www.securityweek.com Open in urlscan Pro
2606:4700:20::ac43:61a9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Submission: On March 03 via api (March 3rd 2021, 6:52:49 pm UTC) from US

Summary HTTP 108 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 14 domains to perform 108 HTTP transactions. The main IP is 2606:4700:20::ac43:61a9, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.securityweek.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.

This is the only time www.securityweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:20:... 2606:4700:20::ac43:61a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
2	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200d	15169 (GOOGLE) (GOOGLE)
1 2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	168.62.202.120 168.62.202.120	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	137.135.51.188 137.135.51.188	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
108	23

40 2606:4700:20::ac43:61a9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.securityweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

74a259febff622ac6ee65b128200ac74.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 168.62.202.120 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

app.brightinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.135.51.188 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bia.brightinfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	securityweek.com www.securityweek.com	2 MB
14	google.com 1 redirects apis.google.com www.google.com cse.google.com accounts.google.com adservice.google.com	140 KB
12	googlesyndication.com 74a259febff622ac6ee65b128200ac74.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	234 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	190 KB
8	brightinfo.com app.brightinfo.com bia.brightinfo.com	149 KB
8	facebook.com www.facebook.com	274 KB
5	google-analytics.com ssl.google-analytics.com www.google-analytics.com	37 KB
4	doubleclick.net securepubads.g.doubleclick.net	115 KB
3	googletagservices.com www.googletagservices.com	80 KB
2	linkedin.com platform.linkedin.com	109 KB
1	google.de adservice.google.de	313 B
1	gstatic.com ssl.gstatic.com	5 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
0	disqus.com Failed securityweek.disqus.com Failed
108	14

	Domain	Requested by
40	www.securityweek.com	www.securityweek.com ajax.cloudflare.com
8	www.facebook.com	www.securityweek.com www.facebook.com
7	apis.google.com	www.securityweek.com apis.google.com accounts.google.com
7	platform.twitter.com	ajax.cloudflare.com platform.twitter.com
6	app.brightinfo.com	www.securityweek.com app.brightinfo.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.google.com	1 redirects apis.google.com securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.securityweek.com
3	ssl.google-analytics.com	www.securityweek.com
3	www.googletagservices.com	www.securityweek.com securepubads.g.doubleclick.net
2	bia.brightinfo.com	app.brightinfo.com
2	www.google-analytics.com	app.brightinfo.com www.google-analytics.com
2	syndication.twitter.com	1 redirects platform.twitter.com
2	platform.linkedin.com	ajax.cloudflare.com
1	74a259febff622ac6ee65b128200ac74.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ssl.gstatic.com	accounts.google.com
1	accounts.google.com	apis.google.com
1	cse.google.com	www.securityweek.com
1	ajax.cloudflare.com	www.securityweek.com
0	securityweek.disqus.com Failed	www.securityweek.com
108	23

This site contains links to these domains. Also see Links.

Domain
www.infosecisland.com
www.securitysummits.com
securityweek.formstack.com
www.cisoforum.com
www.icscybersecurityconference.com
feeds.feedburner.com
www.microsoft.com
msrc.microsoft.com
techcommunity.microsoft.com
www.volexity.com
securityconversations.com
twitter.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
securityweek.com Cloudflare Inc ECC CA-3	`2020-07-04` - `2021-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2021-10-14`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.brightinfo.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-03-16`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Frame ID: 4F74C68EBCA79CEFCB902ACC135C05F5
Requests: 74 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
Frame ID: 3E226624A26963256C1CD1D1379974BB
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
Frame ID: 8A5D33B8E9A2C5D4510B84736180600A
Requests: 4 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 3B364A4F12ABCA7191BDBBDCFF0BFC71
Requests: 2 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: E3E620547E5A103177A6CE75E827B35F
Requests: 2 HTTP requests in this frame

Frame: https://www.securityweek.com/ad.html
Frame ID: 2737186A3BB5E2E03193C4D4FE52ED94
Requests: 1 HTTP requests in this frame

Frame: https://www.securityweek.com/ad.html
Frame ID: 0F5A8679224944C63922A72E78F35B32
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.securityweek.com
Frame ID: 81DC6538A9DE3D0A5AD3F7EDE7C318CC
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.securityweek.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: EB8602E273BD48415A401F55484005C9
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: 005E4AAEB7AF90250A70CEF0CD7C64F1
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Frame ID: 84432C2F214A0E6AD679B82E724C67CD
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: DE2071FCAEDDCEE61A84610F0D4469C2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspmDfuYEEkYQhGgRExG_z95v6yaIRTKjAsO4PkXovuglleeCAkUF_0LO7e9miEucWL1oDhXF4v5L5wyAOeBCUKNAUvYQaWkaBsMSDQvzWRwrfrtZUAJUQI6hEjyxNmCYpeQTCbsuahUXt9WQTqp2Ld27vUr6Hy-hVHgm9AQCyXAtWj_Aa5QuaKbQjQ9zVG2TeWa-DNKt6oseePj_XvDvUCT8xKc7DK9R61bjC_PjkIsXa7KtGzIu4QyB9ORwXedh0QWhsvnXVE8iQ8zPl9jsY98pUKo2M9fTFlYEcwKFhYRoLcElhXXfxQ2SM&sai=AMfl-YQw0wet0QhSDPWMGJ98W8q_LHYcBQVGtO7cUv1kUcAKJu8ZXn2ruJdPqmz0X_C38YbqZynLbznikp2BLSnXZxEytLOeppsvWgkH-CHHQK-FqG_ZMmQI39YxpqKfZXc&sig=Cg0ArKJSzAWIFoawF007EAE&adurl=
Frame ID: E3E175193897D05779E08205A2F1C146
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 07221D91213006C24CE1A4797F4724C1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Drupal (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+"\/sites\/(?:default|all)\/(?:themes|modules)\//i
headers expires /19 Nov 1978/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<(?:link|style)[^>]+"\/sites\/(?:default|all)\/(?:themes|modules)\//i
headers expires /19 Nov 1978/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

108
Requests

98 %
HTTPS

83 %
IPv6

14
Domains

23
Subdomains

23
IPs

2
Countries

2887 kB
Transfer

5889 kB
Size

3
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://www.infosecisland.com/
Title: Infosec Island

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/
Title: Virtual Events

Search URL Search Domain Scan URL

URL: https://securityweek.formstack.com/forms/contact
Title: WRITE FOR US

Search URL Search Domain Scan URL

URL: https://www.cisoforum.com/
Title: 2021 CISO Forum

Search URL Search Domain Scan URL

URL: https://www.icscybersecurityconference.com/
Title: ICS Cyber Security Conference

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/event/supply-chain-security-summit/

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/securityweek

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/03/02/hafnium-targeting-exchange-servers/
Title: warning

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26855
Title: CVE-2021-26855

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26857
Title: CVE-2021-26857

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-26858
Title: CVE-2021-26858

Search URL Search Domain Scan URL

URL: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-27065
Title: CVE-2021-27065

Search URL Search Domain Scan URL

URL: https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2021-exchange-server-security-updates/ba-p/2175901
Title: additional techincal details

Search URL Search Domain Scan URL

URL: https://www.volexity.com/blog/2021/03/02/active-exploitation-of-microsoft-exchange-zero-day-vulnerabilities/
Title: blog post

Search URL Search Domain Scan URL

URL: https://securityconversations.com/
Title: Security Conversations

Search URL Search Domain Scan URL

URL: https://twitter.com/@ryanaraine
Title: @ryanaraine

Search URL Search Domain Scan URL

URL: http://www.icscybersecurityconference.com/singapore
Title: 2020 Singapore ICS Cyber Security Conference [VIRTUAL- June 16-18, 2020]

Search URL Search Domain Scan URL

URL: http://www.cisoforum.com/
Title: 2021 CISO Forum: September 21-22, 2021 - A Virtual Event

Search URL Search Domain Scan URL

URL: http://www.icscybersecurityconference.com/
Title: 2021 ICS Cyber Security Conference | USA [Oct. 25-28]

Search URL Search Domain Scan URL

URL: https://twitter.com/securityweek

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/SecurityWeekCom/366251913615

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?gid=2983767

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?mostPopular=&gid=3551517
Title: Cyber Weapon Discussion Group

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/groups?gid=4439585
Title: Security Intelligence Group

Search URL Search Domain Scan URL

URL: https://www.securitysummits.com/sponsors/
Title: Event Sponsorships

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://www.google.com/coop/intl/en/images/google_custom_search_watermark.gif HTTP 301
https://cse.google.com/coop/intl/en/images/google_custom_search_watermark.gif

Request Chain 81

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

108 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group Show response
www.securityweek.com/ 53 KB
12 KB 220ms
195ms Document
text/html 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: 4ed1dd78e4387b5b32b33fe5b04553827cd59bbe2020c9d81b6a4e0603e93119

Request headers

:method: GET
:authority: www.securityweek.com
:scheme: https
:path: /microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=db6b6543347c72e01a1aa07315f6d38161614797550; expires=Fri, 02-Apr-21 18:52:30 GMT; path=/; domain=.securityweek.com; HttpOnly; SameSite=Lax; Secure SESSc3f2c9572aa8f3f5ea6f60501affecb3=c52aeecd2ed1fdeb75489372abe1b4c7; expires=Fri, 26-Mar-2021 22:25:50 GMT; path=/; domain=.securityweek.com
x-powered-by: PHP/5.3.29
expires: Sun, 19 Nov 1978 05:00:00 GMT
cache-control: must-revalidate
last-modified: Wed, 03 Mar 2021 18:30:10 GMT
cf-cache-status: DYNAMIC
cf-request-id: 089b084a7f00004a85cf827000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VyJDdF0JChGmBtpBPzDpaLlJzgdgC9gANvW86cjsg5Jr0gOeCWjocnRzmymlnJvSbfsaynWXiwVEDpOECWHCX5Xdlfd1JCaxbLbm8FmdUuQ3Wt1oMuAWvyM2ovO2u2ErQw%3D%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62a50ff0cd794a85-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 MtZjAddKzhFJoLq5xYGl1vZkDn8.js Show response
www.securityweek.com/cdn-cgi/apps/head/ 5 KB
2 KB 17ms
16ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/cdn-cgi/apps/head/MtZjAddKzhFJoLq5xYGl1vZkDn8.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8dd5483dc29044f06c3a45f8fd05d0f122a2b4315292df6da919775189351c9

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 8198746
content-type: application/javascript; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 9D7676ECF72C63F9
x-amz-id-2: 0xGkw3tMrnTlmaIdMRQ1nPOkVlhn00QQLGQ9gViAs8CwIMwdeNYUxK3VIXqSFWH3lkNmDPniutA=
last-modified: Tue, 04 Dec 2018 19:44:59 GMT
server: cloudflare
etag: W/"6998744eb932e2ecef296a28191978ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E%2FSdupCt0iPO5hzT2YqnSDpZkQbesRjfYxakCOgOue%2F9sDbNmelNo74MDz4%2BpLYfMrD2sTwToBCIERwD5TDV%2BgEZ3JS%2FZ%2BrENxtU%2FMueGRaSoYkiGOlLv1e%2FsdUP2Y4YBA%3D%3D"}],"max_age":604800}
x-amz-version-id: JCMgPdMNLoo3bIn5Dbz15QtzSlH_yitT
cache-control: public, max-age=31536000
cf-request-id: 089b084b4900004a8599bf7000000001
cf-ray: 62a50ff208044a85-FRA

