urlscan.io logo urlscan.io
SecurityTrails logo

www.picussecurity.com Open in urlscan Pro
199.60.103.227  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Submission: On September 10 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 6 countries across 26 domains to perform 93 HTTP transactions. The main IP is 199.60.103.227, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.picussecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 30th 2021. Valid for: a year.
This is the only time www.picussecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
42 199.60.103.227 209242 (CLOUDFLAR...)
2 142.250.74.138 15169 (GOOGLE)
1 172.67.70.79 13335 (CLOUDFLAR...)
1 152.199.22.144 15133 (EDGECAST)
6 13.32.56.59 16509 (AMAZON-02)
1 216.58.207.232 15169 (GOOGLE)
1 13.33.242.94 16509 (AMAZON-02)
1 13.32.143.100 16509 (AMAZON-02)
1 104.17.241.204 13335 (CLOUDFLAR...)
1 142.250.74.99 15169 (GOOGLE)
1 216.58.211.1 15169 (GOOGLE)
1 104.16.18.94 13335 (CLOUDFLAR...)
1 104.26.10.16 13335 (CLOUDFLAR...)
2 15.222.195.45 16509 (AMAZON-02)
1 13.33.242.115 16509 (AMAZON-02)
2 185.60.216.19 32934 (FACEBOOK)
2 93.184.220.66 15133 (EDGECAST)
6 104.19.154.83 13335 (CLOUDFLAR...)
1 104.17.112.176 13335 (CLOUDFLAR...)
1 104.17.129.171 13335 (CLOUDFLAR...)
1 104.17.67.176 13335 (CLOUDFLAR...)
1 104.17.237.204 13335 (CLOUDFLAR...)
3 104.18.20.191 13335 (CLOUDFLAR...)
1 104.17.230.204 13335 (CLOUDFLAR...)
1 104.26.0.26 13335 (CLOUDFLAR...)
2 142.250.74.110 15169 (GOOGLE)
1 13.33.242.60 16509 (AMAZON-02)
1 13.32.143.110 16509 (AMAZON-02)
1 104.244.42.72 13414 (TWITTER)
1 54.75.159.38 16509 (AMAZON-02)
1 104.16.88.5 13335 (CLOUDFLAR...)
1 13.33.242.52 16509 (AMAZON-02)
1 173.194.222.157 15169 (GOOGLE)
93 34
42    199.60.103.227 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.picussecurity.com
2    142.250.74.138 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s11-in-f10.1e100.net
fonts.googleapis.com
1    172.67.70.79 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.popt.in
1    152.199.22.144 (United States)

ASN15133 (EDGECAST, US)
platform.linkedin.com
6    13.32.56.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-56-59.hel50.r.cloudfront.net
d10lpsik1i8c69.cloudfront.net
1    216.58.207.232 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: arn09s19-in-f8.1e100.net
www.googletagmanager.com
1    13.33.242.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-242-94.hel50.r.cloudfront.net
static.hotjar.com
1    13.32.143.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-143-100.hel50.r.cloudfront.net
t.visitorqueue.com
1    104.17.241.204 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
1    142.250.74.99 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f3.1e100.net
fonts.gstatic.com
1    216.58.211.1 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: muc03s13-in-f1.1e100.net
lh5.googleusercontent.com
1    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.26.10.16 (United States)

ASN13335 (CLOUDFLARENET, US)
settings.luckyorange.net
2    15.222.195.45 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-222-195-45.ca-central-1.compute.amazonaws.com
a.visitorqueue.com
1    13.33.242.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-242-115.hel50.r.cloudfront.net
script.hotjar.com
2    185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
2    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
6    104.19.154.83 (None, )

ASN13335 (CLOUDFLARENET, US)
app.hubspot.com
forms.hubspot.com
track.hubspot.com
1    104.17.112.176 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    104.17.129.171 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
1    104.17.67.176 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    104.17.237.204 (None, )

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
3    104.18.20.191 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    104.17.230.204 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hsleadflows.net
1    104.26.0.26 (United States)

ASN13335 (CLOUDFLARENET, US)
display.popt.in
2    142.250.74.110 (United States)

ASN15169 (GOOGLE, US)
PTR: arn11s10-in-f14.1e100.net
www.google-analytics.com
1    13.33.242.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-242-60.hel50.r.cloudfront.net
vars.hotjar.com
1    13.32.143.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-143-110.hel50.r.cloudfront.net
sc.lfeeder.com
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    54.75.159.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    104.16.88.5 (None, )

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
1    13.33.242.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-242-52.hel50.r.cloudfront.net
tr.lfeeder.com
1    173.194.222.157 (United States)

