urlscan.io logo urlscan.io
SecurityTrails logo

www.securiteam.com Open in urlscan Pro
23.21.221.0  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Submission: On December 20 via manual from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 40 HTTP transactions. The main IP is 23.21.221.0, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.securiteam.com.
This is the only time www.securiteam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 23.21.221.0 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 143.204.95.7 16509 (AMAZON-02)
1 9 151.101.120.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.0.134 54113 (FASTLY)
1 151.101.128.233 54113 (FASTLY)
1 151.101.64.233 54113 (FASTLY)
40 13
11    23.21.221.0 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-21-221-0.compute-1.amazonaws.com
www.securiteam.com
1    2606:4700::6811:80b4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.beyondsecurity.com
1    2606:4700::6811:83b4 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.beyondsecurity.com
1    143.204.95.7 (Wilmington, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-95-7.fra50.r.cloudfront.net
seal.beyondsecurity.com
9    151.101.120.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
mainsecuriteam.disqus.com
referrer.disqus.com
2    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
cse.google.com
2    2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
8    2a00:1450:4001:806::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81f::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:4001:809::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googleapis.com
1    2a00:1450:4001:808::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
clients1.google.com
3    2606:4700::6810:4ca6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
c.disquscdn.com
2    151.101.0.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
disqus.com
1    151.101.128.233 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
disqusads.com
1    151.101.64.233 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
disqusads.com
Domain Requested by
11 www.securiteam.com www.securiteam.com
8 www.google.com 1 redirects cse.google.com
www.google.com
www.securiteam.com
7 referrer.disqus.com
3 c.disquscdn.com mainsecuriteam.disqus.com
2 disqusads.com mainsecuriteam.disqus.com
2 disqus.com mainsecuriteam.disqus.com
2 www.google-analytics.com 1 redirects www.securiteam.com
2 cse.google.com www.securiteam.com
www.google.com
2 mainsecuriteam.disqus.com 1 redirects www.securiteam.com
2 www.beyondsecurity.com 2 redirects
1 clients1.google.com www.securiteam.com
1 www.googleapis.com www.securiteam.com
1 www.google.de www.securiteam.com
1 stats.g.doubleclick.net 1 redirects
1 seal.beyondsecurity.com www.securiteam.com
40 15
Subject Issuer Validity Valid
seal.beyondsecurity.com
DigiCert SHA2 Secure Server CA		 2018-02-04 -
2021-05-04		 3 years crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2018-03-28 -
2020-04-27		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2018-12-04 -
2019-02-26		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-11-27 -
2019-02-19		 3 months crt.sh
ssl565697.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-07 -
2019-04-15		 6 months crt.sh

This page contains 4 frames:

Primary Page: http://www.securiteam.com/exploits/5MP04151FU.html
Frame ID: DD2C6F94D718C936FB15C18C8D094F5D
Requests: 37 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=mainsecuriteam&t_i=5MP04151FU&t_u=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&t_d=New%20Windows%2095%2F98%20Denial%20of%20Service%20discovered%20(NULL%20source%20name)&t_t=New%20Windows%2095%2F98%20Denial%20of%20Service%20discovered%20(NULL%20source%20name)&s_o=default
Frame ID: 84471D536712B118F52FE7837A361CCC
Requests: 1 HTTP requests in this frame

Frame: http://disqusads.com/ads-iframe/adsnative/?category=news&display_bidding_enabled=0&stories_allowed=1&service=dynamic&position=top&display_allowed=1&video_allowed=1&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=mainsecuriteam&forum_pk=872212&forum_shortname=mainsecuriteam&safetylevel=30&t=1545292366&anchorColor=%230000ee&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&typeface=serif&disqus_version=a1ddc74
Frame ID: 688068FA564DD590ECCF10378A20390B
Requests: 1 HTTP requests in this frame

Frame: http://disqusads.com/ads-iframe/adsnative/?category=news&display_bidding_enabled=0&stories_allowed=1&service=dynamic&position=bottom&display_allowed=1&video_allowed=0&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=mainsecuriteam&forum_pk=872212&forum_shortname=mainsecuriteam&safetylevel=30&t=1545292366&anchorColor=%230000ee&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&typeface=serif&disqus_version=a1ddc74
Frame ID: 646BBE0670967698A83D26C9AF8177D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /\(Amazon\)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^DISQUS/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Page Statistics