GET
H2 200 css_0889906391893542e4d4816d0712fac7.css
www.securityweek.com/sites/default/files/css/ 24 KB
5 KB 24ms
23ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/sites/default/files/css/css_0889906391893542e4d4816d0712fac7.css
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d10a778caafc69e25249f7b7fa00a1bfaa240991b6c7cdedb7f562fff418eb21

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27081
cf-polished: origSize=24799
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084b4800004a85d8384000000001
last-modified: Wed, 03 Mar 2021 11:21:03 GMT
server: cloudflare
etag: W/"3c13cf-60df-5bca00bdbeab2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aslbhE6joCsobY9Ij7zhAWuMsPOjRXdMJf%2FfpqyQClY78zn419yri4HuWFOnk179awIs%2BN8qmYaeBl2X9VtTJTBY7ttNl4BdvMvByrVWuGrFVOLEJ%2FbMOysFAhu91byoHQ%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 62a50ff20fff4a85-FRA
expires: Wed, 17 Mar 2021 11:21:09 GMT

GET
H2 200 css_0f36d94fdd1139915e8a0e66309ca7d0.css
www.securityweek.com/sites/default/files/css/ 27 KB
5 KB 16ms
15ms Stylesheet
text/css 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0deae7d488b0316e0149f1dc2caec46821b2272127b61b4ffadf6f99a303ea16

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27081
cf-polished: origSize=27647
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084b4900004a85df8a4000000001
last-modified: Wed, 03 Mar 2021 11:21:03 GMT
server: cloudflare
etag: W/"3c18cc-6bff-5bca00bdbf282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rBgdu8xVKk%2FL8d2Tjpfk8W8k1w3H88J6HJ0XDS%2BwYWa6kcwtfd1tnGkCOMR8RVhZMzYWUTrZulg7rVYJYox7BCTO10z92i1FWW1IZPhEqnZqIpz49Xeo8sYt3jiSYs12OQ%3D%3D"}],"max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 62a50ff208024a85-FRA
expires: Wed, 17 Mar 2021 11:21:09 GMT

GET
H2 200 securityweek_logo.jpg
www.securityweek.com/sites/default/files/ 19 KB
20 KB 15ms
15ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/securityweek_logo.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ae75bcb392ec9110db2837a9134c1b414c373244ea62816c63cc5bb41a90cfe

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 345278
cf-polished: origSize=20250
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19584
cf-request-id: 089b084b5b00004a8500280000000001
last-modified: Sat, 02 Jan 2021 18:33:44 GMT
server: cloudflare
etag: "c60712-4f1a-5b7ef18cbdb45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F2BQS%2BvSC8U2GvB2bYFYSx3RXKkW%2F976KEvY2SUbdBUv9XngiDecxGPw9AAguMv0ULXIzaydga0UkJpbMNw6ILG2D5Qg%2FuP5F04elajqRc0gUWWvjJlmnRbESHxeSxWNVA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Sat, 13 Mar 2021 18:57:52 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff228454a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Supply-Chain-Security_Banner.jpg
www.securityweek.com/sites/default/files/product_images/ 233 KB
233 KB 20ms
17ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/product_images/Supply-Chain-Security_Banner.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b95e59604725f7ec3b0dec31a38216e73d70eb5144abac389ed1d0f1256d356

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 411157
cf-polished: origSize=271604
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 238196
cf-request-id: 089b084b6300004a85f8176000000001
last-modified: Sat, 27 Feb 2021 00:30:57 GMT
server: cloudflare
etag: "c60781-424f4-5bc467f95d0d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PS%2BI3zQP4%2FuPbdXQhQBbBW%2Fhba1nLDA8sHAzK2vN5fL606ADHQHRTzBT3Z3K%2BauxFyeWW5fSUTcl7lft%2BKdmjJ3IoD3N%2BG4Icgou2%2B3zjSxcN2sVS0KdwHo7SwXL8ayF%2FQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Sat, 13 Mar 2021 00:39:53 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2385d4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 picture-94.jpg
www.securityweek.com/sites/default/files/imagecache/auth_story/pictures/ 1 KB
2 KB 19ms
17ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/imagecache/auth_story/pictures/picture-94.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9dbadce7dd4f5c2d597262d42870652e8acac376d7dd9b2f299aa78c86e3a2d

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1161850
cf-polished: origSize=1751
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1470
cf-request-id: 089b084b6300004a85f7b2f000000001
last-modified: Wed, 17 Feb 2021 20:17:49 GMT
server: cloudflare
etag: "3c192f-6d7-5bb8de9b6524d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Pa4U0eoRrj2xn4nABR3y%2BsQBenHjGkoSyBN56%2FSj%2BhY9dnTPKiNyLEjV1DdlZeqEivnOGbQm7p63d8e52aPdHUSJS6Hy0ZFOx%2FQ32cGQdAtJGf686kP3uYHWkLd37%2F0SEg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Thu, 04 Mar 2021 08:08:20 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2385e4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 RSS-Icon.png
www.securityweek.com/images/ 3 KB
3 KB 26ms
24ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/images/RSS-Icon.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b425148295a81e4162a87cb36eba754d16b295ec5b733140e2b82c7f77a731

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1044176
cf-polished: origSize=2844
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2637
cf-request-id: 089b084b6300004a85f5202000000001
last-modified: Wed, 06 Oct 2010 06:57:24 GMT
server: cloudflare
etag: "1e133b-b1c-491ed4a241d00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BlPO13B3hbnKsFRcWYvEqkzj20tCgQ25pjAC%2BfB8s%2F8bEGIM6beiQXLWMjc%2BB0BsNZqXpY%2BCMa8pdrSQrMYBAM2An1vK4%2FIrOYIOb4q22efuvyr8r6hC7km1SDTcFdPoxw%3D%3D"}],"max_age":604800}
content-type: image/png
expires: Fri, 05 Mar 2021 16:49:34 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2385f4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Microsoft-Building-Logo.jpg
www.securityweek.com/sites/default/files/logos/ 936 KB
937 KB 32ms
30ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/logos/Microsoft-Building-Logo.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb625ec68b514358b37be2ba2ce551b7d09a7ce70c6c49a69df8c9b7d82471f7

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 70966
cf-polished: origSize=1164223
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 958132
cf-request-id: 089b084b6300004a85d4b8d000000001
last-modified: Thu, 28 Jan 2021 19:04:37 GMT
server: cloudflare
etag: "c60753-11c3bf-5b9fa8f1ca1c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PEO80wtN4ohY8jS3XJ0MuqSqOdWQhW%2FEgIzn660BhT8nxTo%2FWVCodgn3RlkymyzfdR1WtIabbs9PQRV75R68oJy8STHtATS0fS1uI%2B3NIjD%2BxC0HeorgT8seRamXGhNhRQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Tue, 16 Mar 2021 23:09:44 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff238604a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Supply-Chain-300x250.jpg
www.securityweek.com/sites/default/files/logos/ 112 KB
113 KB 19ms
18ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/logos/Supply-Chain-300x250.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e68ee9ce61a88e03b1481412200e86e88c414e462b3ae13a09527e7d79ddfdd8

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 179469
cf-polished: origSize=138090
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 114784
cf-request-id: 089b084b6300004a85d2b43000000001
last-modified: Mon, 15 Feb 2021 16:58:51 GMT
server: cloudflare
etag: "c60755-21b6a-5bb62e67b48e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QzDdp%2FElBJpC4gAqAWS8Wr%2FuHo%2FbfknBbp323ZWkQKcr%2BC51F4t06gZ1V4bPxc0RqkLB9ZUehwOyx%2BPpQvqnREEOCaTGrEOnTTT52yqzPAGzFmJrWhS5At0PwxIdEihsQQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Mon, 15 Mar 2021 17:01:21 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff238624a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 JsfVAji5wHtjMw9KWartCq34fZY.js Show response
www.securityweek.com/cdn-cgi/apps/body/ 23 KB
7 KB 26ms
25ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/cdn-cgi/apps/body/JsfVAji5wHtjMw9KWartCq34fZY.js
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/cdn-cgi/apps/head/MtZjAddKzhFJoLq5xYGl1vZkDn8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c9b185e1e937971dfedaafecf01bc14813a2ece31cc9af4a2097f9b3ecb061d

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10329475
content-type: application/javascript; charset=utf-8
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 1D200412F3071A81
x-amz-id-2: ocW6f66LRM5e6Qp8eBxBVUkoliev/hyIMvHJhblhdyqBW0T870LfdE02FwNUZURk2IV3CxFownw=
last-modified: Tue, 04 Dec 2018 19:44:58 GMT
server: cloudflare
etag: W/"cb0ca31f11dc8247de26e3dcd49db722"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gIEhC3aYJfsK68r6QkLxM3dBpZPeJRFwQLYr8jai6H5jwb3IbZ3mT32IAWFY1ossJPYvqV1RAVfxhc5YYeo7M6QhtQCug3WP5IVE1gczUdS1CUG6XpEsr3cAaiw0K1DC1A%3D%3D"}],"max_age":604800}
x-amz-version-id: h5OK1yTQAx2t7V4blDMielr1pB4gwYKR
cache-control: public, max-age=31536000
cf-request-id: 089b084b6300004a85fb2cd000000001
cf-ray: 62a50ff238634a85-FRA

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 3E22 41 KB
13 KB 120ms
119ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

beb231cecf076f9ea2760aeb5747c4f4326b41fb87835c74ff2d560a4911a31b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: TmzwifDM/XVDx9giqwvfCgJA7OcnwnwCrpIxWn0WbLElTVhlHa/qUn1d/Ef8ZgR7QF7fu/EVAhrRKnXihm7lyg==
date: Wed, 03 Mar 2021 18:52:30 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 bg.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 475 B
922 B 23ms
21ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/bg.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab74e69c44356590de92b4b7354dc5ae3887e20f3dd9d07cea55cedbdd441f95

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 106619
cf-polished: origSize=13217
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 475
cf-request-id: 089b084b6700004a85c8177000000001
last-modified: Sat, 09 Aug 2014 20:02:44 GMT
server: cloudflare
etag: "3c0013-33a1-50037ce116100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NXLdWsKqqAVG6lbRXc8Vg7lcd0TuzcSZFCoyiqmYDPUu7Zql13spbw04hZcKem4xQySBUwzxzJ7Sm0d5IiLqdNvA1Xi15mroLlx93dD1NIqDlaewypznPuf7gyBdKqkpWQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Tue, 16 Mar 2021 13:15:31 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff238694a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 menu-leaf.gif
www.securityweek.com/sites/all/themes/securityweek/images/icons/ 175 B
574 B 24ms
22ms Image
image/gif 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/icons/menu-leaf.gif
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 391830
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 175
cf-request-id: 089b084b6700004a85fa8f6000000001
last-modified: Mon, 22 Mar 2010 15:27:51 GMT
server: cloudflare
etag: "3c002d-af-482655712cbc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XjGGINolOrDq8ppdlLZQGI4NOw%2F3DT%2FBZkokUt%2Fb5cxAR3SVetxd%2Byf44wAlcCDpq8G17VVjGMR1Y053%2BjGiZD34%2FmGYu1WehJeOJ77g4gai361wf7tGInW7b1BzUJKrBQ%3D%3D"}],"max_age":604800}
content-type: image/gif
expires: Sat, 13 Mar 2021 06:02:00 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2386b4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 header_bg.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 387 B
995 B 22ms
21ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/header_bg.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d55e4cb97826944c4f826821ac2688b361d7cf0303b4640c2cb3eef6ee19b233