ASN15169 (GOOGLE, US)
PTR: lo-in-f157.1e100.net
stats.g.doubleclick.net
Domain Requested by
42 www.picussecurity.com www.picussecurity.com
js.usemessages.com
6 d10lpsik1i8c69.cloudfront.net www.picussecurity.com
d10lpsik1i8c69.cloudfront.net
4 track.hubspot.com
3 js.hs-banner.com www.picussecurity.com
js.hs-banner.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 platform.twitter.com www.picussecurity.com
platform.twitter.com
2 connect.facebook.net www.picussecurity.com
connect.facebook.net
2 a.visitorqueue.com t.visitorqueue.com
www.picussecurity.com
2 fonts.googleapis.com www.picussecurity.com
1 stats.g.doubleclick.net www.google-analytics.com
1 tr.lfeeder.com www.picussecurity.com
1 forms.hsforms.com www.picussecurity.com
1 in.hotjar.com script.hotjar.com
1 forms.hubspot.com js.hscollectedforms.net
1 syndication.twitter.com platform.twitter.com
1 sc.lfeeder.com www.picussecurity.com
1 vars.hotjar.com static.hotjar.com
1 display.popt.in cdnjs.cloudflare.com
1 js.hsleadflows.net www.picussecurity.com
1 js.usemessages.com www.picussecurity.com
1 js.hs-analytics.net www.picussecurity.com
1 js.hscollectedforms.net www.picussecurity.com
1 js.hsadspixel.net www.picussecurity.com
1 app.hubspot.com www.picussecurity.com
1 script.hotjar.com static.hotjar.com
1 settings.luckyorange.net d10lpsik1i8c69.cloudfront.net
1 cdnjs.cloudflare.com cdn.popt.in
1 lh5.googleusercontent.com www.picussecurity.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn2.hubspot.net www.picussecurity.com
1 t.visitorqueue.com www.picussecurity.com
1 static.hotjar.com www.picussecurity.com
1 www.googletagmanager.com www.picussecurity.com
1 platform.linkedin.com www.picussecurity.com
1 cdn.popt.in www.picussecurity.com
93 35
Subject Issuer Validity Valid
www.picussecurity.com
Cloudflare Inc ECC CA-3		 2021-05-30 -
2022-05-29		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-17 -
2022-07-16		 a year crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2021-10-14		 2 years crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
t.visitorqueue.com
Amazon		 2021-01-08 -
2022-02-05		 a year crt.sh
hubspot.net
Cloudflare Inc ECC CA-3		 2021-06-04 -
2022-06-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-08-16 -
2021-11-08		 3 months crt.sh
a.visitorqueue.com
Amazon		 2021-01-11 -
2022-02-09		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.lfeeder.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Frame ID: AB7F83030F54BB4C84E91A8BF8A7A875
Requests: 86 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.picussecurity.com
Frame ID: C7A345E1F9328CF3734521937020AB00
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 285F80A592CD7D92954E3215196544EE
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=9205c52
Frame ID: 236073184395EF17AD1D6ADAF71B1741
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Simulating Microsoft MSHTML CVE-2021-40444 Zero-Day ExploitFollow us on LinkedInFollow us on TwitterFollow us on Facebook

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • //platform\.linkedin\.com/in\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js

