b1c60a9db.png

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f65fb0274c330fdeb1f7935243afdda1a2c9878456ac9b6c8753ec9f786f8ab4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
status: 200
content-length: 8677
cf-request-id: 0480727d59000064a357b6a200000001
last-modified: Wed, 05 Aug 2020 13:31:12 GMT
server: cloudflare
x-frame-options: DENY
etag: "5f2ab4a0-21e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042293064a3-FRA

GET
H2 200 099231d1f9479617be3d12751a5af98384e7b691.png
sysdream.com/uploads/media/default/0001/01/ 88 KB
88 KB 98ms
98ms Image
image/png 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/uploads/media/default/0001/01/099231d1f9479617be3d12751a5af98384e7b691.png

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38fe5ffb228b2c0299c1129eb846e39b40fc42d889936b692d05960cc7531214

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
status: 200
content-length: 89752
cf-request-id: 0480727d59000064a357b6b200000001
last-modified: Wed, 05 Aug 2020 13:37:41 GMT
server: cloudflare
x-frame-options: DENY
etag: "5f2ab625-15e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042293464a3-FRA

GET
H2 200 map.png
sysdream.com/assets/images/map/ 652 KB
653 KB 99ms
98ms Image
image/png 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/assets/images/map/map.png

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29b32810b98e17f51924e7c1567cd1a330bd378f5708a7902f60c65fad75c272

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: MISS
status: 200
content-length: 667492
cf-request-id: 0480727d59000064a357b6c200000001
last-modified: Fri, 22 May 2020 09:29:22 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b72-a2f64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042293764a3-FRA

GET
H2 200 hubone.png
sysdream.com/assets/images/logo/ 12 KB
12 KB 77ms
76ms Image
image/png 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/assets/images/logo/hubone.png

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aceb2b0bdb363a6e632392da95d4b41f45f2a83ae62066f0cdf4e31e7d9acad3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 11951
cf-request-id: 0480727d59000064a357b6d200000001
last-modified: Fri, 22 May 2020 09:29:01 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b5d-2eaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042293864a3-FRA

GET
H2 200 email-decode.min.js Show response
sysdream.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 12ms
12ms Script
application/javascript 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sysdream.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:35 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Wed, 05 Aug 2020 10:00:12 GMT
server: cloudflare
etag: W/"5f2a832c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
cf-ray: 5c142041b8db64a3-FRA
cf-request-id: 0480727d16000064a357b66200000001
expires: Thu, 13 Aug 2020 18:47:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 835
date: Tue, 11 Aug 2020 18:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Tue, 11 Aug 2020 20:33:41 GMT

GET
H2 200 aboutus-1.jpg
sysdream.com/assets/images/bandeaux/ 119 KB
120 KB 87ms
86ms Image
image/jpeg 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/assets/images/bandeaux/aboutus-1.jpg

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68ca53696bc4ee5e744367ee8b80367b796eeff0ab855af1349a23227a6a3f5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 122358
cf-request-id: 0480727d66000064a357b6e200000001
last-modified: Fri, 22 May 2020 09:29:01 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b5d-1ddf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/jpeg
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042394664a3-FRA

GET
H2 200 blog_date_box.png
sysdream.com/assets/images/theme/ 424 B
548 B 74ms
73ms Image
image/png 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/assets/images/theme/blog_date_box.png

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8beff8281f0548ec511b05072ed4ab3c1eda77f52396d13c9fafcd1b0863867

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/assets/styles/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 424
cf-request-id: 0480727d66000064a357b6f200000001
last-modified: Fri, 22 May 2020 09:29:05 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b61-1a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042394964a3-FRA

GET
H2 200 widget_arrow_right.png
sysdream.com/assets/images/theme/ 108 B
208 B 89ms
89ms Image
image/png 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sysdream.com/assets/images/theme/widget_arrow_right.png

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74de4921fe6abaedd8c045125cf7de796bb1b70ddb08092c3a53cc008d3893a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

Referer: https://sysdream.com/assets/styles/app.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 108
cf-request-id: 0480727d66000064a357b70200000001
last-modified: Fri, 22 May 2020 09:29:05 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b61-6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042394a64a3-FRA

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700,300
Origin: https://sysdream.com

Response headers

date: Fri, 07 Aug 2020 05:25:45 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 393711
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Sat, 07 Aug 2021 05:25:45 GMT

GET
H2 200 fontawesome-webfont.woff2
sysdream.com/assets/fonts/ 75 KB
76 KB 81ms
81ms Font
font/woff2 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sysdream.com/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sysdream.com/assets/styles/app.css
Origin: https://sysdream.com

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 77160
cf-request-id: 0480727d66000064a357b71200000001
last-modified: Fri, 22 May 2020 09:29:01 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b5d-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042394b64a3-FRA

GET
H2 200 googlemap.woff2
sysdream.com/assets/styles/fonts/ 22 KB
22 KB 87ms
87ms Font
font/woff2 2606:4700:3035::6818:7f29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sysdream.com/assets/styles/fonts/googlemap.woff2