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1161968
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 387
cf-request-id: 089b084b6700004a85ae9fc000000001
last-modified: Mon, 22 Mar 2010 15:27:31 GMT
server: cloudflare
etag: "3c0020-183-4826555e19ec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PdhIZZLP4K79UDxFXGg7W2DomlPj2gNEzyITRyQTQ0YmytNbutt2dSoVpr%2Fts5cLac%2F1gcMRUnVMbhosgmnLIlMHkop8oGSXsljrL2Z5m2a%2F219uLcOTqHKknfx2pQyUuA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Thu, 04 Mar 2021 08:06:22 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2386d4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 nav_bg.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 500 B
859 B 23ms
22ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/nav_bg.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21b195ce0d8efa07e31b863199d8a6802cb773e2417443e534ed8c113d8949a8

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 106619
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 500
cf-request-id: 089b084b6800004a8596ade000000001
last-modified: Mon, 22 Mar 2010 15:28:13 GMT
server: cloudflare
etag: "3c001b-1f4-4826558627d40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8xV461Z3Dmptq9gBnl09CXNOEMClDCYtzs%2FnwbERHwF7wZUzaVm6Vwu%2FTG6P%2Biod7KjCdvgOPERh%2FAlg7W6nZxrgBH25gdCiwFJsGMf0l7%2BBGfiVZeSzLym%2BPYPGwrxe%2Fg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Tue, 16 Mar 2021 13:15:31 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2386e4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 menu-expanded.gif
www.securityweek.com/sites/all/themes/securityweek/images/icons/ 183 B
542 B 22ms
21ms Image
image/gif 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/icons/menu-expanded.gif
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 106619
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 183
cf-request-id: 089b084b6800004a85bbb85000000001
last-modified: Mon, 22 Mar 2010 15:27:50 GMT
server: cloudflare
etag: "3c002a-b7-4826557038980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xm6ttx3khB%2BZC%2FX8IUHZ%2B21hAiWDXtJ9lo%2BqXuICPsHNRHhwq368N3mh78VPuT7%2F%2FYRXSBj2hZgvClou1ZrxNgfQ94sb7IQ%2FGZu5RwPYTmWxrodwaOuM7wat39qNs%2BrReg%3D%3D"}],"max_age":604800}
content-type: image/gif
expires: Tue, 16 Mar 2021 13:15:31 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2386f4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 serve.php
www.securityweek.com/sites/all/modules/ad/ 695 B
1 KB 295ms
294ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/modules/ad/serve.php?o=image&a=1296
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Mar 2021 18:52:30 GMT
server: cloudflare
x-powered-by: PHP/5.3.29
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lBh%2FVGuK3bOBqDF%2FpZjNSy1lo6O60ahNp%2Bau%2B8n30H2SZFJvtd%2Bt0Fz5G8yx3AE4loTJ8Fb%2FYUfZuyjQTFlvxilTd9tNM2Fgj3w9034msjoX0R03CTmKE9TuF7TXUFItxQ%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 62a50ff289174a85-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084b9300004a85f817c000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 serve.php
www.securityweek.com/sites/all/modules/ad/ 695 B
1 KB 289ms
286ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/modules/ad/serve.php?o=image&a=683
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Mar 2021 18:52:30 GMT
server: cloudflare
x-powered-by: PHP/5.3.29
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m6kjOlZuAphJndjl2p3W2VXvGL91Se8Z4nl2ErwTQKK8lbBVIDC9dz8oA5UOKVwochfJGxn87e%2BRhlpWsS2Af5qBvh2KHrq57PmBFk7CrAtd7QSc4X0k5frd%2B86Elc30ow%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 62a50ff2891c4a85-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084b9400004a85aa312000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 serve.php
www.securityweek.com/sites/all/modules/ad/ 695 B
1 KB 294ms
291ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/modules/ad/serve.php?o=image&a=1030
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Mar 2021 18:52:30 GMT
server: cloudflare
x-powered-by: PHP/5.3.29
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cVowszqFPp%2FhtOJZBLci3wO%2Fiq9iB6wi0Jgwer9RsHMzmCgESQdieHZMtLjvElAErJqATy2jukZAgJU7PCWRHcgdQWG3YKlxizcmkkexDitY7mF4hUaJV0f7finhse0%2FEg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 62a50ff2891f4a85-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084b9600004a85cc9dc000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 serve.php
www.securityweek.com/sites/all/modules/ad/ 695 B
1 KB 293ms
290ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/modules/ad/serve.php?o=image&a=693
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Mar 2021 18:52:30 GMT
server: cloudflare
x-powered-by: PHP/5.3.29
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WXHqHmSYawloEwoFIU8Mdb3%2FnRHO7MTpPH8nK0aLXUyxoKwoarIq3s11S2qZsXRWsiNJ0Txpe4KOoBh9ko4oGWiMFEHcmvxI59uqb%2F02ZKdRXqdjTFAjwF0UX7cPxZcrxw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 62a50ff289224a85-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084b9600004a85ac301000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 serve.php
www.securityweek.com/sites/all/modules/ad/ 695 B
1 KB 710ms
707ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/modules/ad/serve.php?o=image&a=894
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:31 GMT
cf-cache-status: DYNAMIC
last-modified: Wed, 03 Mar 2021 18:52:31 GMT
server: cloudflare
x-powered-by: PHP/5.3.29
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TEoZeIWuwOKlrlnPuZmN9coULYRrjq6YmjyRW3NsYJ1yqpz2YP2WTlcI6AfM1Ygrqhy4rXvP%2BXecaXRAiiEoZe%2B1PaOmflSwa4GSgzad%2FsE2ZGO6hrmA07tP0%2BzSI8GqPg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 62a50ff289234a85-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084b9600004a85c282e000000001
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 tag_icon.jpg
www.securityweek.com/images/ 680 B
1 KB 20ms
17ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/images/tag_icon.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65cc8600f521d4e99aa77e95337426f53ec86dd569e8db164bcda70d5c1da388

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 304117
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 680
cf-request-id: 089b084b9700004a85b1b27000000001
last-modified: Fri, 06 Aug 2010 07:41:12 GMT
server: cloudflare
etag: "1e133a-2a8-48d22ca765600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4rDk%2Bt3snd8%2FvhWiwnodaS8FGOoXJfyD87yj5wz6QaqVpgk27z1RkqB71tqKi5M8UNNvfkMCJO1nYWx7zGjmiD6zzORWh1pahwGEUqCTMrcg5IXvMiW0PCHBk8ZhZ%2BeLMg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Sun, 14 Mar 2021 06:23:53 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff289254a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 security_newsletter.gif
www.securityweek.com/images/ 1 KB
1 KB 19ms
17ms Image
image/gif 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/images/security_newsletter.gif
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 200abde0c426b23abe8a9c501ab4e8e72c048cc0653203817cc9ff96cc6e394d

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 106619
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1084
cf-request-id: 089b084b9700004a85b73f6000000001
last-modified: Fri, 22 Apr 2011 17:43:08 GMT
server: cloudflare
etag: "1e134c-43c-4a185640ae300"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AHgk9Ufqz7e3gXonMVQGCqq4ZhFNrgTF2irfcfkiIUtGmbS1%2ByxqNVcB5c%2FZlDa1FzVPe0JbzqpwrEfqPPaVVXrZ3rd%2F8N2FA1pLlzqx7ldI31q9BVwO9Eprll9SSj5DCQ%3D%3D"}],"max_age":604800}
content-type: image/gif
expires: Tue, 16 Mar 2021 13:15:31 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff289264a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Twitter-security-icon.png
www.securityweek.com/sites/default/files/logos/ 1 KB
2 KB 22ms
20ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/logos/Twitter-security-icon.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10f0e5158e45d76ba649af69ed465a28489483ac934b3e491773cb5e4c9704f0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 684396
cf-polished: origSize=2314
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1238
cf-request-id: 089b084b9700004a85e59be000000001
last-modified: Tue, 12 Jan 2021 20:28:49 GMT
server: cloudflare
etag: "c6072c-90a-5b8b9deca4eed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZmQAea3avtLR4I1Hk3L98m7R1wqKuVgU%2F4rPseeGRbRD8EOTtPSLoepW4CVgCN0ywltUOTby2O6BuZSPAM8aOrwk29%2F%2FILbKVN3Wz7djHIsZ7O2vl%2BKAWuD9SJTGREsPIA%3D%3D"}],"max_age":604800}
content-type: image/png
expires: Tue, 09 Mar 2021 20:45:54 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff289274a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Facebook-Security-Group.png
www.securityweek.com/sites/default/files/logos/ 1 KB
2 KB 24ms
22ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/logos/Facebook-Security-Group.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f9048e36baefc5cac0974c3e49ffc683d667c5b2081f6cd8d20f5a301b124c2

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1161968
cf-polished: origSize=2335
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1315
cf-request-id: 089b084b9a00004a85e29f2000000001
last-modified: Tue, 12 Jan 2021 20:31:23 GMT
server: cloudflare
etag: "c6072e-91f-5b8b9e7f5d191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f2koU1rwSGFjrdmCxTSxlLZBXJ1IucSIpUga8ZAt31ncs7frIl5MAqiAzkhop6jhkv1rBV51gt0doQ4OpVJKdlLNbDm%2FsxbJT3h%2FeJi1Vs%2B%2BFqCwmdQu%2FpwfdVd2Rb%2FSlQ%3D%3D"}],"max_age":604800}
content-type: image/png
expires: Thu, 04 Mar 2021 08:06:22 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2892a4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 LinkedIn-Cybersecurity-icon.png
www.securityweek.com/sites/default/files/logos/ 1 KB
2 KB 28ms
26ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/logos/LinkedIn-Cybersecurity-icon.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f3d36be68e6a795cf0d621b7d8b4beb4b9f9caea3f3682f2f8f59a846000893

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 684397
cf-polished: origSize=2404
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1369
cf-request-id: 089b084b9700004a85a43ec000000001
last-modified: Tue, 12 Jan 2021 20:28:18 GMT
server: cloudflare
etag: "c6072a-964-5b8b9dce83b9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VNstJlZ3hlY8WAoncNUAKUKL7Ko0puCEDmQgU9GtUJjKp7HwEhX0QPq2FLFqvBDaTiTT8z%2B9M2Q5hC5mpjQqs0wUWpfRj5d2nIVGlApoGkzxc5HbrzEZR146vQJGrxe%2F7Q%3D%3D"}],"max_age":604800}
content-type: image/png
expires: Tue, 09 Mar 2021 20:45:53 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2892b4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 Cybersecurity_News_Feed.png
www.securityweek.com/sites/default/files/logos/ 1 KB
2 KB 20ms
18ms Image
image/png 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/default/files/logos/Cybersecurity_News_Feed.png
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb9d49a04efcc971667386f67fb420e20fd130339f1c994fc7359bc34771ef9