Page Statistics

93
Requests

98 %
HTTPS

0 %
IPv6

26
Domains

35
Subdomains

34
IPs

6
Countries

5086 kB
Transfer

7651 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

93 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
www.picussecurity.com/resource/blog/ 		70 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / HubSpot
Resource Hash
dafc2e9fba20287a8da0b9f2ca12bc5d649bad79dbdbcf294cc98713a55be8c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
www.picussecurity.com
:scheme
https
:path
/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
content-type
text/html; charset=UTF-8
cache-control
s-maxage=10800, max-age=0
etag
W/"412335c8a91a9762a3ee847a9f324443"
last-modified
Fri, 10 Sep 2021 00:36:04 GMT
link
</hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
strict-transport-security
max-age=31536000
cache-tag
CT-35690729167,CT-37343780183,CT-50125543268,CT-54365624987,CG-35190412163,CG-7048931,P-7048931,W-32488106257,W-32488136213,W-32488279843,W-32488279910,W-32488280065,W-34050730072,CW-24829037140,CW-25046555205,CW-25046572813,CW-25046577394,CW-32300713486,CW-39027676914,CW-39038130957,CW-41162016556,E-32300259976,E-32300424271,E-32300424286,E-32300424289,E-32300713498,E-32379253675,E-32379319518,E-39027126556,E-39027330934,MENU-32488106257,MENU-32488136213,MENU-32488279843,MENU-32488279910,MENU-32488280065,MENU-34050730072,PGS-ALL,SW-3,B-35190412163,GC-34050452150,GC-39027690571,GC-39027888131,TS-32295139665
content-security-policy
upgrade-insecure-requests
edge-cache-tag
CT-35690729167,CT-37343780183,CT-50125543268,CT-54365624987,CG-35190412163,CG-7048931,P-7048931,W-32488106257,W-32488136213,W-32488279843,W-32488279910,W-32488280065,W-34050730072,CW-24829037140,CW-25046555205,CW-25046572813,CW-25046577394,CW-32300713486,CW-39027676914,CW-39038130957,CW-41162016556,E-32300259976,E-32300424271,E-32300424286,E-32300424289,E-32300713498,E-32379253675,E-32379319518,E-39027126556,E-39027330934,MENU-32488106257,MENU-32488136213,MENU-32488279843,MENU-32488279910,MENU-32488280065,MENU-34050730072,PGS-ALL,SW-3,B-35190412163,GC-34050452150,GC-39027690571,GC-39027888131,TS-32295139665
referrer-policy
no-referrer-when-downgrade
x-hs-cache-config
BrowserCache-5s-EdgeCache-180s
x-hs-cf-cache-status
HIT
x-hs-combine-css
Disabled
x-hs-content-id
54365624987
x-hs-hub-id
7048931
x-hs-prerendered
Fri, 10 Sep 2021 00:36:04 GMT
x-powered-by
HubSpot
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6QWX9RwyNwiyHRldz1y4AVMPhYBRQMQlt0fwOBevmUvWi%2Bm1oI5rgZ3iEtoUpipUMP8dUcgI8NXzUjDwsHpe6A3Tu0%2B6zC9ut0ik7WshPaQmXJ8FD3WghfnpDL8HHpN2nrd2cGkIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
set-cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; path=/; domain=.www.picussecurity.com; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
68c5054fcc646546-LHR
content-encoding
br
cf-h2-pushed
</hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js>,</hs/hsstatic/cos-i18n/static-1.37/bundles/project.js>,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>,</_hcms/forms/v2.js>
index.js
www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.109/js/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 320b04684a5b16980772c5d36c63ecea.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2701757
x-amz-server-side-encryption
AES256
cf-ray
68c5054ffc7d6546-LHR
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
LHR61-C2
content-encoding
br
last-modified
Fri, 06 Aug 2021 19:39:07 GMT
server
cloudflare
etag
W/"d0801ffff23e81a99fd8046c0846ba93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BfoDQwtay63MCPCU%2F8tioD%2BClNl0WWWS5ANwzgbQpJquP7ljJhQR6wHwJGUZ%2FXwqKR9PYprM49VcNBjXwM4hyOZJpXQvGOhyLyweJYHO9VnQPGFbym7%2F4IHEppBfU7WOfG6iPLTdw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
WCB.Owk3aP2vvRplDI.5pUwB8LkSH.e_
cache-control
public, max-age=31536000
set-cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; path=/; domain=.www.picussecurity.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
p6H_UNfZaM7jz5xM_KhbjnsiT4yTuBLGSlkDv57n46YKCRH-TGhd_g==
expires
Sat, 10 Sep 2022 01:53:06 GMT
project.js
www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.37/bundles/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs/hsstatic/cos-i18n/static-1.37/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 31ecca9d03747c8d9dd416e81e50a379.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7210025
x-amz-server-side-encryption
AES256
cf-ray
68c5054ffc7f6546-LHR
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
LHR62-C2
content-encoding
br
last-modified
Mon, 14 Jun 2021 16:41:38 GMT
server
cloudflare
etag
W/"6c562b3f1d6a0148fda97d4847422c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BGJtnRUcvibiIVF88dI4OyPVSkMsMWFEkRCdhn%2FzIAWWU5c5pUV5qxo3legeCp1tfjO5ex%2B4PYu2fK%2FABQKNsgGLoxYer7V0pAPKmebixNUk9jODlytsTppqAdLxokd86iobQgqug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
M9oUePGbwt7hrJpARSIQzQLaIi7kmGEy
cache-control
public, max-age=31536000
set-cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; path=/; domain=.www.picussecurity.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
LS-RhVvoTmjfy5ILezcqOcQLXoMjKAmVlWhZsUmzpwdWOWbmcscXgw==
expires
Sat, 10 Sep 2022 01:53:06 GMT
project.js
www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 		2 KB
924 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 b36be15970c5843fdffdeac4b63f2ad9.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1362904
x-amz-server-side-encryption
AES256
cf-ray
68c5054ffc806546-LHR
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
LHR61-C2
content-encoding
br
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
server
cloudflare
etag
W/"ef84f26c310485299d6b75777414eddb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is4%2FP%2B4n6pAQU4WxCWwGhYml2kr%2B%2Bamy977NA0w9TNc2MwMqYjeUHxgEQHp4x8rDnqNiA4J4cJdGN%2FXJDE5F0VbRcggQTaUWsEt9vZM8DTWJ9JTK9pBZsa7oBA3yTuXe%2BGk8vyMubQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
cache-control
public, max-age=31536000
set-cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; path=/; domain=.www.picussecurity.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript
x-amz-cf-id
A75DNPagAVFD789WulIGE1cfK5rzPk8Y4o7noYKuJFxlB8pDcQ4iXg==
expires
Sat, 10 Sep 2022 01:53:06 GMT
v2.js
www.picussecurity.com/_hcms/forms/ 		570 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b01eefec75fa2dedde4c39ef0d71394acf5a68474c93ffd5a0e05db0bf75503
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 1fa3f854976309f3d11907ad7125291a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23
x-amz-server-side-encryption
AES256
cf-ray
68c5054ffc816546-LHR
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-cf-pop
IAD89-C3
content-encoding
br
last-modified
Tue, 31 Aug 2021 08:14:17 UTC
server
cloudflare
etag
W/"ac8d91738c2c24a19b3af80a4da17919"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73D7FLkvg3JDetQJOR%2BP8X9YzfPaSDkw2DqXBNEsgVvX3hzU9L3iBYXenQUgIBERHz0KozalJZJ8VeCLDkWXL1dVN2K4R6BQRrVr0TnHkzhXNfNLLF4gA8Ziug2UBiLPUv3r5n1vkA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
IH8W_19Pw9ungvek5F23YC6rMUUl.iwQ
access-control-allow-origin
*
cache-control
s-maxage=600, max-age=0
x-hs-cache-status
HIT
set-cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; path=/; domain=.www.picussecurity.com; HttpOnly; Secure; SameSite=None
content-type
application/javascript; charset=utf-8
x-amz-cf-id
6iMrMfsCGf1R8c3mygI4uxC9JsvzygyavU6oNJQaV-rlkJeaQIUGfg==
x-hs-target-asset
FormsNext/static-5.365/bundles/project_with_deps.js
jquery-1.7.1.js
www.picussecurity.com/hs/hsstatic/jquery-libs/static-1.1/jquery/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:path
/hs/hsstatic/jquery-libs/static-1.1/jquery/jquery-1.7.1.js
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 30731c20ed98a811a5385abe5bef62f3.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3826195
cf-ray
68c505503ca76546-LHR
x-cache
RefreshHit from cloudfront
content-encoding
br
last-modified
Tue, 25 Nov 2014 17:03:30 GMT
server
cloudflare
etag
W/"ddb84c1587287b2df08966081ef063bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iO5KqU%2Ft%2BT9zHGCZwCfsfKSRNwbN%2Bh5VMiwO1Q2X2X4%2F4hQCcPI38TxviWUPGj0HOP3N9ZosShYWVJMbzTDqf42g1%2FnuuNma5Lo7LOh2C1sVgD68l4Ra7qS%2B30JgPrttEnVMRb69qA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
LHR52-C1
content-type
application/javascript
x-amz-cf-id
jZoeMzS2YXcHnmjR0ZWHR4ylVXAeCx6mqg3pZNLKmi_9DC6J94UjbA==
expires
Sat, 10 Sep 2022 01:53:06 GMT
main.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/ 		51 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
963d1c6c2c8a1703d438ee2c652f4bfc3299fd797362f971ef556f4feef65d7d

