urlscan.io logo urlscan.io
SecurityTrails logo

dirteam.com Open in urlscan Pro
2a01:111:f100:9001::1761:90a2  Public Scan

Go To Rescan Add Verdict Report
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical...
Submission: On February 11 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 6 domains to perform 33 HTTP transactions. The main IP is 2a01:111:f100:9001::1761:90a2, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is dirteam.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on March 17th 2020. Valid for: a year.
This is the only time dirteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2a01:111:f100... 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.134 15169 (GOOGLE)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
3 104.75.88.112 16625 (AKAMAI-AS)
1 184.30.25.161 16625 (AKAMAI-AS)
33 7
25    2a01:111:f100:9001::1761:90a2 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dirteam.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
3    104.75.88.112 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com
s7.addthis.com
m.addthis.com
1    184.30.25.161 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-161.deploy.static.akamaitechnologies.com
z.moatads.com
Domain Requested by
25 dirteam.com dirteam.com
2 s7.addthis.com dirteam.com
s7.addthis.com
1 m.addthis.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 secure.gravatar.com dirteam.com
1 ad.doubleclick.net dirteam.com
1 ajax.googleapis.com dirteam.com
33 7
Subject Issuer Validity Valid
*.dirteam.com
GeoTrust RSA CA 2018		 2020-03-17 -
2021-03-18		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.gravatar.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-11-16		 2 years crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2021-04-07		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2021-03-17		 a year crt.sh

This page contains 4 frames:

Primary Page: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Frame ID: 3192A4A520E298BDAA860D6ACF9EE849
Requests: 30 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
Frame ID: 7358FFCA7C73D88369E7711CA821F347
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 9ACFC7158193C408BC7707F7CF43E114
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: AA7159EF45224A9247C7D182625264E1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