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 684397
cf-polished: origSize=2414
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1398
cf-request-id: 089b084b9800004a85a1148000000001
last-modified: Tue, 12 Jan 2021 20:27:46 GMT
server: cloudflare
etag: "c60731-96e-5b8b9db04a596"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R9%2BKCm0iNiepylLpREVckDgqlysYOgX3EMYUTpedTaKXuZsihd789ZKY1owAwTyrJz8MGmXpZb49nTjq%2BLtsgEFQmrvgjqNuuAyGAHBKA21FRSAy%2BQceNErFbF0r5m3KDw%3D%3D"}],"max_age":604800}
content-type: image/png
expires: Tue, 09 Mar 2021 20:45:53 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2892c4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 wired_publishing.jpg
www.securityweek.com/images/ 2 KB
2 KB 19ms
18ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/images/wired_publishing.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08fa49f20076c343e2724c631a732d8cbd3bd0daf55f4a0f8311e07dc77be29c

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643548
cf-polished: origSize=2601
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2076
cf-request-id: 089b084b9800004a85e338d000000001
last-modified: Wed, 08 Dec 2010 15:26:32 GMT
server: cloudflare
etag: "1e132d-a29-496e7bef23a00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YlYryanE8313QNJaKgRjZHbHDpDOBYjrJDQYdXpzXqD3OX1bUAh%2FuBxZB23a7paiP%2FgjejXUdlJVG6gG1b6fqT6ESjVppL2vs2MKaP5azrZAVjEcYErAKKZXLLM925eVuw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Wed, 10 Mar 2021 08:06:42 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2892e4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 25ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 089b084ba400002b1e07b39000000001
last-modified: Thu, 18 Feb 2021 13:46:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"602e6fce-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kEs6sZkCp9N9C%2FTH1hnBflwTRR1nhtzU71CiBh1FqRg5SAIc3zRbhp9FypEOFwj6yRN28%2Fq3KstejCi%2FRmtFFHI9FJRsaXJ2%2F46sFDO5%2FHjG5xcdXHw6%2F4eLH6NERP7r"}]}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 62a50ff29e0b2b1e-FRA
expires: Fri, 05 Mar 2021 18:52:30 GMT

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 8A5D 41 KB
12 KB 89ms
89ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e70dc2f79c9e281b7d23ac4f8f3073cdc5b27980d4f196edbbcec3db663ec0e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: vCm3USA65MCdusO6oPUnuBX8X43dq8071oF2Q4K8CFarkSZYFd4XwtInyXolPGkhWuBZkP5cpEldJArqFBDvkg==
date: Wed, 03 Mar 2021 18:52:30 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 line_dotted.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 3 KB
3 KB 18ms
17ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/line_dotted.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55851ffd45a0a3e9abd9c2ac844eba1efd50272a39360d0f3b396d26a7d0bfc8

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 567909
cf-polished: origSize=3724
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3165
cf-request-id: 089b084ba000004a85b9314000000001
last-modified: Sun, 15 Jan 2012 05:43:31 GMT
server: cloudflare
etag: "3c001c-e8c-4b68a93f6a6c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=njQRu7JNVInF6ggV5fGQGLdc3eK2V64pHJlwQ9TjmvFC4fjdcFil7jdeABkHfIRzoecyLlbAPyjp4qfHX6Fl1YqLvEg3XtEuSk7WfScpjmIVEvJC65EZb2YQxu1f5W9eNA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Thu, 11 Mar 2021 05:07:21 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2993f4a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 bullet.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 2 KB
2 KB 19ms
18ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/bullet.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffad58a307aa1ac6baff90296c8edc9db313f888876bc2ad453be4db8d01bf9

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 940001
cf-polished: origSize=2285
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1901
cf-request-id: 089b084ba000004a85bbb89000000001
last-modified: Sun, 15 Jan 2012 05:30:46 GMT
server: cloudflare
etag: "3c0019-8ed-4b68a665dad80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yTdi2Z%2FfYyIH62T3kffpL2YK9ZJIpARfy3WTQD5RzRn8tli2YkITDDLmJPBi1fG8klvS4dyoZzGkuNnRbUF%2B%2FzC9k6c8%2B2YcbSVv1qKK5UohIoN9v%2FBWuzYmwnAeHbq%2BUw%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Sat, 06 Mar 2021 21:45:49 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff299434a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 subscribe-btn.gif
www.securityweek.com/sites/all/themes/securityweek/images/ 2 KB
3 KB 20ms
17ms Image
image/gif 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/subscribe-btn.gif
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4986aea94d23482c38fb06749a6a5c5c6ab95db97aa3bcc9feaf7eda6cbf6626

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 303399
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2249
cf-request-id: 089b084bad00004a85fb2d2000000001
last-modified: Tue, 25 Jan 2011 04:28:42 GMT
server: cloudflare
etag: "3c0021-8c9-49aa426bbd280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P9cc%2FmoSaaRy8ggVl2AdujX11pwEiY0loHWciHBoaNaRRCD61BbNd2sA%2Byff94OK8ZiELAW7q4%2FV%2FCfW%2F40gbEs6lHqGzyWYaMS566JHwV2k%2BlaRDlODWsCScWHlzdVJrg%3D%3D"}],"max_age":604800}
content-type: image/gif
expires: Sun, 14 Mar 2021 06:35:51 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2a9744a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 footer_bg.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 510 B
1 KB 17ms
15ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/footer_bg.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e4a85296d37106cff5d646be0fabf370fd83a9b133c3aaf41e6ffb73d108366

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 713625
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 510
cf-request-id: 089b084bad00004a85ac303000000001
last-modified: Mon, 22 Mar 2010 15:27:23 GMT
server: cloudflare
etag: "3c0015-1fe-4826555678cc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rGd%2FMTRGoFXfqSq%2FMNThW5o%2FbrDaN1iXdgb0nmkFynotLdyOixq2y7qCGlfMKRgof8vsz%2Fj%2BTCGPfg4Q%2FNDdhuMitiNvAY6lb6gbY4OyGUhAQvklr3NOU%2FAM1WqY56Pzlg%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Tue, 09 Mar 2021 12:38:45 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2a9754a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 footer_partition.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 412 B
816 B 23ms
21ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/footer_partition.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d77a9a71769ddc2a85524914671fb1d031132a8e37366440a4b6b01d7ad0025

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 643547
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 412
cf-request-id: 089b084bad00004a858e804000000001
last-modified: Mon, 22 Mar 2010 15:27:29 GMT
server: cloudflare
etag: "3c000f-19c-4826555c31a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fhqZ8zHkKcFybZU1gSEu5ilPCTx6suufnDQ%2FxyTDxPNMd1D%2FYW6y8RpTUUrJJU9kSEc3YHPaUqn9Bfj0HCHX4IR0sFJk6t4QJybxE2PftALZTYpzLBwuyGg07Xgvd2D9sA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Wed, 10 Mar 2021 08:06:43 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2a9774a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 footer_h3_dotted.jpg
www.securityweek.com/sites/all/themes/securityweek/images/ 1 KB
1 KB 18ms
16ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/footer_h3_dotted.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11789957fc00eda3630397edd31ee6a5575a997ab4334d79b655b3830ab4caf4

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1161967
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1026
cf-request-id: 089b084bb000004a85bbb8d000000001
last-modified: Mon, 22 Mar 2010 15:27:27 GMT
server: cloudflare
etag: "3c001d-402-4826555a495c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fty%2Bu0oMzwDq91Y8tgmP52qrZ1cXzBXE151tRzoJ3eo%2FSlt833N2f2MxlIQ266fFKEEK%2FIR%2FKwMtHch%2FxYEggsV4ckQgfTnYwgLHyXuBYbuBV6cttXUOmQE4Sbzy%2F9anKA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Thu, 04 Mar 2021 08:06:23 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2a9784a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 footer_bullet.gif
www.securityweek.com/sites/all/themes/securityweek/images/ 58 B
476 B 17ms
16ms Image
image/gif 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/sites/all/themes/securityweek/images/footer_bullet.gif
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1298490f294128f086689a5654a8340ea9ec7c20c8e97f811590d5313edc9e

Request headers

Referer: https://www.securityweek.com/sites/default/files/css/css_0f36d94fdd1139915e8a0e66309ca7d0.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 642138
cf-polished: status=not_needed
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58
cf-request-id: 089b084bae00004a85b1b29000000001
last-modified: Mon, 22 Mar 2010 15:27:25 GMT
server: cloudflare
etag: "3c001e-3a-4826555861140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SPTsHSYmzo7DEIn0Z3tm6tH4Wrnk9IKyxTdOujj9qK4gOJLyMUpzBxakcD4zYPHhocq63WrHioaNUlH4Lxl3QOs9tgXtzH%2BsViM8PeK8a%2BxgpNWUXm2Prmi41g1hhLPy%2Bw%3D%3D"}],"max_age":604800}
content-type: image/gif
expires: Wed, 10 Mar 2021 08:30:12 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ff2a9794a85-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 init.js Show response
www.securityweek.com/sites/all/modules/custom_control/misc/ 806 B
997 B 20ms
18ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/sites/all/modules/custom_control/misc/init.js?1614796210
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 860cbda18e270fc386abaf6bf75a4ee54de6d12d1b88888df6ec9726a6afbca7

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 532
cf-polished: origSize=1101
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084bd600004a85ebb1a000000001
last-modified: Thu, 22 Mar 2018 21:18:02 GMT
server: cloudflare
etag: W/"3c0d00-44d-56806d7baf680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aZbHbpNSTMT9ozIJ%2FJw34iOai%2FqXTXZMOr2r9OvWDriIgzV2ZO%2Fq7%2FsDBtqwX%2FjjPQqU%2BiiaNX9oR7lWhBoIlq9%2FHU9CY6M1iWDCKRg6xHrI2JHS6nOUpI3d7q%2FIClc1xA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 62a50ff2fa184a85-FRA
expires: Wed, 17 Mar 2021 18:43:38 GMT

GET
H2 200 js_04a94e789c76cecebcd33aa893ef6251.js Show response
www.securityweek.com/sites/default/files/js/ 785 B
777 B 20ms
19ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/sites/default/files/js/js_04a94e789c76cecebcd33aa893ef6251.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8df0ba2d8af3e602eaba8677fe2c57228955b28868c91c2850a4c3c1ad8c7f68