40
Requests

60 %
HTTPS

63 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

643 kB
Transfer

1632 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • http://www.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif HTTP 301
  • https://www.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif HTTP 301
  • https://seal.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif
Request Chain 10
  • http://mainsecuriteam.disqus.com/embed.js HTTP 301
  • https://mainsecuriteam.disqus.com/embed.js
Request Chain 13
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 14
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2115463479&utmhn=www.securiteam.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=New%20Windows%2095%2F98%20Denial%20of%20Service%20discovered%20(NULL%20source%20name)&utmhid=1091643781&utmr=-&utmp=%2Fexploits%2F5MP04151FU.html&utmht=1545292483239&utmac=UA-240792-5&utmcc=__utma%3D131034637.1384423458.1545292483.1545292483.1545292483.1%3B%2B__utmz%3D131034637.1545292483.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=620490612&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2115463479&utmhn=www.securiteam.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=New%20Windows%2095%2F98%20Denial%20of%20Service%20discovered%20(NULL%20source%20name)&utmhid=1091643781&utmr=-&utmp=%2Fexploits%2F5MP04151FU.html&utmht=1545292483239&utmac=UA-240792-5&utmcc=__utma%3D131034637.1384423458.1545292483.1545292483.1545292483.1%3B%2B__utmz%3D131034637.1545292483.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=620490612&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479&slf_rd=1&random=59092639

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 5MP04151FU.html
www.securiteam.com/exploits/ 		30 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
8731df6464e7ad7034b7fae7c2b8d7d158235b99e59c71f58f899cd8fac4526d

Request headers

Host
www.securiteam.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:42 GMT
Server
Apache/2.4.25 (Amazon)
Last-Modified
Thu, 20 Dec 2018 07:40:17 GMT
ETag
"77b5-57d6f3deaf1a6"
Accept-Ranges
bytes
Content-Length
30645
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
securiteam-style.css
www.securiteam.com/style/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.securiteam.com/style/securiteam-style.css
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Server
Apache/2.4.25 (Amazon)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
224
Content-Type
text/html; charset=iso-8859-1
Beyond%20Security.jpg
www.securiteam.com/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/Beyond%20Security.jpg
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
dede45af9fff123226752af8b2c7e63643c84357be13f0a7b2c0761f3def0fed

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"4261-545a740d5e4cd"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
16993
envelope.gif
www.securiteam.com/images/ 		125 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/envelope.gif
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
27b5a1cb8e99f80e6e4e9a95a4ddcbe5b3a1bb969dc42ec8ec0248550ab702e7

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"7d-545a740d5e4cd"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
125
rss-whitebg.gif
www.securiteam.com/images/ 		845 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/rss-whitebg.gif
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
f6cc06d2849366b325412d950b8b85e65f6f4bd5fb3f720878da40d87749d7a4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"34d-545a740d5e4cd"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
845
netenabled.jpg
www.securiteam.com/images/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/netenabled.jpg
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
c14c70a7001962929276649221bc22a3018f352678c6a9a624b39248999644bf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"1033d-545a740d5d52d"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
66365
sanssecurity.jpg
www.securiteam.com/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/sanssecurity.jpg
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
a235791011a55af7b5292b7963f41ccaabb64011d869aa51dcb72d0c3209a0a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"31a1-545a740d5d52d"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
12705
promo_show.jpg
www.securiteam.com/images/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/promo_show.jpg
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
07e12ba16347017142c6211579fe23a9c6ee7fe62f21baa2afaff591105c0db6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:44 GMT
Last-Modified
Mon, 09 Jan 2017 11:11:12 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"ca9a-545a76ce76212"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
51866
vulnerability-scanner-8.gif
seal.beyondsecurity.com/verification-images/www.securiteam.com/
Redirect Chain
  • http://www.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif
  • https://www.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif
  • https://seal.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif
116 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://seal.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.95.7 Wilmington, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-95-7.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
1a07a46001d1f1eb1cfb14cadbd19d07aee0e7df94a07653e326a6746653bd2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:24:41 GMT
Via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
Apache
Age
1802
X-Frame-Options
sameorigin
X-Cache
Hit from cloudfront
Content-Type
image/gif; charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
yilRbfhU7yhv5cas5tI8NJbBw8ZM4ZAzRUFJNdxe2EzuI13gJTVPLA==
Expires
Thu, 20 Dec 2018 08:24:41 GMT