Request headers

:path
/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1623857316112
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 8fc9659fc06389e49927f68638e9bc94.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
NGHJBH82GDKYC4SS
x-amz-id-2
4Ld64id6xQar5duk27xmbpXeA4a64FO3nYTZ5niN03lWRkGi5Kr3g2bZdjqLZXm672DPwzPpRQA=
last-modified
Wed, 16 Jun 2021 15:28:37 GMT
server
cloudflare
etag
W/"a22eb83ccb4a8a27b9915529774ab4fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pz%2B2rvkJb8%2FxdJnnQuH3cKZDuTyGKekLJHWaGXUR%2FhQQWSoD6Fx7f0msrpttmGdHWJnJ7DgNIhbBDxj2OwreJeyEXdCUz%2FZff2XSfr6JHvRhT86AXItFiaQLgnH8TxAmB3dbQHOD6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
7Nn6_cdPyFW1eGRm0oBRFt_6ukZORMtY
x-amz-cf-pop
IAD89-C1
cf-ray
68c505503ca86546-LHR
x-amz-cf-id
Ui9zsxOZP_3k9opTTWL_NUVEJcAMZbNhtta2f78GLxDJ4bkTU58Vyg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
theme-overrides.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1620394367117/Shield/css/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1620394367117/Shield/css/theme-overrides.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbeb60814bcddc3c9beed36f81c9dd5ce091cff1c5204402fe27c54e8f450882

Request headers

:path
/hs-fs/hub/7048931/hub_generated/template_assets/32300424286/1620394367117/Shield/css/theme-overrides.min.css
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1620394367201
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 c1802b2f6f4e591b6df12b5a8a9876a7.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
1Q9VAA06R5HAQ2GZ
x-amz-id-2
r/4X8tONqdlQHWrILgz06f4Afz+vkt1TPEPbWc1khuROmWHvBuic1KXps2rPxs8hJ2AU1eu0zJI=
last-modified
Fri, 07 May 2021 13:32:48 GMT
server
cloudflare
etag
W/"76cfd199de044b54e7e65de76b596e06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOJJyeoYiC4w7c2CI86eLAnRJV5OyMfgt9S4iHYjbgNPvMfaXRFgxQMelHQt%2F5Jm%2BdGxy6iPVPKdYt%2FlUMVF%2BbLkk%2B5Yssam%2Fg%2FxDdN%2BFnt1h%2F173MnBM6DdyUPF0hQZdThf20l%2Btw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
4kxwl6aY_I7TIzc9wjZJH9AxmJjyaThE
x-amz-cf-pop
IAD89-C1
cf-ray
68c505503caa6546-LHR
x-amz-cf-id
ugEhy1XMfQSD0DEMsWUJ-nmqpJCrt1LLy2cZJx8hwuRaAunlJM_kFg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
shield-animate.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1619786239565/Shield/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1619786239565/Shield/css/shield-animate.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5779200444c0da3554694b521545677be435705abd25a27ee04969fdd04d9f0

Request headers

:path
/hs-fs/hub/7048931/hub_generated/template_assets/32379319518/1619786239565/Shield/css/shield-animate.min.css
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1619786239622
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 14d757a67b913f1bc93427e69819362d.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
Z7NR6FDF1YYYSB9H
x-amz-id-2
cA13MdH425gDgBQ8icLeGN9m2j6tT6li6FiM/JtQxW0yO8BmzNQC7tR9GSD9w1MiI+GGsoKLmCU=
last-modified
Fri, 30 Apr 2021 12:37:20 GMT
server
cloudflare
etag
W/"a9b94e97740dac26998352827982ea08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1vCv7azR7A5aKYfRhs4r58xAXkwlAWJRhdzfN%2BLO%2FF5ZaMgtS%2BsZTQtKqeKMhV9ZmXllFSmTEv0R1xu2WgKlJ8fgu0aAxqNHOZZbS%2BjfCt0e5jD2px6xjaNWNZik%2BE9%2BQJaOkB%2F%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
Zz6yeJoaLs2sBDQ0sAtQZ5JZU1k7tgmD
x-amz-cf-pop
IAD89-C1
cf-ray
68c505503cab6546-LHR
x-amz-cf-id
3AiyV0sbaZpb_zYnV5qd7oO3OH3VH1VCHqUPCQLMNq2hm5LiNzsDYA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
module_39027676914_Mega_Menu.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133876/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133876/module_39027676914_Mega_Menu.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
05087b4843e48f47450a513164d20cf4ea58f5ac6cfeedba6c478cab47611658