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27077
cf-polished: origSize=1094
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084bd700004a85063c8000000001
last-modified: Wed, 03 Mar 2021 11:21:03 GMT
server: cloudflare
etag: W/"3a0006-446-5bca00bdc0dda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A4802jBlG1KGNUwEhaMRwGBmlfDJ85%2FzsxnhucVduVhyiCdqxlLyvs0NX7Dcqg%2BDRwI3rS9EF8QN8TNq709008lyc0DUIeZfem0ek39pQOTG6%2F6RfnF2WncMTn30EHimHg%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 62a50ff2fa1b4a85-FRA
expires: Wed, 17 Mar 2021 11:21:13 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 56ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1219
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28744
x-tw-cdn: VZ
Last-Modified: Mon, 08 Feb 2021 21:21:01 GMT
Server: ECS (amb/6BA5)
Etag: "11a0c75a945561958f0b924da0e67334+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 in.js Show response
platform.linkedin.com/ 181 KB
55 KB 29ms
6ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0A) /
Resource Hash: 488b5b91db031b1eacb1fe400136cf3fff594d1f17b31ea46a4901e140e1da76

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1022
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 55605
x-li-uuid: vANKFePoaBYwRKJbgSsAAA==
server: ECAcc (frc/8F0A)
last-modified: Wed, 03 Mar 2021 18:35:28 GMT
x-li-pop: prod-ech2
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-li-proto: http/1.1
x-li-fabric: prod-lva1
expires: Wed, 3 Mar 2021 19:35:28 GMT

GET
H2 200 js_a9152d7ebcf20873fef091234406722f.js Show response
www.securityweek.com/sites/default/files/js/ 69 KB
26 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/sites/default/files/js/js_a9152d7ebcf20873fef091234406722f.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1098ef7fef25a8fd6eac7dbf1442047062c4d1400c601f8ff843742c61de640c

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 27078
cf-polished: origSize=90975
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 089b084bd700004a85b1b2f000000001
last-modified: Wed, 03 Mar 2021 11:21:03 GMT
server: cloudflare
etag: W/"3a0004-1635f-5bca00bdbfe3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GBV%2Bg4LZCR7qgiq5ACWB8uks3IwE37MIYwwqJqsr54cErRl1Q4K%2Fk7SpVfkOE2D3fQ79bC%2B7DDC4gtmh3pnp5QFCVvd5xApgQzVdMnV4gzXjIlK%2FCvo80c4UW96H%2BB3BEA%3D%3D"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 62a50ff2fa1e4a85-FRA
expires: Wed, 17 Mar 2021 11:21:12 GMT

GET
H2 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 3E22 388 B
658 B 5ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: gzFzIVlkFcDw57G57z/UAyjbGKzFn1AZUKTbcsr4zJbS7sobvAqzpDQfvNWiHgSTldPzpcc6q+TxNgAgLjWTgw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Thu, 25 Feb 2021 04:29:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 388
x-fb-rlafr: 0
expires: Fri, 25 Feb 2022 04:29:48 GMT

GET
H2 200 0XmUTHqikzl.js Show response
www.facebook.com/rsrc.php/v3iEpO4/ys/l/en_US/ Frame 3E22 478 KB
123 KB 6ms
5ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/ys/l/en_US/0XmUTHqikzl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5fe461d0cb4d14f8d030e807de7422891b9194abd86319cd57eee16012b7d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: iwjG0OTc13jlEz+JsvduCTam4XpL9eqE+b5+tGi2Id3YOxkVnbVTQD/K+gaFRnHl5CdntWAS5az2/6rYGOBtNg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: adDM5cmqcrqlbWim0GXeTA==
date: Wed, 03 Mar 2021 07:41:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126025
x-fb-rlafr: 0
expires: Thu, 03 Mar 2022 07:41:35 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 3E22 67 B
926 B 50ms
50ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1614797550560&t_start=1614797550560&t_domcontent=1614797550563&t_layout=1614797550594&t_onload=1614797550594&t_paint=1614797550594&t_creport=1614797550594&t_tti=1614797550563&lid=6935502668754917125-0

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 0c0vGYRZATc9YB4vO2jG9rhPz//ozfPdk64ZPgKBdrdYH8+kjIAn0a73YSENh8TCL/Fd6hOA3ZPXXb9w+7v/WA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Wed, 03 Mar 2021 18:52:30 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 zSKZHMh8mXU.png
www.facebook.com/rsrc.php/v3/yr/r/ Frame 8A5D 388 B
531 B 6ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yr/r/zSKZHMh8mXU.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: gzFzIVlkFcDw57G57z/UAyjbGKzFn1AZUKTbcsr4zJbS7sobvAqzpDQfvNWiHgSTldPzpcc6q+TxNgAgLjWTgw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mLIKfuTnwd0c8uA9BXg4cQ==
date: Thu, 25 Feb 2021 04:29:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 388
x-fb-rlafr: 0
expires: Fri, 25 Feb 2022 04:29:48 GMT

GET
H2 200 0XmUTHqikzl.js Show response
www.facebook.com/rsrc.php/v3iEpO4/ys/l/en_US/ Frame 8A5D 478 KB
123 KB 6ms
6ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/ys/l/en_US/0XmUTHqikzl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5fe461d0cb4d14f8d030e807de7422891b9194abd86319cd57eee16012b7d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: iwjG0OTc13jlEz+JsvduCTam4XpL9eqE+b5+tGi2Id3YOxkVnbVTQD/K+gaFRnHl5CdntWAS5az2/6rYGOBtNg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: adDM5cmqcrqlbWim0GXeTA==
date: Wed, 03 Mar 2021 07:41:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126025
x-fb-rlafr: 0
expires: Thu, 03 Mar 2022 07:41:35 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 8A5D 67 B
188 B 43ms
43ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1614797550618&t_start=1614797550618&t_domcontent=1614797550622&t_layout=1614797550629&t_onload=1614797550629&t_paint=1614797550629&t_creport=1614797550630&t_tti=1614797550622&lid=6935502668679817911-0

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&layout=button_count&show_faces=true&width=120&action=recommend&font=tahoma&colorscheme=light&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: JbqHzOSNVQuTJFKhf0z6Cf8NlW8F31nNve8O5xGvtKNNM0MPy7vpA0V7dOV2Kx9rRFKS++Y0tKblyusGx9Nl4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Wed, 03 Mar 2021 18:52:30 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa5583d6b59ee1eeb568531be21c8e9c9eb3a621f50b41bb64cbcf99d924b352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "800 / 561 of 1000 / last-modified: 1614773468"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19357
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-56Iick91KQjCSb2NAjZ9TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-56Iick91KQjCSb2NAjZ9TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H2 200 in.js Show response
platform.linkedin.com/ 181 KB
54 KB 7ms
7ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.linkedin.com/in.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0A) /
Resource Hash: 488b5b91db031b1eacb1fe400136cf3fff594d1f17b31ea46a4901e140e1da76

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1023
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 55605
x-li-uuid: vANKFePoaBYwRKJbgSsAAA==
server: ECAcc (frc/8F0A)
last-modified: Wed, 03 Mar 2021 18:35:28 GMT
x-li-pop: prod-ech2
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
accept-ranges: bytes
x-li-proto: http/1.1
x-li-fabric: prod-lva1
expires: Wed, 3 Mar 2021 19:35:28 GMT

GET
H2 200 pubads_impl_2021022501.js Show response
securepubads.g.doubleclick.net/gpt/ 287 KB
101 KB 152ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 09:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103137
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1220
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28744
x-tw-cdn: VZ
Last-Modified: Mon, 08 Feb 2021 21:21:01 GMT
Server: ECS (amb/6BA5)
Etag: "11a0c75a945561958f0b924da0e67334+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 144 KB
50 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 00:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 152740
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Wed, 02 Mar 2022 00:26:51 GMT

GET
H3-Q050 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 97 KB
34 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 14:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 14991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34488
x-xss-protection: 0
expires: Thu, 03 Mar 2022 14:42:40 GMT

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame 3B36 2 KB
1 KB 43ms
37ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01517ee294ec539f210a9cc78a5f8005a2f5d2a3e98c4054786f410d8ab52de3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7spboLLier4G9Unk5aDuBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=4IypF9MbJ3lL-9R4vZq94SJk4Q3hdDo3UOe0dbhFrhhvaV7dCJgO2QR1jN7aAKX5oDt_y-2WaTb9cKdQ4aZP5i5fSkFaB0mfeewd_fedKC3yCAgWrI86wB6F2S5HWTaDqGlg7CMjKlUZ-BTmqbR1fcPqp07PG4-t8cPb9gHDGhQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 03 Mar 2021 18:52:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-7spboLLier4G9Unk5aDuBg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame E3E6 2 KB
953 B 43ms
39ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

586e07c6b53a113eaf8974901e5abe57258d15203f624d9ec2dd5ec20737f637

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hiV5VtyX2lKq6OKKOA0ssQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=4IypF9MbJ3lL-9R4vZq94SJk4Q3hdDo3UOe0dbhFrhhvaV7dCJgO2QR1jN7aAKX5oDt_y-2WaTb9cKdQ4aZP5i5fSkFaB0mfeewd_fedKC3yCAgWrI86wB6F2S5HWTaDqGlg7CMjKlUZ-BTmqbR1fcPqp07PG4-t8cPb9gHDGhQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 03 Mar 2021 18:52:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-hiV5VtyX2lKq6OKKOA0ssQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4264
date: Wed, 03 Mar 2021 17:41:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 03 Mar 2021 19:41:27 GMT

GET embed.js
securityweek.disqus.com/ 0
0

GET
H2

200

google_custom_search_watermark.gif
cse.google.com/coop/intl/en/images/
Redirect Chain

https://www.google.com/coop/intl/en/images/google_custom_search_watermark.gif
https://cse.google.com/coop/intl/en/images/google_custom_search_watermark.gif

2 KB
2 KB

27ms
6ms

Image
image/gif

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cse.google.com/coop/intl/en/images/google_custom_search_watermark.gif

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4b4b65dc5e87ed8215fb3d74834cd100069e7eb8aaf903a4665e26079fb0777d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:28:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 08 Feb 2012 18:07:38 GMT
server: pfe
age: 1435
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2024
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:58:36 GMT

Redirect headers

date: Wed, 03 Mar 2021 18:52:13 GMT
x-content-type-options: nosniff
server: sffe
age: 18
content-type: text/html; charset=UTF-8
location: https://cse.google.com/coop/intl/en/images/google_custom_search_watermark.gif
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 274
x-xss-protection: 0
expires: Wed, 03 Mar 2021 19:22:13 GMT

GET ad.html
www.securityweek.com/ Frame 2737 0
0

GET
H2 200 ad.html Show response
www.securityweek.com/ Frame 0F5A 556 B
605 B 592ms
591ms Document
text/html 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.securityweek.com/ad.html
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 437542a358225b118f29d8d09db80177878af0ae9581353e3e701ec7416c67b8