33
Requests

97 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

7
IPs

4
Countries

608 kB
Transfer

1043 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/ 		53 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1b3dbd72ab18025cdcf9bfdf6353bcc1f2de38ff1b71874a0f9559fb651d0329
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
dirteam.com
:scheme
https
:path
/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
server
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31526000
x-powered-by
date
Thu, 11 Feb 2021 10:11:51 GMT
content-length
54117
style.css
dirteam.com/sander/wp-content/themes/metro-master/ 		639 B
733 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/style.css
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
599f748dda8bb5da8e8eaafcc0a1a8696bac9378eb76fb10e9261f8fc96b3718
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
639
etag
"05dd21b4725ce1:0"
styles.php
dirteam.com/sander/wp-content/themes/metro-master/styles/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/styles/styles.php?theme&accent=1BA1E2&ver=278010ebfbc577d3d775044f861a46bd
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8e625c4fb21656d24ab0641848d8b610e8371f32c750d879c29e98a96383874b
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
date
Thu, 11 Feb 2021 10:11:51 GMT
content-length
19917
x-xss-protection
1; mode=block
style.css
dirteam.com/sander/wp-content/plugins/gutenberg/build/block-library/ 		57 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-content/plugins/gutenberg/build/block-library/style.css?ver=1612854445
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
18e4c180ad6dbc816d3c5fec3a05bb4560abd6638dbe9761226326a523281f18
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
content-encoding
gzip
etag
"8034ee37b2fed61:0"
last-modified
Tue, 09 Feb 2021 07:07:25 GMT
server
x-frame-options
SAMEORIGIN
x-powered-by
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
8634
x-content-type-options
nosniff
orgSeriesLightTheme.css
dirteam.com/sander/wp-content/plugins/organize-series/ 		3 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-content/plugins/organize-series/orgSeriesLightTheme.css?ver=278010ebfbc577d3d775044f861a46bd
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
3e0b20e7e7ac6ed9106c0cd883f17fe5c9cda922dbc5000f5340b156c0c99e12
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
content-encoding
gzip
etag
"0591cc1cd32d11:0"
last-modified
Wed, 09 Dec 2015 22:05:46 GMT
server
x-frame-options
SAMEORIGIN
x-powered-by
vary
Accept-Encoding
content-type
text/css
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
550
x-content-type-options
nosniff
scripts.php
dirteam.com/sander/wp-content/themes/metro-master/scripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/scripts/scripts.php?ver=278010ebfbc577d3d775044f861a46bd
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5dfd0b8f9a47082eb7330e89a8428912986e19331d41fea5f925e2edd099535f
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
text/JavaScript;charset=UTF-8
date
Thu, 11 Feb 2021 10:11:51 GMT
content-length
3019
x-xss-protection
1; mode=block
prototype.js
ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/ 		177 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/prototype/1.7.1.0/prototype.js?ver=278010ebfbc577d3d775044f861a46bd
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 04:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18874
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40653
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Feb 2022 04:57:17 GMT
guest.png
dirteam.com/sander/wp-content/themes/metro-master/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/images/guest.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5e797d8a2f2657f508122acc06abf1aabb976ea387ad9f4892dacc5eea43030d
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1316
etag
"05dd21b4725ce1:0"
rss.png
dirteam.com/sander/wp-content/themes/metro-master/images/social/37x37/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/images/social/37x37/rss.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
b9d4b3696c2073149c5fa6ec8a3a88077e1251c05ff648e7257a0c51c8bcea84
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
2141
etag
"05dd21b4725ce1:0"
twitter.png
dirteam.com/sander/wp-content/themes/metro-master/images/social/37x37/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/images/social/37x37/twitter.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca7b8e6c1b64d09cfda7b6eaa8fe858d095f5339d63548a9922f20dbfde75b8a
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1962
etag
"05dd21b4725ce1:0"
linkedin.png
dirteam.com/sander/wp-content/themes/metro-master/images/social/37x37/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/images/social/37x37/linkedin.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
75740f90ad93a8f745f2c6540d391d4c1c9b8b9a6634c7a48dec016bb39b3dd2
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1969
etag
"05dd21b4725ce1:0"
WindowsServer.png
dirteam.com/sander/wp-content/uploads/sites/2/2018/11/ 		196 KB
196 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/sander/wp-content/uploads/sites/2/2018/11/WindowsServer.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4d4291467e839e4db4c86776167369146f78eb79dee5c277229343f235eacd7f
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Tue, 20 Nov 2018 18:33:28 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
200897
etag
"08c9087ff80d41:0"
search.png
dirteam.com/sander/wp-content/themes/metro-master/images/themes/light/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/sander/wp-content/themes/metro-master/images/themes/light/search.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9015fc3505b1d9a22d7b63f1cd8ace28c6f577a9f6951f4d0d698ccaaa74de50
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1397
etag
"05dd21b4725ce1:0"
mvplogo.png
dirteam.com/legacy/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/legacy/mvplogo.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8059340556d126aa21c9cb03b4235d36c8a9c1612ae826ecc5224f16063b98f9
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2016 20:22:46 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
29920
etag
"0af973dc295d11:0"
veeamvanguardlogo.png
dirteam.com/legacy/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/legacy/veeamvanguardlogo.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dc4cc963bfb78d8ed224a15de25b2692e86a4ccdc36badfa220b3bed358e77d4
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Tue, 06 Mar 2018 16:43:54 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
5880
etag
"0812a506ab5d31:0"
VMwarevExpertlogo.png
dirteam.com/legacy/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/legacy/VMwarevExpertlogo.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
02183e2bbca9d8bc351203153e732d09a5fdd8f2cc71454b7f2b55c7b4fda2ce
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Thu, 07 Mar 2019 21:09:28 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
3326
etag
"074c2c2ad5d41:0"
NiCE-Blog-Ads-300x250-2021Q1-ani.gif
dirteam.com/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/NiCE-Blog-Ads-300x250-2021Q1-ani.gif
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d625880d32a8330f0f290161ac27157ccdee3100ba15e9cbc751669bb9927985
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Thu, 14 Jan 2021 19:41:39 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/gif
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
108159
etag
"48d34147adead61:0"
comment-reply.min.js
dirteam.com/sander/wp-includes/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-includes/js/comment-reply.min.js?ver=278010ebfbc577d3d775044f861a46bd
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
content-encoding
gzip
etag
"8092e46a84fad61:0"
last-modified
Wed, 03 Feb 2021 23:29:29 GMT
server
x-frame-options
SAMEORIGIN
x-powered-by
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1349
x-content-type-options
nosniff
wp-embed.min.js
dirteam.com/sander/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-includes/js/wp-embed.min.js?ver=278010ebfbc577d3d775044f861a46bd
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 03 Feb 2021 23:29:33 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1426
etag
"aa33936d84fad61:0"
form.js
dirteam.com/sander/wp-content/plugins/akismet/_inc/ 		700 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-content/plugins/akismet/_inc/form.js?ver=4.1.8
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 13 Jan 2021 20:31:43 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
700
etag
"55f6f1bebe9d61:0"
wp-emoji-release.min.js
dirteam.com/sander/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dirteam.com/sander/wp-includes/js/wp-emoji-release.min.js?ver=278010ebfbc577d3d775044f861a46bd
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
content-encoding
gzip
etag
"80ec466d84fad61:0"
last-modified
Wed, 03 Feb 2021 23:29:33 GMT
server
x-frame-options
SAMEORIGIN
x-powered-by
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
4640
x-content-type-options
nosniff
B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/ Frame 7358 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
ad.doubleclick.net
:scheme
https
:path
/ddm/adi/N410401.2579635DIRTEAM.COM/B10754701.212169725;sz=300x250;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 11 Feb 2021 10:11:51 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
server
cafe
content-length
12945
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 10:26:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
97047ca745b7d30dea8dab6578ffc6bc
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/97047ca745b7d30dea8dab6578ffc6bc?s=40&d=mm&r=g
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
12aa6ec49ce6b56091379d65475564dc5d3ce53ac835798851ca1952dec604a7