Redirect headers

date
Thu, 20 Dec 2018 07:54:43 GMT
cf-cache-status
HIT
status
301
x-hs-mapping-only-after-not-found
no
strict-transport-security
max-age=0
content-length
0
x-hs-route-prefix
https://www.beyondsecurity.com/verification-images/*rest
server
cloudflare
x-trace
2B586F15EF4CDCCEA4E3A3385D8ACD10E0890119E6000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
location
https://seal.beyondsecurity.com/verification-images/www.securiteam.com/vulnerability-scanner-8.gif
cache-control
no-transform, max-age=120
access-control-allow-credentials
false
cf-ray
48c08ae2fb932342-FRA
x-hs-mapping-id
5067668592
expires
Thu, 20 Dec 2018 07:54:46 GMT
block.png
www.securiteam.com/images/ 		203 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/block.png
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
31cffadc800e9d256e12be2dfdea6678cdbb4ce23e739ebc908294560f7524d2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"cb-545a740d5d52d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
203
new.gif
www.securiteam.com/images/ 		120 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/new.gif
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
b114715fdcff0dfc22eaeec0f547fa6f2aa529b858e73e4ee387b251cf1e870e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Cookie
__utma=131034637.1384423458.1545292483.1545292483.1545292483.1; __utmc=131034637; __utmz=131034637.1545292483.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=131034637.1.10.1545292483
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:44 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"78-545a740d5e4cd"
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
120
embed.js
mainsecuriteam.disqus.com/
Redirect Chain
  • http://mainsecuriteam.disqus.com/embed.js
  • https://mainsecuriteam.disqus.com/embed.js
66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mainsecuriteam.disqus.com/embed.js
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
openresty /
Resource Hash
0ddb368894b046a453d3e11cdaccb94ef8648d027d87d8e0c8248ebf5b55ff8f
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:44 GMT
Content-Encoding
gzip
Server
openresty
Age
118
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
21952

Redirect headers

Date
Thu, 20 Dec 2018 07:54:44 GMT
Server
Varnish
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
text/html
Location
https://mainsecuriteam.disqus.com/embed.js
Cache-Control
public, max-age=31536000
Connection
close
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
219
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=012135004015501439936:kpkkmcvj7bg
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
gws /
Resource Hash
67610f4224e8cc4f73ff192ef348f7109bdfe5f75b78ea8d4bde14993e4bef5d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 07:54:43 GMT
content-encoding
br
server
gws
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
3212
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 07:54:43 GMT
securiteam-logo-stretched.png
www.securiteam.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.securiteam.com/images/securiteam-logo-stretched.png
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
23.21.221.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-23-21-221-0.compute-1.amazonaws.com
Software
Apache/2.4.25 (Amazon) /
Resource Hash
fe277cf38536624adec144545c2ecd5c2408816de1a1ef6d5b31fc71760662ed