Request headers

:method: GET
:authority: www.securityweek.com
:scheme: https
:path: /ad.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=db6b6543347c72e01a1aa07315f6d38161614797550; SESSc3f2c9572aa8f3f5ea6f60501affecb3=c52aeecd2ed1fdeb75489372abe1b4c7; SESSae1377f0cbe7278b70a9339b7853afbd=225be7a5481f401cb64e0c58ee8aeaf1; has_js=1; sessid=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-type: text/html
last-modified: Mon, 04 Jan 2021 19:55:42 GMT
cache-control: max-age=1209600
expires: Wed, 17 Mar 2021 18:52:31 GMT
cf-cache-status: DYNAMIC
cf-request-id: 089b084eeb00004a85a8384000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fgw2tDFZdamry4T1pMk7%2BJZoccL%2BqxXcHq6CqIelOxaUgkP3lKUfBZ3fIgnCCbe2I3n5%2BUIYqqK%2FaNu0KWmIVN1h7AdEhwRDOkTC2ns1saYxogqaw7kHPSTGHY%2B3XgWBjg%3D%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 62a50ff7de084a85-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html Show response
platform.twitter.com/widgets/ Frame 81DC 320 KB
104 KB 14ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.securityweek.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: 99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1892777
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Mar 2021 18:52:31 GMT
Etag: "d9fdaa7a36dc36e57ad53c2039f52486+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B77)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105677

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 42ms
28ms Image
image/gif 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1641183775&utmhn=www.securityweek.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Microsoft%3A%20Multiple%20Exchange%20Server%20Zero-Days%20Under%20Attack%20by%20Chinese%20Hacking%20Group%20%7C%20SecurityWeek.Com&utmhid=350461691&utmr=-&utmp=%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&utmht=1614797551362&utmac=UA-11590534-1&utmcc=__utma%3D89563204.634286238.1614797551.1614797551.1614797551.1%3B%2B__utmz%3D89563204.1614797551.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2055310234&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 3B36 3 KB
3 KB 35ms
21ms Image
image/png 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame EB86 567 B
864 B 40ms
18ms Document
text/html 2a00:1450:4001:82b::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.securityweek.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3510c40135dc36ef257c1b068bc38b1a4ef3423c1bd8d99cbc99c775935ff36

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ELpVy1/lGziheOJ4W1lAMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.securityweek.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=4IypF9MbJ3lL-9R4vZq94SJk4Q3hdDo3UOe0dbhFrhhvaV7dCJgO2QR1jN7aAKX5oDt_y-2WaTb9cKdQ4aZP5i5fSkFaB0mfeewd_fedKC3yCAgWrI86wB6F2S5HWTaDqGlg7CMjKlUZ-BTmqbR1fcPqp07PG4-t8cPb9gHDGhQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 03 Mar 2021 18:52:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-ELpVy1/lGziheOJ4W1lAMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame E3E6 3 KB
3 KB 18ms
18ms Image
image/png 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&origin=https%3A%2F%2Fwww.securityweek.com&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 81DC 183 B
411 B 258ms
159ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=b8eaaff012a2af98f4b606a39c3d829759e1eac2

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.securityweek.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/widgets/widget_iframe.6e189c4f2b6d88c453045806323cdcf3.html?origin=https%3A%2F%2Fwww.securityweek.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-response-time: 110
date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:52:31 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: e657a2a5765cee40c28a3eb092d80754
strict-transport-security: max-age=631138519
content-length: 152

GET
H/1.1 200
OK button.cf7aaea83eb75b84ae4508f0ceb5dc4c.js Show response
platform.twitter.com/js/ 7 KB
3 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.cf7aaea83eb75b84ae4508f0ceb5dc4c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: 055dd0f1e0eae12d4587b12f516a1d7a0f858d80498823cbade9f97b5962d727

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:31 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 21:19:23 GMT
Server: ECS (amb/6BA5)
Age: 1892776
Etag: "d85b930ed0bb252882372aca97f80615+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 2296

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame EB86 10 KB
5 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.securityweek.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.securityweek.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 13:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 22:59:50 GMT
server: sffe
age: 17762
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
expires: Thu, 03 Mar 2022 13:56:29 GMT

GET
H3-Q050 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame EB86 12 KB
5 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wcXGgm59v5ES0IF2XyKzDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.securityweek.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "c489adc86eb80e5d71f9e88a3dbbf731"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-wcXGgm59v5ES0IF2XyKzDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H/1.1 200
OK tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html Show response
platform.twitter.com/widgets/ Frame 005E 32 KB
13 KB 13ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: 3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1892776
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Mar 2021 18:52:31 GMT
Etag: "3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA5)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12286

GET
H/1.1 200
OK tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html Show response
platform.twitter.com/widgets/ Frame 8443 32 KB
13 KB 27ms
13ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.6e189c4f2b6d88c453045806323cdcf3.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: 3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1892776
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Mar 2021 18:52:31 GMT
Etag: "3303401d80bcb82d7d7203edac7a8123+gzip"
Last-Modified: Mon, 08 Feb 2021 21:19:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA5)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12286

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.securityweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
239 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.securityweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
14 KB 169ms
119ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3671361728308925&correlator=1170873710196280&output=ldjh&impl=fifs&eid=31060020%2C31060112%2C31060237&vrg=2021022501&ptt=17&sc=1&sfv=1-0-37&ecs=20210303&iu_parts=1009451%2C300x250-Lower%2C300x600-Right-Side%2C728x90-Bottom%2CSecurityWeek-Splash-640x480%2CSecurityWeek_Home_Top_728x90%2CSecurityWeek_Home_Top_Right_300x250%2CRSA-ThreatInsights-300x600%2CRSA-ThreatInsights-728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8&prev_iu_szs=300x250%2C300x600%2C728x90%2C640x480%2C728x90%2C300x250%2C300x600%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1614796210&dt=1614797551527&dlt=1614797550402&idt=1103&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C993%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C669%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adks=2099535745%2C3057893268%2C1175233209%2C4168261516%2C3429238268%2C2944426297%2C4131204049%2C771541050&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C303x610%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C300x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=1256746490.1614797552&ga_sid=1614797552&ga_hid=350461691&fws=2%2C4%2C2%2C2%2C2%2C2%2C2%2C2&ohw=0%2C998%2C0%2C0%2C0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3757b220718b9b1d77a3c62ed748107d7db7ec87fc04d12dca6336d608b87bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13783
x-xss-protection: 0
google-lineitem-id: -2,4506530349,-2,81272401,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138308208778,-2,30583699681,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
74a259febff622ac6ee65b128200ac74.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 71ms
39ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://74a259febff622ac6ee65b128200ac74.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame EB86 51 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fwww.securityweek.com&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 11:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 114383
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18054
x-xss-protection: 0
expires: Wed, 02 Mar 2022 11:06:08 GMT

GET
DATA 200
OK truncated
/ Frame 005E 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8443 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame DE20
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
572 B

13ms
13ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
Origin: https://www.securityweek.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1892776
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Mar 2021 18:52:31 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Mon, 08 Feb 2021 21:20:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BA5)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 03 Mar 2021 18:52:31 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 03 Mar 2021 18:52:31 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
status: 302 Found
strict-transport-security: max-age=631138519
x-connection-hash: e657a2a5765cee40c28a3eb092d80754
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 124
x-transaction: 00fb1eb7000a7149
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
446 B 58ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=3671361728308925&r=300x600&w=300&h=600&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3E1 0
0 77ms
76ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspmDfuYEEkYQhGgRExG_z95v6yaIRTKjAsO4PkXovuglleeCAkUF_0LO7e9miEucWL1oDhXF4v5L5wyAOeBCUKNAUvYQaWkaBsMSDQvzWRwrfrtZUAJUQI6hEjyxNmCYpeQTCbsuahUXt9WQTqp2Ld27vUr6Hy-hVHgm9AQCyXAtWj_Aa5QuaKbQjQ9zVG2TeWa-DNKt6oseePj_XvDvUCT8xKc7DK9R61bjC_PjkIsXa7KtGzIu4QyB9ORwXedh0QWhsvnXVE8iQ8zPl9jsY98pUKo2M9fTFlYEcwKFhYRoLcElhXXfxQ2SM&sai=AMfl-YQw0wet0QhSDPWMGJ98W8q_LHYcBQVGtO7cUv1kUcAKJu8ZXn2ruJdPqmz0X_C38YbqZynLbznikp2BLSnXZxEytLOeppsvWgkH-CHHQK-FqG_ZMmQI39YxpqKfZXc&sig=Cg0ArKJSzAWIFoawF007EAE&adurl=

Requested by

Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 18:52:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/ Frame E3E1 18 KB
8 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 7415731890135056792
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 18:50:35 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/ Frame E3E1 3 KB
2 KB 54ms
39ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210301/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 17 Mar 2021 18:52:24 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3E1 107 KB
33 KB 47ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602225221865"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33469
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame E3E1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuZtAzGax_11gb3C0EInAwZEvtaO8SmI1WfgIE_y51jtLL18NHCiBonbVrkoih46Jp5gSJ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 1956689884250199370
tpc.googlesyndication.com/simgad/ Frame E3E1 200 KB
200 KB 37ms
23ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1956689884250199370

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d700d6487ef4b0198e9a669c9ec89dd2d633302b7c82808b08f37ff9d38e98b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 12:35:40 GMT
x-content-type-options: nosniff
age: 454611
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204410
x-xss-protection: 0
last-modified: Wed, 01 Apr 2020 12:54:53 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Feb 2022 12:35:40 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 38ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614602243598683"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 38ms
20ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5461515988cbfef28cf5b2643884a68350924be983447be13221e547568963ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6482
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022501.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
DATA 200
OK truncated
/ Frame E3E1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d492d1037b61a717e2b784e98781762a7e3edb32c31d18ab1cc0d0c18c42cc9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK BrightInfoVersion.aspx Show response
app.brightinfo.com/ 512 B
943 B 916ms
221ms Script
text/javascript 168.62.202.120
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.brightinfo.com/BrightInfoVersion.aspx
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 168.62.202.120 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 3a97814ea0b535c0cbb8cf4c2985fdae2775913b256a3f6a50839c64c195570e

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 Mar 2021 18:52:32 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store
Content-Type: text/javascript; charset=utf-8
Content-Length: 504
Expires: -1

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3E1 0
0 147ms
94ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvh67hG3wrmoffnWPNDZkjR6QDQSPtHGpyctTaym5nvFJ60Y9dZVOkURXd1zl6nzHKUSvvgy2A3arPGHGbrO3XUQUeRZmKvR-61OrXgllXz29BNqi2YBWWLmwFBfsz5nTqEDIEXATNG12vO-q14cBgXPbxi3PLOiPERZjWsB-jTL3Wx-mH1ZQgzFlM3jm8-ZhfNZREOEvCIJRZJnEUMuKUN7SbTAjK0F2vVxoTbEACHZx7C0dPAa6vUcjh_AsWX25ZVP-UyWy8KoIwrgO3ymPyI6J4Dxa9VUH6wmPAWTtCk3Y8hm3UC4haaOtT2wg&sai=AMfl-YSxJgBEegf3p1vvlioTMdfltfN0cZLvkF6B6tf4r6hS_xlckYGMTSEX9s_IvhMKU_JkkeobFSV6f5LJdQhEsR7-ssYgR2VWPaVqXcfHKmhRuH9Ef0Qw5-8R4PkIccA&sig=Cg0ArKJSzK8BGwhtYzBSEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Mar 2021 18:52:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 03 Mar 2021 18:52:31 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 0722 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Wed, 03 Mar 2021 17:48:34 GMT
expires: Thu, 03 Mar 2022 17:48:34 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3837
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js Show response
pagead2.googlesyndication.com/bg/ Frame 0722 14 KB
6 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ekTeMRkTLAgqvKQxAlWoBzU2ULO22MBqypBxObrNBXw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a44de3119132c082abca4310255a807353650b3b6d8c06aca907139bacd057c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 08:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 00:45:00 GMT
server: sffe
age: 35655
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5735
x-xss-protection: 0
expires: Thu, 03 Mar 2022 08:58:16 GMT