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6818:7f29 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa4b714562cf3e6f6163de546d5627e1ad843c2aac98aab8d0568629201595af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sysdream.com/assets/styles/app.css
Origin: https://sysdream.com

Response headers

date: Tue, 11 Aug 2020 18:47:36 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
status: 200
content-length: 22628
cf-request-id: 0480727d66000064a357b72200000001
last-modified: Fri, 22 May 2020 09:28:42 GMT
server: cloudflare
x-frame-options: DENY
etag: "5ec79b4a-5864"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
content-type: font/woff2
cache-control: max-age=14400
content-security-policy: default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com *.sysdream.com *.googleapis.com *.gstatic.com *.google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
accept-ranges: bytes
cf-ray: 5c142042394c64a3-FRA

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:400,700,300
Origin: https://sysdream.com

Response headers

date: Tue, 21 Jul 2020 14:16:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1830644
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 21 Jul 2021 14:16:52 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2085804414&t=pageview&_s=1&dl=https%3A%2F%2Fsysdream.com%2Fnews%2Flab%2F2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-234945-1&cid=1145235057.1597171656&jid=1127122029&_gid=126617951.1597171656&gjid=2055125385&_v=j83&z=835399980

35 B
99 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-234945-1&cid=1145235057.1597171656&jid=1127122029&_gid=126617951.1597171656&gjid=2055125385&_v=j83&z=835399980

Requested by

Host: sysdream.com
URL: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 11 Aug 2020 18:47:36 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Aug 2020 18:47:36 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-234945-1&cid=1145235057.1597171656&jid=1127122029&_gid=126617951.1597171656&gjid=2055125385&_v=j83&z=835399980
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 416
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sysdream.com/	1970-01-19 11:39:31	Name: _gat Value: 1
.sysdream.com/	1970-01-20 05:10:43	Name: _ga Value: GA1.2.1145235057.1597171656
sysdream.com/	1970-01-19 20:25:07	Name: hl Value: fr
.sysdream.com/	1970-01-19 12:22:43	Name: __cfduid Value: d6b5445da05f61ff0274001307dbac0f81597171655
.sysdream.com/	1970-01-19 11:40:58	Name: _gid Value: GA1.2.126617951.1597171656
sysdream.com/news/lab/2020-08-05-cve-2020-9036-jeedom-xss-leading-to-remote-code-execution	1969-12-31 23:59:59	Name: covid-popup Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' fonts.gstatic.com www.google.com www.youtube.com; upgrade-insecure-requests ; script-src 'self' 'unsafe-inline' sysdream.com .sysdream.com .googleapis.com .gstatic.com .google.com www.google-analytics.com; img-src 'self' 'unsafe-inline' www.google-analytics.com stats.g.doubleclick.net *.tile.openstreetmap.org; style-src 'self' 'unsafe-inline' fonts.googleapis.com
Strict-Transport-Security	max-age=31536000
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
stats.g.doubleclick.net
sysdream.com
www.google-analytics.com
2606:4700:3035::6818:7f29
2a00:1450:4001:814::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2003
2a00:1450:400c:c00::9c
0d8cca8b404b02cf910b52aace49b7fb5921708c408d818cdad9433cbfded7e1
1249a1157e4fab721d9bb62329b4c8064e7d0695219188dee3fecb1cee6d3302
1cebfc0c9750bef5aaaa4b38d60cb23ed36820944f28daa667b67da697c9b497
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2819de9c9213c16ca20f67b6a236a7ff1a87c570fcb3c0cc5e30d3d9d2d8835f
29b32810b98e17f51924e7c1567cd1a330bd378f5708a7902f60c65fad75c272
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
38fe5ffb228b2c0299c1129eb846e39b40fc42d889936b692d05960cc7531214
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6b1f5548a7fc890aa44b896f957ca567c10fdb011ca4e2cb42750f50f2d41e6f
74de4921fe6abaedd8c045125cf7de796bb1b70ddb08092c3a53cc008d3893a0
7fc84c2a8fde4e2c0fd59dbf0863250f3ed8eb3f18b874c9123371ae2534367c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
aa4b714562cf3e6f6163de546d5627e1ad843c2aac98aab8d0568629201595af
aceb2b0bdb363a6e632392da95d4b41f45f2a83ae62066f0cdf4e31e7d9acad3
b8beff8281f0548ec511b05072ed4ab3c1eda77f52396d13c9fafcd1b0863867
c68ca53696bc4ee5e744367ee8b80367b796eeff0ab855af1349a23227a6a3f5
f65fb0274c330fdeb1f7935243afdda1a2c9878456ac9b6c8753ec9f786f8ab4
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

sysdream.com Open in urlscan Pro 2606:4700:3035::6818:7f29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

5 IPs

3 Countries

1130 kBTransfer

1494 kBSize

6 Cookies

9 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

6 Cookies

Security Headers

Indicators

sysdream.com Open in urlscan Pro
2606:4700:3035::6818:7f29 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

1130 kB
Transfer

1494 kB
Size

6
Cookies

20 HTTP transactions
0 data transactions