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.securiteam.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Last-Modified
Mon, 09 Jan 2017 10:58:53 GMT
Server
Apache/2.4.25 (Amazon)
ETag
"114d-545a740d5d52d"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
4429
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Nov 2018 21:10:09 GMT
server
Golfe2
age
1659
date
Thu, 20 Dec 2018 07:27:04 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17168
expires
Thu, 20 Dec 2018 09:27:04 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
ga-audiences
www.google.de/ads/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2115463479&utmhn=www.securiteam.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ne...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2115463479&utmhn=www.securiteam.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=N...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479&slf_rd=1&random=59092639
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479&slf_rd=1&random=59092639
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81f::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 20 Dec 2018 07:54:43 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 20 Dec 2018 07:54:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-240792-5&cid=1384423458.1545292483&jid=620490612&_v=5.7.2&z=2115463479&slf_rd=1&random=59092639
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cse_element__en.js
www.google.com/cse/static/element/aab18d33f43dc0c3/ 		324 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/aab18d33f43dc0c3/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012135004015501439936:kpkkmcvj7bg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d00b25b28944a3a7c4fb4b935e9920f2e5af33ab7d1ef325394e7409a10ddf1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 09 Dec 2018 11:25:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Nov 2018 14:57:13 GMT
server
sffe
age
937735
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
110803
x-xss-protection
1; mode=block
expires
Mon, 09 Dec 2019 11:25:48 GMT
default+en.css
www.google.com/cse/static/element/aab18d33f43dc0c3/ 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/aab18d33f43dc0c3/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012135004015501439936:kpkkmcvj7bg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
beb07d6ff422dd77de376852a3d0f9a47891159503f4aaadbac5ee5cc02a9589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 18 Dec 2018 20:59:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Nov 2018 14:57:13 GMT
server
sffe
age
125716
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10178
x-xss-protection
1; mode=block
expires
Wed, 18 Dec 2019 20:59:27 GMT
default.css
www.google.com/cse/static/style/look/v2/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v2/default.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=012135004015501439936:kpkkmcvj7bg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 07:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Oct 2018 12:00:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
private, max-age=0
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
3112
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 07:54:43 GMT
async-ads.js
cse.google.com/adsense/search/ 		199 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/aab18d33f43dc0c3/cse_element__en.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7994e86b0dc1d2b4f6012d879296be37379ba548c4048c9018c0cb74ad8ffa68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1632743380114667054"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=3600
Transfer-Encoding
chunked
Accept-Ranges
bytes
X-XSS-Protection
1; mode=block
Expires
Thu, 20 Dec 2018 07:54:43 GMT
clear.gif
www.google.com/cse/static/css/ 		58 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/clear.gif
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/aab18d33f43dc0c3/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
11202b85ab3d0d16e2c45aa75fbf3dde3ab5e35fc94ee28fe99634134081b96b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/cse/static/element/aab18d33f43dc0c3/default+en.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 07:54:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 30 Nov 2017 13:30:00 GMT
server
sffe
content-type
image/gif
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
58
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 07:54:43 GMT
googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 		551 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/aab18d33f43dc0c3/cse_element__en.js?usqp=CAI%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11 Jan 2017 21:30:00 GMT
Server
sffe
Content-Type
image/png
Cache-Control
private, max-age=31536000
Accept-Ranges
bytes
Content-Length
551
X-XSS-Protection
1; mode=block
Expires
Thu, 20 Dec 2018 07:54:43 GMT
nav_logo114.png
www.google.com/images/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/nav_logo114.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/aab18d33f43dc0c3/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b280b516f629c540111e06cfbb9767dd4f257e143583ee31868a1503f9836c24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/cse/static/element/aab18d33f43dc0c3/default+en.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 12 Dec 2018 11:14:10 GMT
x-content-type-options
nosniff
last-modified
Fri, 16 Dec 2016 12:30:00 GMT