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 11 Feb 2021 10:11:51 GMT
last-modified
Fri, 05 Feb 2016 07:55:21 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="97047ca745b7d30dea8dab6578ffc6bc.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/97047ca745b7d30dea8dab6578ffc6bc?s=40&d=mm&r=g>; rel="canonical"
content-length
1317
expires
Thu, 11 Feb 2021 10:16:51 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/wp-content/themes/metro-master/scripts/scripts.php?ver=278010ebfbc577d3d775044f861a46bd
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Thu, 11 Feb 2021 10:11:51 GMT
x-host
s7.addthis.com
content-length
116325
rss.png
dirteam.com/wp-content/themes/metro-master/images/post_options/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/wp-content/themes/metro-master/images/post_options/rss.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cc816e3bdca95ada6b53a7da5963da28ee749ad529c8ee2331bca30b69e97a72
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1593
etag
"05dd21b4725ce1:0"
facebook.png
dirteam.com/wp-content/themes/metro-master/images/post_options/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/wp-content/themes/metro-master/images/post_options/facebook.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1ed080ee2828bd0306640fac11fa0ee1f1624447d37fcabe3e7e6a11a048a59d
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1547
etag
"05dd21b4725ce1:0"
twitter.png
dirteam.com/wp-content/themes/metro-master/images/post_options/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/wp-content/themes/metro-master/images/post_options/twitter.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
66eb4a9b00faf6959b25cb1b3c03a1039a4d8962592b82adcf50f59eb3d7acaf
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1571
etag
"05dd21b4725ce1:0"
email.png
dirteam.com/wp-content/themes/metro-master/images/post_options/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/wp-content/themes/metro-master/images/post_options/email.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f12b2d1d1a2ef5500958350428c2efb55e4e81fcb0a27c280b7373ce87f32cd0
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1664
etag
"05dd21b4725ce1:0"
arrow.png
dirteam.com/wp-content/themes/metro-master/images/themes/light/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dirteam.com/wp-content/themes/metro-master/images/themes/light/arrow.png
Requested by
Host: dirteam.com
URL: https://dirteam.com/sander/wp-content/themes/metro-master/styles/styles.php?theme&accent=1BA1E2&ver=278010ebfbc577d3d775044f861a46bd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a01:111:f100:9001::1761:90a2 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4d090631f6c7f7ccbb40c31d710678feae0523714f8355ad20fddfb5db29c1a9
Security Headers
Name Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://dirteam.com/sander/wp-content/themes/metro-master/styles/styles.php?theme&accent=1BA1E2&ver=278010ebfbc577d3d775044f861a46bd
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31526000
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2013 08:44:18 GMT
server
x-powered-by
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
date
Thu, 11 Feb 2021 10:11:51 GMT
accept-ranges
bytes
content-length
1275
etag
"05dd21b4725ce1:0"
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.25.161 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-25-161.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 10:11:51 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
2826BFFDB82F2FB4
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=63838
accept-ranges
bytes
content-length
948
x-amz-id-2
IybdIbM8HZHFGeFfQHkL1xn6LjBypc4s9MoqJ602WDvJWcnRpeCMZ+8c+KpcPRX5ZzUeKGcBdlw=
300lo.json
m.addthis.com/live/red_lojson/ 		89 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=602502e704564a01&bkl=0&bl=1&pdt=502&sid=602502e704564a01&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=dirteam.com&fp=sander%2F2021%2F02%2F09%2Fwindows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1613038311721&jsl=2&uvs=602502e789e23f21000&skipb=1&callback=addthis.cbs.jsonp__65206570960058690
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
91922cebd141ebaad1cf69da16efb714b12e7bcaa193f0bc318a2bff430b6b69