GET
H2 200 Virtual-Events-640x480.jpg
www.securityweek.com/ad/ Frame 0F5A 146 KB
147 KB 16ms
15ms Image
image/jpeg 2606:4700:20::ac43:61a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.securityweek.com/ad/Virtual-Events-640x480.jpg
Requested by: Host: www.securityweek.com
URL: https://www.securityweek.com/ad.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:61a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a060b3f77ac5873b42822513a8d9c2439423dd9be07cf85d3e45f3dd8028d378

Request headers

Referer: https://www.securityweek.com/ad.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 18:52:31 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 166692
cf-polished: origSize=168045
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 149643
cf-request-id: 089b08513e00004a85e300f000000001
last-modified: Mon, 04 Jan 2021 19:53:39 GMT
server: cloudflare
etag: "2c082c-2906d-5b81872459d18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bczs%2FhsdRcUagHIhV%2FbfEoeEdY86NUzEGM5KEbj%2BsUmJTlCzCsghnLgbPMJ0TSZNOyK9XUkDisFnhh7S7UGyWV%2FfheoC4LW00hYQvenJGxljmd77toNDYYfeEo7uul9hiA%3D%3D"}],"max_age":604800}
content-type: image/jpeg
expires: Mon, 15 Mar 2021 20:34:19 GMT
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 62a50ffb9d674a85-FRA
cf-bgj: imgq:100,h2pri

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 40ms
39ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022501&jk=3671361728308925&bg=!OzilOHvNAAXdrq8Z3TsAKQB2-Dxa8H1120E-nbWYdSP7Btsp9invH03XlFM4bTT-g8KrZPb-Ov38AgAAAFxSAAAACmgBBwoAXbMtVU2Hd7mI28-DNZaZblgykv4Xf1LefvjyJhpuPx2B7IVy0bl-kUtn80ORAExN6lDLRW5Nz8VidHTCp0ebZkgZWcErQgRGr_xN7y-MOGn1PmseRlDjbLRPc2QV-5kB5Nx_UABomYjcO_PnqpZowr_MvoDXpfXfwo7Sr-43VDylNCyW9dg6jCv_gbcXsxc3o-eVMDSDuHZYQo5Yg3-byurUb7NjaNIzzU8cLFMwDaN_LogTqxk1F71C5yh1xdaHZ2hjFzPqOzl-oITRt1gwZmGMTg72VerbAYF2dbSTAMGMsA8YyzGXVDqTfSIrpCgaOW5UyjurGPxJZKZEF1-PClkgduHNxAqZPU5H9xlbG8ZM_i8kIXCFJeA2JI7ijajAJ8F_7W4uiuz5z9bf7sEAUsrX5SCh76QaDNCbNuaqfr2qp48ic-fOSxmu6hIsmx2G1kDvouM1JIKcu3iOfUttLlPxzJo2sW2M68AGXdtHMDFzYsg0jYONow-UNldvzyNkMOLFMWtVkL_TQFSHZ7fsAnN1oMC64OPuwrdBbuDvaShHbQ4XAmqlJn8ul6C5mrPsrS3Uq8cNxGFMLPETOTFbk9gkKFkjYvoIuTtdru9AiLQ5Ai8tUELnj72ODiVLiPBEwBw6WgaVVVQmEVetOa3MvF97Ih1rcwm2p7Maur-ZlheCmSi3VkCoGiPvGkWU47rtFFAbWLbBl0K92B73YYtc0eM9C-nRrnKB_-Z9Wa1XGvtd_93SyGBD_1WAFwRs4SjIioBnSEE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bi.js Show response
app.brightinfo.com/Scripts/ 260 KB
75 KB 426ms
426ms Script
text/javascript 168.62.202.120
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000
Requested by: Host: app.brightinfo.com
URL: https://app.brightinfo.com/BrightInfoVersion.aspx
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 168.62.202.120 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: c5d22156666a1a8d7c0b660324a007ae7c2a0a3a355a893b180f65d989bdee11

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:32 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Content-Length: 76328
Expires: Thu, 03 Mar 2022 18:52:32 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E3E1 42 B
479 B 67ms
53ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFiCgmf96Na7s_sAEfk3-rnWoKerItCHX_gC7Gsih4D3pK7qRqOqNN0U2-VfvqTmDD5fGSTOw_cqtaBEipJQ9Tmofy4ahyZ7HAbFSSEhs&sig=Cg0ArKJSzMhVawdfiUhlEAE&id=osdim&mcvt=1001&p=1338,1986,1938,2286&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210301&bin=7&avms=nio&bs=1600,1200&mc=0.89&app=0&itpl=3&adk=3057893268&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614797551727&dlt=0&rpt=149&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app.brightinfo.com
URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2997
date: Wed, 03 Mar 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 20:02:36 GMT

GET
H/1.1 200
OK bia.aspx Show response
bia.brightinfo.com/ 19 B
409 B 1039ms
252ms Script
text/javascript 137.135.51.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bia.brightinfo.com/bia.aspx?callback=jQuery20302123939669453332_1614797553597&type=biLoad&version=2&jsonString=%7B%22url%22%3A%22https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group%22%2C%22cts%22%3A1614797553615%2C%22cid%22%3A%22wiredbusinessmedia-14532-1%22%2C%22pu%22%3A%22https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group%22%2C%22ru%22%3A%22%22%2C%22type%22%3A%22biLoad%22%2C%22sid%22%3A%22C2D9olnQLfdH7nApG8dw%22%2C%22mobile%22%3A0%2C%22browser%22%3A%22chrome%22%2C%22accountId%22%3A%2214532%22%2C%22version%22%3A2%7D&_=1614797553598
Requested by: Host: app.brightinfo.com
URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 137.135.51.188 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0e688d02687c4c64094dd0a75f5189ea12b955acf8c91f7bd5ac4948f1429cb9

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Content-Length: 136

GET
H/1.1 200
OK bi-animate.min.css
app.brightinfo.com/ui/ 47 KB
5 KB 209ms
209ms Stylesheet
text/css 168.62.202.120
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.brightinfo.com/ui/bi-animate.min.css?bi_ver=132292759840000000&id=wiredbusinessmedia-14532-1&sid=C2D9olnQLfdH7nApG8dw
Requested by: Host: app.brightinfo.com
URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 168.62.202.120 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 46cad46571cab06c5901e4e867aba4f0783dc88d3db626cfb73d58f00d130a16

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:33 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Mar 2020 14:53:24 GMT
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
ETag: "04a8a7890ffd51:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 4661

GET
H/1.1 200
OK bi.min.css
app.brightinfo.com/ui/ 47 KB
7 KB 418ms
209ms Stylesheet
text/css 168.62.202.120
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.brightinfo.com/ui/bi.min.css?bi_ver=132292759840000000&id=wiredbusinessmedia-14532-1&sid=C2D9olnQLfdH7nApG8dw
Requested by: Host: app.brightinfo.com
URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 168.62.202.120 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 810956c722149065eabd5b5c4f62f98cb74cda6fb5e3695ab97958e53d6791ca

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:33 GMT
Content-Encoding: gzip
Last-Modified: Sat, 21 Mar 2020 14:53:24 GMT
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
ETag: "04a8a7890ffd51:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7239

GET
H/1.1 200
OK bi-custom.css
app.brightinfo.com/ui/custom/wiredbusinessmedia-14532-1/ 548 KB
57 KB 793ms
387ms Stylesheet
text/css 168.62.202.120
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.brightinfo.com/ui/custom/wiredbusinessmedia-14532-1/bi-custom.css?bi_ver=132292759840000000&id=wiredbusinessmedia-14532-1&sid=C2D9olnQLfdH7nApG8dw
Requested by: Host: app.brightinfo.com
URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 168.62.202.120 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 5690a1bcc83d00312ef6260da791205a71d80bed7b35ca9701c7b29cfd62b3fe

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:33 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Feb 2021 23:52:25 GMT
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
ETag: "8022f47632d71:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 58375

GET
H/1.1 200
OK bi.aspx Show response
app.brightinfo.com/ 6 KB
3 KB 1065ms
661ms Script
text/javascript 168.62.202.120
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://app.brightinfo.com/bi.aspx?method=load&callback=jQuery20302123939669453332_1614797553599&id=wiredbusinessmedia-14532-1&sid=C2D9olnQLfdH7nApG8dw&u=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&r=&testModeKey=&biSettings=&fip=&fvs=&fcs=&fec=&fic=&force=&forceHide=false&sw=1600&sh=1200&w=1600&h=1200&utma=89563204.C2D9olnQLfdH7nApG8dw.1614797551.1614797551.1614797551.1&ga=&logId=&iframe=false&startTime=637503943527005600&_=1614797553600
Requested by: Host: app.brightinfo.com
URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 168.62.202.120 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 990ab77ce0bbe46da2c91f386a0f2e9567219e0bfe751c9fd4accb15b50c2d84

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:33 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private
Content-Type: text/javascript; charset=utf-8
Content-Length: 2589

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
392 B 48ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=350461691&t=pageview&_s=1&dl=https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&ul=en-us&de=UTF-8&dt=Microsoft%3A%20Multiple%20Exchange%20Server%20Zero-Days%20Under%20Attack%20by%20Chinese%20Hacking%20Group%20%7C%20SecurityWeek.Com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=89563204.634286238.1614797551.1614797551.1614797551.1&_utmz=89563204.1614797551.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1614797554721&_u=KQBCAEABGAAAAC~&jid=16269827&gjid=1620314938&cid=634286238.1614797551&tid=UA-72146139-2&_gid=2007753569.1614797555&_r=1&_slc=1&cd1=C2D9olnQLfdH7nApG8dw&cd2=1614797554720&cd3=Hidden&cd4=No%20recommended%20content&cd5=No%20Value&cd6=No%20Value&cd7=No%20Value&cd8=No%20Value&cd9=No%20Value&cd10=No%20Value&cd11=No%20Value&cd12=No%20Value&cd13=No%20Value&cd14=No%20Value&cd15=Default%20Content&z=1626226629