server
sffe
age
679233
content-type
image/png
status
200
cache-control
public, max-age=691200
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
23010
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 11:14:10 GMT
generate_204
www.googleapis.com/ 		0
85 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googleapis.com/generate_204
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Thu, 20 Dec 2018 07:54:43 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 		919 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 07:54:43 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Dec 2016 15:00:00 GMT
server
sffe
content-type
image/png
status
200
cache-control
private, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
919
x-xss-protection
1; mode=block
expires
Thu, 20 Dec 2018 07:54:43 GMT
generate_204
clients1.google.com/ 		0
83 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://clients1.google.com/generate_204
Requested by
Host: www.securiteam.com
URL: http://www.securiteam.com/exploits/5MP04151FU.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:808::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:43 GMT
Content-Length
0
lounge.d49f53e192b9080ef8880a7c9b24f1c3.css
c.disquscdn.com/next/embed/styles/ 		102 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.d49f53e192b9080ef8880a7c9b24f1c3.css
Requested by
Host: mainsecuriteam.disqus.com
URL: https://mainsecuriteam.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d842dc045c65986e7b50952261d47b62cab35c5829700e90d1965ec11692e3
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 07:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
48c08aebad98272c-FRA
status
200
vary
Accept-Encoding
content-length
19425
x-xss-protection
1; mode=block
last-modified
Fri, 26 Oct 2018 00:31:19 GMT
server
cloudflare
cache-control
max-age=31536000, public, immutable, no-transform
etag
"5bd26057-4be1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubdomains
content-type
text/css; charset=utf-8
access-control-allow-origin
*
fastly-debug-digest
eb1006ce43d6cade1496acb1e51569c1d94dd6f363a0a4e497669b5cee0f6289
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 26 Oct 2019 18:02:22 GMT
common.bundle.0462ab665ece3b7335428560f1a0517c.js
c.disquscdn.com/next/embed/ 		242 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.0462ab665ece3b7335428560f1a0517c.js
Requested by
Host: mainsecuriteam.disqus.com
URL: https://mainsecuriteam.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6bd98842b8fa099636574f1a00d3f17b1cc8dbdae92a8092e5e0baa2de35c1e
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 07:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
48c08aebad99272c-FRA
status
200
vary
Accept-Encoding
content-length
82933
x-xss-protection
1; mode=block
last-modified
Tue, 11 Dec 2018 01:40:07 GMT
server
cloudflare
cache-control
max-age=31536000, public, immutable, no-transform
etag
"5c0f1577-143f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubdomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
fastly-debug-digest
bcab3adc97e869d3d8147b6f7c30f53ff020f0b925480b7de1d78f7e8904ddee
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2019 21:53:52 GMT
lounge.bundle.0687f63ad0515694420458c2bd48d53b.js
c.disquscdn.com/next/embed/ 		375 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.0687f63ad0515694420458c2bd48d53b.js
Requested by
Host: mainsecuriteam.disqus.com
URL: https://mainsecuriteam.disqus.com/embed.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6810:4ca6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
352a26fc574dbca5f4576acac00aa8c0aa799da7e6218335ea12ac4aa7f7a0a1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 20 Dec 2018 07:54:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
48c08aebad9a272c-FRA
status
200
vary
Accept-Encoding
content-length
99830
x-xss-protection
1; mode=block
last-modified
Tue, 11 Dec 2018 01:40:07 GMT
server
cloudflare
cache-control
max-age=31536000, public, immutable, no-transform
etag
"5c0f1577-185f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=300; includeSubdomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
fastly-debug-digest
3b2a3bd09dcaf7302caf57677416ac4acc8556e8fdce864027c7b1afdd8687f9
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Dec 2019 21:53:52 GMT
config.js
disqus.com/next/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: mainsecuriteam.disqus.com
URL: https://mainsecuriteam.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
86528d80219b10b1e29ce6ac8b32eb0affd812a83e74f3e920201821f225155d
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:44 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
58
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection
keep-alive
Content-Length
2625
X-XSS-Protection
1; mode=block
Server
nginx
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin
*
/
disqus.com/embed/comments/ Frame 8447 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/embed/comments/?base=default&f=mainsecuriteam&t_i=5MP04151FU&t_u=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&t_d=New%20Windows%2095%2F98%20Denial%20of%20Service%20discovered%20(NULL%20source%20name)&t_t=New%20Windows%2095%2F98%20Denial%20of%20Service%20discovered%20(NULL%20source%20name)&s_o=default
Requested by
Host: mainsecuriteam.disqus.com
URL: https://mainsecuriteam.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.securiteam.com/exploits/5MP04151FU.html