Request headers

Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 11 Feb 2021 10:11:51 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
89
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 9ACF 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame AA71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

:method
GET
:authority
s7.addthis.com
:scheme
https
:path
/static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://dirteam.com/sander/2021/02/09/windows-dns-server-remote-code-execution-vulnerability-cve-2021-24078-critical-cvssv3-9-8-8-5/

Response headers

server
nginx/1.15.8
content-type
text/html
last-modified
Thu, 04 Jun 2020 15:49:19 GMT
etag
W/"5ed917ff-11adc"
timing-allow-origin
*
cache-control
public, max-age=86313600
p3p
CP="NON ADM OUR DEV IND COM STA"
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
content-length
26421
date
Thu, 11 Feb 2021 10:11:51 GMT
vary
Accept-Encoding
x-host
s7.addthis.com

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings function| addOnLoad function| clearMetroField object| addthis_config object| Prototype object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Abstract object| Try object| Ajax object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| $ function| $$ function| Sizzle function| Selector object| seriesdropdown undefined| onSeriesChange object| addComment object| wp object| ak_js object| commentForm object| replyRowContainer undefined| children object| twemoji function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share boolean| __@@##MUH object| oattr

1 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31526000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
dirteam.com
m.addthis.com
s7.addthis.com
secure.gravatar.com
z.moatads.com
s7.addthis.com
104.75.88.112
142.250.186.134
184.30.25.161
2a00:1450:4001:828::200a
2a01:111:f100:9001::1761:90a2
2a04:fa87:fffe::c000:4902
02183e2bbca9d8bc351203153e732d09a5fdd8f2cc71454b7f2b55c7b4fda2ce
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
12aa6ec49ce6b56091379d65475564dc5d3ce53ac835798851ca1952dec604a7
18e4c180ad6dbc816d3c5fec3a05bb4560abd6638dbe9761226326a523281f18
1b3dbd72ab18025cdcf9bfdf6353bcc1f2de38ff1b71874a0f9559fb651d0329
1ed080ee2828bd0306640fac11fa0ee1f1624447d37fcabe3e7e6a11a048a59d
3e0b20e7e7ac6ed9106c0cd883f17fe5c9cda922dbc5000f5340b156c0c99e12
48a4fd51466ac55d081ff932371021b328f118f74ee6ba93c0ec8fd163e34a30
4d090631f6c7f7ccbb40c31d710678feae0523714f8355ad20fddfb5db29c1a9
4d4291467e839e4db4c86776167369146f78eb79dee5c277229343f235eacd7f
599f748dda8bb5da8e8eaafcc0a1a8696bac9378eb76fb10e9261f8fc96b3718
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dfd0b8f9a47082eb7330e89a8428912986e19331d41fea5f925e2edd099535f
5e797d8a2f2657f508122acc06abf1aabb976ea387ad9f4892dacc5eea43030d
66eb4a9b00faf6959b25cb1b3c03a1039a4d8962592b82adcf50f59eb3d7acaf
75740f90ad93a8f745f2c6540d391d4c1c9b8b9a6634c7a48dec016bb39b3dd2
8059340556d126aa21c9cb03b4235d36c8a9c1612ae826ecc5224f16063b98f9
8e625c4fb21656d24ab0641848d8b610e8371f32c750d879c29e98a96383874b
9015fc3505b1d9a22d7b63f1cd8ace28c6f577a9f6951f4d0d698ccaaa74de50
91922cebd141ebaad1cf69da16efb714b12e7bcaa193f0bc318a2bff430b6b69
ab21fef3ac4ee12ebb305942f85de99b290b8a24654c69060e54673d5f3a11f2
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b9d4b3696c2073149c5fa6ec8a3a88077e1251c05ff648e7257a0c51c8bcea84
ca7b8e6c1b64d09cfda7b6eaa8fe858d095f5339d63548a9922f20dbfde75b8a
cc816e3bdca95ada6b53a7da5963da28ee749ad529c8ee2331bca30b69e97a72
d625880d32a8330f0f290161ac27157ccdee3100ba15e9cbc751669bb9927985
dc4cc963bfb78d8ed224a15de25b2692e86a4ccdc36badfa220b3bed358e77d4
f12b2d1d1a2ef5500958350428c2efb55e4e81fcb0a27c280b7373ce87f32cd0