Request headers

:path
/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133876/module_39027676914_Mega_Menu.min.css
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1620397133876
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 7b32163caf7e91fe96df7bbeaa58c0f9.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
N7TC0M22E7KR8YC4
x-amz-id-2
ArMas0snIjgcTrZgLBdGNiq6z6WMMt6L3NFIup7dPu/CZtnwP4xW0yiC2UtD5cKQ3qPdTBj9yb0=
last-modified
Fri, 07 May 2021 14:18:54 GMT
server
cloudflare
etag
W/"ddfd84aaa9de63f242660538c8390061"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Daa0TMDdjUCbc69HQESL7vPSwn4Qou0CTpRcu91LYlf9UkTGvKrB77tSND4GIG4ebVM3z7Y%2BQ%2B9rj3OZ%2BRS0V6VueJiukwcJFUErdeRNKsc%2BJBqrUP2ylWof%2FvaCIHD%2BqGTy6yBz6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
7Xu.W_qwed6wHwXc74xeqUvR5NOpOYqs
x-amz-cf-pop
IAD89-C1
cf-ray
68c505503cac6546-LHR
x-amz-cf-id
00ejPDObDfdchWT-oWVqeg-J1mweapyTNf-1pdY2LMJk2vPLwVVEIg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
module_39038130957_Lead-Magnet-Banner.min.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/ 		521 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/module_39038130957_Lead-Magnet-Banner.min.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910

Request headers

:path
/hs-fs/hub/7048931/hub_generated/module_assets/39038130957/1608575808109/module_39038130957_Lead-Magnet-Banner.min.css
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1608575808109
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
AB8Y7Y2JJNT4240N
x-amz-id-2
Wn3BE10VEZ4pTOvRIdbgqRo74DjCeWGGVWrxEvLyQBT8FUUL/dO4e/QwY0/ywV293i26WjQ3iZ4=
last-modified
Mon, 21 Dec 2020 18:36:49 GMT
server
cloudflare
etag
W/"b598cb9f535e9d39bea6fb4c7afc98a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9yO%2F%2BlAqyuYxzOZVQP6dZFZWQaS6ugKpGKZYNoZjqtDUHVPGUdeAzLmJAuGtIvz8JHjzsnDa3%2BGAdAlA7xieIIO6TPMXztYaBMfgQxUuwKOTkPk0W5h7sQZ73y5i5qPLN2jqFk5wA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
_6kG0Z6N7nb2Amvf0P3QvVEgQec_PKrh
x-amz-cf-pop
IAD89-C1
cf-ray
68c505503cad6546-LHR
x-amz-cf-id
PoxATATJHBHubV6j0ZNaLo6uuqKD_bo63Pl_xbrLnukE6_Z6sdB4aA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
module_32300713486_social-follow.css
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1600872846984/ 		2 B
933 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/1600872846984/module_32300713486_social-follow.css
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28

Request headers

:path
/hs-fs/hub/7048931/hub_generated/module_assets/1600872846984/module_32300713486_social-follow.css
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1600872846984
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 7a99ed3f39c18af8fe138a695e5f657d.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
cf-ray
68c505503cae6546-LHR
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
2
x-amz-id-2
VjowlQBM39IRoaFi4HUSDNnhVxdrU4GeGaEgcFjylkjd1Kw45GyAWpiCW3AbMKS6hxltYCWx+vE=
last-modified
Wed, 23 Sep 2020 14:54:07 GMT
server
cloudflare
etag
"23b58def11b45727d3351702515f86af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ng6X9kDN7nYo3KL6gkvzf2bJM%2BwFNhI3HjS3rYlATjEhui5gFg19cWQpp8FqQ1Tjp18slo9ISN7zpAeNbiZhNbJHGKuNBZ6r5uLvXBtnj3XsaShY%2FmMmmOsybHqKSXkX16UI5i73DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
EDMWP5SM038FVFTE
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
zqA8p9HC5caA9CFNRmCDZZoAwLz7hhFK
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
content-type
text/css
x-amz-cf-id
UnvVYCJnfksp_gQCUlLf6_RRPimX6zksQ0GsNVFvNyA9-paUZvr4bA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
css
fonts.googleapis.com/ 		7 KB
725 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:400,400i,500,700&display=swap
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f10.1e100.net
Software
ESF /
Resource Hash
b8a4e46be38c9ebf85c169e5a4d78b2e7047fbd35319bb12ce8ffba91d9465da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 01:53:06 GMT
server
ESF
date
Fri, 10 Sep 2021 01:53:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 01:53:06 GMT
pixel.js
cdn.popt.in/ 		146 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.popt.in/pixel.js?id=64d678615e3d0
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
036fe6409879eb761d10430709e2ae2e84134980939e7242eaaab21313c14022