Response headers

Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Last-Modified
Mon, 11 Jun 2018 15:56:54 GMT
ETag
W/"lounge:view:378883929.719e1e2a56f5e8e72a2b6706484ec748.2"
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Content-Length
2603
Date
Thu, 20 Dec 2018 07:54:44 GMT
Age
0
Connection
keep-alive
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
/
disqusads.com/ads-iframe/adsnative/ Frame 6880 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://disqusads.com/ads-iframe/adsnative/?category=news&display_bidding_enabled=0&stories_allowed=1&service=dynamic&position=top&display_allowed=1&video_allowed=1&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=mainsecuriteam&forum_pk=872212&forum_shortname=mainsecuriteam&safetylevel=30&t=1545292366&anchorColor=%230000ee&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&typeface=serif&disqus_version=a1ddc74
Requested by
Host: mainsecuriteam.disqus.com
URL: https://mainsecuriteam.disqus.com/embed.js
Protocol
HTTP/1.1
Server
151.101.128.233 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Host
disqusads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.securiteam.com/exploits/5MP04151FU.html

Response headers

Server
openresty
Content-Type
text/html; charset=utf-8
Cache-Control
public, max-age=300
X-Service
router
Content-Encoding
gzip
Content-Length
11819
Date
Thu, 20 Dec 2018 07:54:44 GMT
Age
0
Connection
keep-alive
Vary
Accept-Encoding
event.gif
referrer.disqus.com/juggler/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4se36er370ipbr&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=mainsecuriteam&zone=thread&version=5cfe3f3f7a9413ba555579f40a6f44c9&page_url=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&page_referrer=&object_type=provider&provider=adsnative&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=adsnative&section=default&verb=call&adjective=1&forum_id=872212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:44 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4se36er370ipbr&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=mainsecuriteam&zone=thread&version=5cfe3f3f7a9413ba555579f40a6f44c9&page_url=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&page_referrer=&object_type=provider&provider=adsnative&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=adsnative&section=default&verb=fail&adverb=no_height&forum_id=872212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:46 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
disqusads.com/ads-iframe/adsnative/ Frame 646B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://disqusads.com/ads-iframe/adsnative/?category=news&display_bidding_enabled=0&stories_allowed=1&service=dynamic&position=bottom&display_allowed=1&video_allowed=0&provider=adsnative&thumbnails_allowed=1&experiment=network_default&variant=fallthrough&display_only=0&sandbox_display=1&links_allowed=1&doublewide_allowed=1&shortname=mainsecuriteam&forum_pk=872212&forum_shortname=mainsecuriteam&safetylevel=30&t=1545292366&anchorColor=%230000ee&colorScheme=light&sourceUrl=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&typeface=serif&disqus_version=a1ddc74
Requested by
Host: mainsecuriteam.disqus.com
URL: https://mainsecuriteam.disqus.com/embed.js
Protocol
HTTP/1.1
Server
151.101.64.233 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Host
disqusads.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.securiteam.com/exploits/5MP04151FU.html
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.securiteam.com/exploits/5MP04151FU.html

Response headers

Server
openresty
Content-Type
text/html; charset=utf-8
Cache-Control
public, max-age=300
X-Service
router
Content-Encoding
gzip
Content-Length
11814
Date
Thu, 20 Dec 2018 07:54:47 GMT
Age
0
Connection
keep-alive
Vary
Accept-Encoding
event.gif
referrer.disqus.com/juggler/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4se36er370ipbr&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=mainsecuriteam&zone=thread&version=5cfe3f3f7a9413ba555579f40a6f44c9&page_url=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&page_referrer=&object_type=advertisement&provider=adsnative&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&extra_data=%7B%22bids%22%3A%7B%7D%2C%22time_to_load%22%3A2106%2C%22winner%22%3A%22adsnative%22%7D&forum_id=872212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:46 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4se36er370ipbr&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=mainsecuriteam&zone=thread&version=5cfe3f3f7a9413ba555579f40a6f44c9&page_url=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&page_referrer=&object_type=provider&provider=adsnative&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=adsnative&section=default&verb=call&adjective=1&forum_id=872212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:47 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4se36er370ipbr&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=mainsecuriteam&zone=thread&version=5cfe3f3f7a9413ba555579f40a6f44c9&page_url=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&page_referrer=&object_type=advertisement&provider=adsnative&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=view&adverb=0ms-no50perc&forum_id=872212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:47 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4se36er370ipbr&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=mainsecuriteam&zone=thread&version=5cfe3f3f7a9413ba555579f40a6f44c9&page_url=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&page_referrer=&object_type=advertisement&provider=adsnative&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=view&adverb=iab-scroll&forum_id=872212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:48 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
event.gif
referrer.disqus.com/juggler/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=4se36er370ipbr&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=mainsecuriteam&zone=thread&version=5cfe3f3f7a9413ba555579f40a6f44c9&page_url=http%3A%2F%2Fwww.securiteam.com%2Fexploits%2F5MP04151FU.html&page_referrer=&object_type=advertisement&provider=adsnative&event=activity&advertisement_id=160465&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B160465%5D&section=default&verb=load&extra_data=%7B%22bids%22%3A%7B%7D%2C%22time_to_load%22%3A2102%2C%22winner%22%3A%22adsnative%22%7D&forum_id=872212
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://www.securiteam.com/exploits/5MP04151FU.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 20 Dec 2018 07:54:49 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| countChars function| PopUp string| disqus_shortname string| disqus_identifier string| disqus_url object| _gaq object| _gat object| gaGlobal object| __gcse object| module$exports$cse$search object| module$exports$cse$CustomWebSearch object| module$exports$cse$CustomImageSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| module$exports$cse$ImageSearch object| module$exports$cse$websearch number| ___gcse_nc_ function| _googCsa number| nextSearchboxId number| googleNDT_ number| _googCsaShowAfdSurvey number| _googCsaAlwaysHttps number| googleAltLoader function| disqus_config object| DISQUS