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 18:52:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.securityweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bia.aspx Show response
bia.brightinfo.com/ 19 B
409 B 224ms
223ms Script
text/javascript 137.135.51.188
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bia.brightinfo.com/bia.aspx?callback=jQuery20302123939669453332_1614797553599&type=biVisit&version=2&jsonString=%7B%22url%22%3A%22https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group%22%2C%22cts%22%3A1614797554724%2C%22cid%22%3A%22wiredbusinessmedia-14532-1%22%2C%22pu%22%3A%22https%3A%2F%2Fwww.securityweek.com%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group%22%2C%22ru%22%3A%22%22%2C%22type%22%3A%22biVisit%22%2C%22sid%22%3A%22C2D9olnQLfdH7nApG8dw%22%2C%22mobile%22%3A0%2C%22browser%22%3A%22chrome%22%2C%22accountId%22%3A14532%2C%22gatedPromotion%22%3Afalse%2C%22seq%22%3A1%2C%22siteId%22%3A14522%2C%22vs%22%3A%22Hidden%22%2C%22cs%22%3A%22Default+Content%22%2C%22version%22%3A2%2C%22promoId%22%3A0%7D&_=1614797553601
Requested by: Host: app.brightinfo.com
URL: https://app.brightinfo.com/Scripts/bi.js?bi_ver=132292759840000000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 137.135.51.188 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0e688d02687c4c64094dd0a75f5189ea12b955acf8c91f7bd5ac4948f1429cb9

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 18:52:34 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Content-Length: 136

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/ 35 B
109 B 7ms
6ms Image
image/gif 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=2091487769&utmhn=www.securityweek.com&utme=8(WidgetPanelLocation%2FTimestamp*isPromotedContent*BI_ID*SID*ViewSegmentName)9(regular%7C1614797554696*No%20recommended%20content*No%20Value*89563204.C2D9olnQLfdH7nApG8dw.1614797551.1*Hidden)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Microsoft%3A%20Multiple%20Exchange%20Server%20Zero-Days%20Under%20Attack%20by%20Chinese%20Hacking%20Group%20%7C%20SecurityWeek.Com&utmhid=350461691&utmr=-&utmp=%2Fmicrosoft-4-exchange-server-zero-days-under-attack-chinese-apt-group&utmht=1614797554706&utmac=UA-72146139-1&utmcc=__utma%3D89563204.634286238.1614797551.1614797551.1614797551.1%3B%2B__utmz%3D89563204.1614797551.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qRAAAAAAIAQAAAAAAAAAAAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.securityweek.com/microsoft-4-exchange-server-zero-days-under-attack-chinese-apt-group
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83469
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securityweek.disqus.com
URL: http://securityweek.disqus.com/embed.js

Domain: www.securityweek.com
URL: https://www.securityweek.com/ad.html

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.securityweek.com/	1970-01-19 17:06:37	Name: SESSae1377f0cbe7278b70a9339b7853afbd Value: 225be7a5481f401cb64e0c58ee8aeaf1
.securityweek.com/	1970-01-19 17:06:37	Name: SESSc3f2c9572aa8f3f5ea6f60501affecb3 Value: c52aeecd2ed1fdeb75489372abe1b4c7
.securityweek.com/	1970-01-19 17:16:29	Name: __cfduid Value: db6b6543347c72e01a1aa07315f6d38161614797550

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

74a259febff622ac6ee65b128200ac74.safeframe.googlesyndication.com
accounts.google.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
apis.google.com
app.brightinfo.com
bia.brightinfo.com
cse.google.com
pagead2.googlesyndication.com
platform.linkedin.com
platform.twitter.com
securepubads.g.doubleclick.net
securityweek.disqus.com
ssl.google-analytics.com
ssl.gstatic.com
syndication.twitter.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.securityweek.com
securityweek.disqus.com
www.securityweek.com
104.244.42.72
137.135.51.188
142.250.186.162
168.62.202.120
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:20::ac43:61a9
2606:4700::6810:a823
2a00:1450:4001:800::2001
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:82b::200d
2a03:2880:f11c:8183:face:b00c:0:25de
01517ee294ec539f210a9cc78a5f8005a2f5d2a3e98c4054786f410d8ab52de3
055dd0f1e0eae12d4587b12f516a1d7a0f858d80498823cbade9f97b5962d727
08fa49f20076c343e2724c631a732d8cbd3bd0daf55f4a0f8311e07dc77be29c
0deae7d488b0316e0149f1dc2caec46821b2272127b61b4ffadf6f99a303ea16
0e688d02687c4c64094dd0a75f5189ea12b955acf8c91f7bd5ac4948f1429cb9
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1098ef7fef25a8fd6eac7dbf1442047062c4d1400c601f8ff843742c61de640c
10f0e5158e45d76ba649af69ed465a28489483ac934b3e491773cb5e4c9704f0
11789957fc00eda3630397edd31ee6a5575a997ab4334d79b655b3830ab4caf4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
155544c4e7bae199841c4d41c693c35bf9ddf268f4f21be68cdd0b167328c1de
1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd
200abde0c426b23abe8a9c501ab4e8e72c048cc0653203817cc9ff96cc6e394d
21b195ce0d8efa07e31b863199d8a6802cb773e2417443e534ed8c113d8949a8
2f1298490f294128f086689a5654a8340ea9ec7c20c8e97f811590d5313edc9e
307ac3101f3ad9b4c04fa06725e0bcc023a6c494c56e9b472eb67c5b206684f0
3659ceeede630f0af896dcbc7f364e1d9d9dacc3b0cdee0f2701ac18158b17ff
3a97814ea0b535c0cbb8cf4c2985fdae2775913b256a3f6a50839c64c195570e
3d77a9a71769ddc2a85524914671fb1d031132a8e37366440a4b6b01d7ad0025
3e4a85296d37106cff5d646be0fabf370fd83a9b133c3aaf41e6ffb73d108366
437542a358225b118f29d8d09db80177878af0ae9581353e3e701ec7416c67b8
46cad46571cab06c5901e4e867aba4f0783dc88d3db626cfb73d58f00d130a16
488b5b91db031b1eacb1fe400136cf3fff594d1f17b31ea46a4901e140e1da76
4986aea94d23482c38fb06749a6a5c5c6ab95db97aa3bcc9feaf7eda6cbf6626
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4b4b65dc5e87ed8215fb3d74834cd100069e7eb8aaf903a4665e26079fb0777d
4ed1dd78e4387b5b32b33fe5b04553827cd59bbe2020c9d81b6a4e0603e93119
53f345cdc93f0bd09eeba83df9ed103370ac1ff2679bf9004cf336725fecd4a9
5461515988cbfef28cf5b2643884a68350924be983447be13221e547568963ea
55851ffd45a0a3e9abd9c2ac844eba1efd50272a39360d0f3b396d26a7d0bfc8
559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6
5690a1bcc83d00312ef6260da791205a71d80bed7b35ca9701c7b29cfd62b3fe
586e07c6b53a113eaf8974901e5abe57258d15203f624d9ec2dd5ec20737f637
5ae75bcb392ec9110db2837a9134c1b414c373244ea62816c63cc5bb41a90cfe
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5d492d1037b61a717e2b784e98781762a7e3edb32c31d18ab1cc0d0c18c42cc9
5f3d36be68e6a795cf0d621b7d8b4beb4b9f9caea3f3682f2f8f59a846000893
62b425148295a81e4162a87cb36eba754d16b295ec5b733140e2b82c7f77a731
65cc8600f521d4e99aa77e95337426f53ec86dd569e8db164bcda70d5c1da388
6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879
7a44de3119132c082abca4310255a807353650b3b6d8c06aca907139bacd057c
7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7
810956c722149065eabd5b5c4f62f98cb74cda6fb5e3695ab97958e53d6791ca
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860cbda18e270fc386abaf6bf75a4ee54de6d12d1b88888df6ec9726a6afbca7
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8b95e59604725f7ec3b0dec31a38216e73d70eb5144abac389ed1d0f1256d356
8c9b185e1e937971dfedaafecf01bc14813a2ece31cc9af4a2097f9b3ecb061d
8df0ba2d8af3e602eaba8677fe2c57228955b28868c91c2850a4c3c1ad8c7f68
8f9048e36baefc5cac0974c3e49ffc683d667c5b2081f6cd8d20f5a301b124c2
8ffad58a307aa1ac6baff90296c8edc9db313f888876bc2ad453be4db8d01bf9
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
913e0bff2ebdfd8aa46e82e8282910638f68fdb9f56f447f1f6b259f3fe5e539
990ab77ce0bbe46da2c91f386a0f2e9567219e0bfe751c9fd4accb15b50c2d84
99adb384fd992660be76df488633e76fe86ed9bba2a7cdf143a97e03fc3ee94d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a060b3f77ac5873b42822513a8d9c2439423dd9be07cf85d3e45f3dd8028d378
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa5583d6b59ee1eeb568531be21c8e9c9eb3a621f50b41bb64cbcf99d924b352
aa76185f417cf85d7029b35e3a6544d4495402e17f76a32633b5ba80a81faa26
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab74e69c44356590de92b4b7354dc5ae3887e20f3dd9d07cea55cedbdd441f95
ad853a72ac4fa4a7ea4700fb824906dbba6fd62e4f61e92449a5cba3f60ff1dc
af2e759256585da75d7057a240276d5489c9d5211b87a3be2ccad51234d91448
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
beb231cecf076f9ea2760aeb5747c4f4326b41fb87835c74ff2d560a4911a31b
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c34f5c51cea0ee9e05108c79c404086a24b73fbecb0999654fc9116b4c4b755e
c5d22156666a1a8d7c0b660324a007ae7c2a0a3a355a893b180f65d989bdee11
cb625ec68b514358b37be2ba2ce551b7d09a7ce70c6c49a69df8c9b7d82471f7
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d10a778caafc69e25249f7b7fa00a1bfaa240991b6c7cdedb7f562fff418eb21
d3510c40135dc36ef257c1b068bc38b1a4ef3423c1bd8d99cbc99c775935ff36
d55e4cb97826944c4f826821ac2688b361d7cf0303b4640c2cb3eef6ee19b233
d5fe461d0cb4d14f8d030e807de7422891b9194abd86319cd57eee16012b7d12
d700d6487ef4b0198e9a669c9ec89dd2d633302b7c82808b08f37ff9d38e98b8
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
e3757b220718b9b1d77a3c62ed748107d7db7ec87fc04d12dca6336d608b87bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68ee9ce61a88e03b1481412200e86e88c414e462b3ae13a09527e7d79ddfdd8
e70dc2f79c9e281b7d23ac4f8f3073cdc5b27980d4f196edbbcec3db663ec0e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905
efb9d49a04efcc971667386f67fb420e20fd130339f1c994fc7359bc34771ef9
f8dd5483dc29044f06c3a45f8fd05d0f122a2b4315292df6da919775189351c9
f9a1a0ac26eaf5b7f6cc7223b5dd4b5f545b5a48fb598c7442e5f76384f1be8c
f9dbadce7dd4f5c2d597262d42870652e8acac376d7dd9b2f299aa78c86e3a2d

www.securityweek.com Open in urlscan Pro 2606:4700:20::ac43:61a9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

108 Requests

98 %HTTPS

83 %IPv6

14 Domains

23 Subdomains

23 IPs

2 Countries

2887 kBTransfer

5889 kBSize

3 Cookies

25 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.securityweek.com Open in urlscan Pro
2606:4700:20::ac43:61a9 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

98 %
HTTPS

83 %
IPv6

14
Domains

23
Subdomains

23
IPs

2
Countries

2887 kB
Transfer

5889 kB
Size

3
Cookies

108 HTTP transactions
3 data transactions