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 3395b043e03ecb4acfd925a6e5a26e92.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1836
x-cache
Hit from cloudfront
content-type
text/javascript
content-encoding
br
last-modified
Thu, 09 Sep 2021 05:36:54 GMT
server
cloudflare
etag
W/"1e98b1f06b8900ec0b4fea57c6319b1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cx%2F%2BZAsa9vJdOKt775gvZUAIBjzVKixizQaVAgsfLuxQmwnNUFjAu%2FtUjVT5lNN05ygBGls4r2swKjIx%2FxRb1gMuVM0Fwg3Yi4BEVof4X6HU9v6H22cB8bNgJoIH"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
C6.pG3DkaBBQ.4DcoEZsN2FNCgayIs7N
cache-control
max-age=1800
x-amz-cf-pop
DUS51-C1
cf-ray
68c505525cf53b2b-CDG
x-amz-cf-id
cFyU0QZxVBd0ae4t3od7juPGI5swxgujnduV4JTOpUSaHKut-PpKHQ==
in.js
platform.linkedin.com/ 		201 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.144 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2D7) /
Resource Hash
d10796cbbc20c4c77064bac037d2970697313e002a8242d09201d6ec40d1c803

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV4
x-cdn
ECST
age
3569
x-cache
HIT
x-cdn-proto
HTTP2
content-length
62393
x-li-uuid
tmuAvslPoxZA8s1r5SoAAA==
server
ECAcc (frd/E2D7)
last-modified
Fri, 10 Sep 2021 00:53:38 GMT
x-li-pop
prod-edc2
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lva1
expires
Fri, 10 Sep 2021 01:53:37 GMT
logo-original.svg
www.picussecurity.com/hubfs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/logo-original.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee596884317564904ae040715f9d2961b96b088c0034ff3f4904a6ddfea7221f

Request headers

:path
/hubfs/logo-original.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-54707499331,P-7048931,FLS-ALL
age
225611
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54707499331,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
CX9HWZ4RRZ4M9FBB
etag
W/"ffa324dc95c671fc8929e2bbc8f9a038"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1631012484087
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 9fdd5bd72604beaad36fa6d3b5b0ff10.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR3-C2
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
2yLImu2m4rTK9BHUdEVdE4hPSVWwOfLPU98iq8XwQRPSVZev07nPg15WwoZ9uJZB5VGcqCCpXso=
last-modified
Tue, 07 Sep 2021 11:01:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BKxeLhMxQifD0SrbBMSId50JhAATrjN%2FC1WjXv%2FejrjAPqJ75DICUJbQSN8eFy%2FOFSY9KU5E7EV4SxG2S2vNdgqVQco2SmcsBwrzkEPfN0cAsbIe%2BdF%2FyGnS7qDzR21xDxDyGmZ6w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
BgSjLq3V3YN8qkwdl5C9D8U1riGsc.5a
cf-ray
68c50551fda26546-LHR
x-amz-cf-id
a1kKeIGVUNIM1Lo3V-7Sf3GuGAk3jjDOb3BjNsaI9E_9t2AUY4h43A==
dt-menu-arrow-back.svg
www.picussecurity.com/hubfs/Shield/Images/ 		296 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/dt-menu-arrow-back.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d214792b986a7986cf226ad5f346fa58b7857bcfee980f8c3bc897cf17df564

Request headers

:path
/hubfs/Shield/Images/dt-menu-arrow-back.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
age
225611
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39038396307,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
40794CXMRJYRN9WS
etag
W/"8132c994dd553ae56f7b61821b5a1880"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1608573443493
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 63dac58fb826a8fc06ff08c0724846f7.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR61-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
B2AwYQ/9qPr+q08lGD5ZTuhUAhzLDTJlxzi/gACjzhduWnQett9vmNcL5r46zlsDYnJckR4Bahs=
last-modified
Mon, 21 Dec 2020 17:57:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BqHRGn4DR4nZ9lzb%2BenNuT3V34u78KvswQAWd%2FBiBz%2FtQX8X1d1VJhGgG219RRRjUVqro7hWqLc10aJmIFkBt4HK0WhxW4r7xLXE5%2BziFUiTKIyaAQdmOLxhU4C12deHBGCXT0XTw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
bS6RQKhadAIkt_eobirV6GoH5Y3lWA.b
cf-ray
68c50551fda36546-LHR
x-amz-cf-id
FPzR3xJizbgHsbLSvdE3I7UNyAgsyHi5EsKhqoJHFcEZbyo1pH7d2Q==
latest-read-more.png
www.picussecurity.com/hubfs/Shield/Icons/other/ 		568 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Icons/other/latest-read-more.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20cdcf578aba67769a54909b38ef0b919268c0489df6339321a1713b38d8dfe8