5 Cookies

Domain/Path Name / Value
.securiteam.com/ Name: __utmz
Value: 131034637.1545292483.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.securiteam.com/ Name: __utmc
Value: 131034637
.securiteam.com/ Name: __utmb
Value: 131034637.1.10.1545292483
.securiteam.com/ Name: __utmt
Value: 1
.securiteam.com/ Name: __utma
Value: 131034637.1384423458.1545292483.1545292483.1545292483.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.disquscdn.com
clients1.google.com
cse.google.com
disqus.com
disqusads.com
mainsecuriteam.disqus.com
referrer.disqus.com
seal.beyondsecurity.com
stats.g.doubleclick.net
www.beyondsecurity.com
www.google-analytics.com
www.google.com
www.google.de
www.googleapis.com
www.securiteam.com
143.204.95.7
151.101.0.134
151.101.120.134
151.101.128.233
151.101.64.233
23.21.221.0
2606:4700::6810:4ca6
2606:4700::6811:80b4
2606:4700::6811:83b4
2a00:1450:4001:806::2004
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:81d::200e
2a00:1450:4001:81f::2003
2a00:1450:4001:821::200e
2a00:1450:400c:c08::9c
07e12ba16347017142c6211579fe23a9c6ee7fe62f21baa2afaff591105c0db6
0ddb368894b046a453d3e11cdaccb94ef8648d027d87d8e0c8248ebf5b55ff8f
11202b85ab3d0d16e2c45aa75fbf3dde3ab5e35fc94ee28fe99634134081b96b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1a07a46001d1f1eb1cfb14cadbd19d07aee0e7df94a07653e326a6746653bd2b
27b5a1cb8e99f80e6e4e9a95a4ddcbe5b3a1bb969dc42ec8ec0248550ab702e7
31cffadc800e9d256e12be2dfdea6678cdbb4ce23e739ebc908294560f7524d2
352a26fc574dbca5f4576acac00aa8c0aa799da7e6218335ea12ac4aa7f7a0a1
67610f4224e8cc4f73ff192ef348f7109bdfe5f75b78ea8d4bde14993e4bef5d
7994e86b0dc1d2b4f6012d879296be37379ba548c4048c9018c0cb74ad8ffa68
86528d80219b10b1e29ce6ac8b32eb0affd812a83e74f3e920201821f225155d
8731df6464e7ad7034b7fae7c2b8d7d158235b99e59c71f58f899cd8fac4526d
8cda73e6a0e5533a80c6bf94cf5a7b2a0e399ea1c482399b11a21096a8081faa
a235791011a55af7b5292b7963f41ccaabb64011d869aa51dcb72d0c3209a0a3
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
a8d842dc045c65986e7b50952261d47b62cab35c5829700e90d1965ec11692e3
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
b114715fdcff0dfc22eaeec0f547fa6f2aa529b858e73e4ee387b251cf1e870e
b280b516f629c540111e06cfbb9767dd4f257e143583ee31868a1503f9836c24
beb07d6ff422dd77de376852a3d0f9a47891159503f4aaadbac5ee5cc02a9589
c14c70a7001962929276649221bc22a3018f352678c6a9a624b39248999644bf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00b25b28944a3a7c4fb4b935e9920f2e5af33ab7d1ef325394e7409a10ddf1c
d6bd98842b8fa099636574f1a00d3f17b1cc8dbdae92a8092e5e0baa2de35c1e
dede45af9fff123226752af8b2c7e63643c84357be13f0a7b2c0761f3def0fed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6cc06d2849366b325412d950b8b85e65f6f4bd5fb3f720878da40d87749d7a4
fe277cf38536624adec144545c2ecd5c2408816de1a1ef6d5b31fc71760662ed