Request headers

:path
/hubfs/Shield/Icons/other/latest-read-more.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-35167957239,FD-33856159417,P-7048931,FLS-ALL
age
225611
x-amz-server-side-encryption
AES256
edge-cache-tag
F-35167957239,FD-33856159417,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="latest-read-more.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
407015HFAQSGE674
cf-bgj
imgq:85,h2pri
etag
"8b99c79fa5d57e315a96fb53f700ed7c"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1600674553337
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 d96c6a517450b169095d23aff6d646a4.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR3-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=1008
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
568
x-amz-id-2
cw8tC69zZJSNSJJAUvuVBa3wK8Af5nwRaBIuy02krr/Uys0pkgYn83VsQU7zMF8eHPQz28eezzE=
last-modified
Mon, 21 Sep 2020 07:49:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMrLyQWnQ1lYTJ1gkY%2FuFPSwSjXxdTAO19G6Eju0cOghjFSJZLAxd82QlEGC7V1WXO7PZXbz72wGN2zNzFtZMwJRUG4kK%2FgeG4bT9eAEy1O3p9lNnovE8DpG5nz0TePMQ%2FAjIU81bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
G_6fgNJnx8wU8ekxOFLoFWHteElCksu6
accept-ranges
bytes
cf-ray
68c50551fda46546-LHR
x-amz-cf-id
u6asazbgYSBI6tYKa1RAMisdAl3rzyr5GW2PfDYIzYdh-pQhgeUw2Q==
mega-nav-burger.svg
www.picussecurity.com/hubfs/Shield/Images/ 		673 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/mega-nav-burger.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1018aad3ed798d98490fb01484d0aaf7ba3528f74288091644ae53523c3aa82f

Request headers

:path
/hubfs/Shield/Images/mega-nav-burger.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-39038395941,FD-32586780943,P-7048931,FLS-ALL
age
225611
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39038395941,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
Z954RB5D4WHCSANG
etag
W/"c2bcd687517100165c2d2b3098b97b73"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1608573140741
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 e3572bc2867545c7e2bf0953e1795991.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR61-C1
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
RpdmtLJXjPkBdwaiwS7Xkb3UtyTyFsny+sr9HXgYn6kKbW5IG8VcyKeYp0iSZtoEqbwZ/NvcbI4=
last-modified
Mon, 21 Dec 2020 17:52:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cJZvcz1c9oKJlgpqfv4pMkj5kTTkk4bOm7LGxFu4PCID78AqOjV5B81kYEGxSrm%2BRAojqzxE%2F7%2FH%2FeHrWoXTK7HN%2FQfIBK5oqrVzxtzGH4z0MqKeLpOlTNuC8OQsIo2BNunAqi%2FyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
.T459IPq_rl_ho8gXG.ZZePe1N2.Y_rE
cf-ray
68c50551fda56546-LHR
x-amz-cf-id
JUI_W7otlwpeB687iPMeLBuE2DDxxW_tuY-QLyxsEWv4MQnFkLvpqw==
mega-nav-close.svg
www.picussecurity.com/hubfs/Shield/Images/ 		608 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/mega-nav-close.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
182c0c4a049b82ebaa738d7c22e68bceb8aad2f6d78b94c300b80613c92bff0a

Request headers

:path
/hubfs/Shield/Images/mega-nav-close.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-39038468543,FD-32586780943,P-7048931,FLS-ALL
age
225611
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39038468543,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
Z95B55CN20Q9777P
etag
W/"cec65b8f70f2c97f2118f8560d6b82a4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1608573183370
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 d6a4f7a34966a5e0069bb151bf9adb7a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR3-C2
x-hs-alternate-content-type
text/plain
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
x-amz-id-2
HJRJJTr3F5FEUWNdXWtRQmqpvcDknC5aJgVyo4GpSCNG9wbp1Gwz0PCNLaApCQvC7auM4FAYAM8=
last-modified
Mon, 21 Dec 2020 17:53:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FMSWmOHkGUrIICchh4GRMxPQn8yC5Nva735UX69mHV1C1hbbu2nQ7%2Fy%2BUfpzsOVEVdrYd%2BL6v90QQbb8%2FubWgnXJs0BCR8XXpRolpY7TzzoVhcgBmkbdpyuLx7LjQPekHqfA5vTlA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
IE0DyU0kAI_Z9ApqF3Hz_dDPnQZu2OaI
cf-ray
68c50551fda66546-LHR
x-amz-cf-id
uJMGY8nfwGOb3G2h1SHonfEtkd2NpcKNZFoYW3ge3ARrqmYAUjyOsA==
twitter_black.svg
www.picussecurity.com/hubfs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/twitter_black.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd28cf99e2e8aa2015c80e6a4de778bf326824014f8fa42de3606f45b930b76c

Request headers

:path
/hubfs/twitter_black.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 15aff5a32ee0355cbe86797d3f954f4d.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-26114461611,P-7048931,FLS-ALL
age
225470
edge-cache-tag
F-26114461611,P-7048931,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
AKPF76NM5K1AGCF2
x-amz-id-2
KYemZoWRqolb0Vwl6nEJse/jrkq/f43k+iMHc5tjQqU51zbF70kX7kvnnmhAS9J8evmI4Yhid4k=
last-modified
Thu, 20 Feb 2020 04:30:57 GMT
server
cloudflare
etag
W/"4a095070df5501e6303d14e972a0194e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24UgNZt4dF5yLFvamVCwy8J%2FGX2%2FHy64BlWVY087KEcb9O4092dgYMO8MHi0LW4%2BPUbsf9Pptxev5O%2Fm5lkKrHvlrGft9ZMXftaTbcwOsX40VPQOV0co6ckEz%2BO5OZu%2FgRk%2BXy3lwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
XdS231XSTsQZlbZ2bdJrHVSVVgPTObTQ
x-amz-cf-pop
MAN50-C2
cf-ray
68c50551fda76546-LHR
x-amz-cf-id
Nf7OEwxWzTlf6ELDbAugf6dBsoKLqr7yOTMdiftMJV-G6Rz6j8k82w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
linkedin_black.svg
www.picussecurity.com/hubfs/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/linkedin_black.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0

Request headers

:path
/hubfs/linkedin_black.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 2e48082b595924a0c82d8de824ca14b2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-26106634639,P-7048931,FLS-ALL
age
225470
edge-cache-tag
F-26106634639,P-7048931,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
JPS5AFZD1H3XDHC7
x-amz-id-2
8kdK4KlvcFoo7Q9rlU71FiWFY69xcik3QC1LP5MDjPUqkIq6Kzmd73qFD9FzCXlAdlUqPgIKJmk=
last-modified
Thu, 20 Feb 2020 04:30:55 GMT
server
cloudflare
etag
W/"cb53f1d14fd4d15a3313d2a24a524fb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dgey2G0RCUpTzTLtbDvaKmwmKMsMl5PZJzVX3YsFeFNOHhOyv5eHsLx7YuZ7fvA127Ec9YQRq5oTJsohAIMmDEbAJhysPOC%2F482UWdsuycZ8TCqVZMkPlpvd37MfgVWepyjvHHbgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
cxF8LRaoHAeGt3BhM7bUzN7AlCshNAnL
x-amz-cf-pop
MAN50-C2
cf-ray
68c50551fda86546-LHR
x-amz-cf-id
kBSPbt-vB0siWnkQ3YM7cWjQqInB_N7U_3c4p8U2qy3eT7VwYxgtiQ==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
facebook_black.svg
www.picussecurity.com/hubfs/ 		669 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/facebook_black.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd

Request headers

:path
/hubfs/facebook_black.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-methods
GET
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 b83e7df21895165899dd7c05da4f4106.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-cache-tag
F-26106634638,P-7048931,FLS-ALL
age
225470
edge-cache-tag
F-26106634638,P-7048931,FLS-ALL
x-cache
RefreshHit from cloudfront
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-encoding
br
x-amz-request-id
1PQBBQZDX4XQERCW
x-amz-id-2
8x9hb5gTg3T/yFXCJgz+w85tltlqhHavUNjN3IbS2OeCm9ctMOOtYBCBwqez2GHRi9WhtWwTaGc=
last-modified
Thu, 20 Feb 2020 04:30:53 GMT
server
cloudflare
etag
W/"655ebdf8c830e8540b691af2f06d81c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khYJvYy71HAhANGd5AhE6aTaoQoK3hvqBrAmyMaMX9lfWzwpsWYVQ4ADC4UDaORTY3DDl%2FUIcU3HtWVF7kIiWCV%2FE6PoS1Z%2B1LIinEWerWPveS4zGm2WVf%2FsldChF%2FXHEfpVKFiyuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-amz-version-id
8CJrjrvqFB2TaFMkKGP3y_iXgtaroa19
x-amz-cf-pop
MAN50-C2
cf-ray
68c50551fda96546-LHR
x-amz-cf-id
1uJPyZYvV3NJ0JEB76B5kicgoG3aKvKbbrAqs974WgWDgc4DhEJ4AA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
Logo_White.png
www.picussecurity.com/hs-fs/hubfs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hs-fs/hubfs/Logo_White.png?width=366&name=Logo_White.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb4e13a1634f80c917db6ab8f891e485494d66c1efeef735585992fb7af993eb

Request headers

:path
/hs-fs/hubfs/Logo_White.png?width=366&name=Logo_White.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 ed8e6c4476f2632eef2c7ce856161af0.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
225570
cf-polished
origFmt=png, origSize=11157
edge-cache-tag
F-30532619340,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Logo_White.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
3558
x-amz-server-side-encryption
AES256
last-modified
Fri, 03 Sep 2021 20:38:34 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"34a5dd2911431bd0d1e747ac07cffcfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ny7Y0eq2CWr2RWHLi4nRRB3PQpg7gHY576gcVbUOukcKyyPlbVG1%2FL6LDlITsGanbz6Whlm9s8QDoH73p%2FC96Fy4ZGh3ZaQb%2Bwcsv7f7wGlYhuw%2Fm3%2BP0fWKo%2FnJRRiWGSZvEoILSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
cf-ray
68c50551fdaa6546-LHR
x-amz-cf-id
vkseKeBOQaieix7Zcs9uovmuTm9497NBS8natt36lE8UPzn0G_93_w==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
main.min.js
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1620407851139/Shield/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1620407851139/Shield/js/main.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
109b317e316baf368c0dff0f14ce68fdf3f6baa0b1a0f55fccc97e60c01531c3

Request headers

:path
/hs-fs/hub/7048931/hub_generated/template_assets/32300259976/1620407851139/Shield/js/main.min.js
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1620407851409
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 6bc1c280aeef9bbdeb102c7f4e4f773e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1734
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
89W98NRKDJJKJGZK
x-amz-id-2
d2HdfGIX8nLy8AnqjqwzksOXKo+Tr/qeIHlc5qrEwAHqXYZ1/s1u82GnDWaDMG6411Sb1+HjABA=
last-modified
Fri, 07 May 2021 17:17:32 GMT
server
cloudflare
etag
W/"e73b2c9be88497f4546a1ac61b024819"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIVQvfebiNf1bxIYdatpqfYEDCwi7%2FeKU64e%2BHEuvJ8pL8shXfcHwgluDWDqwJU8GSZxVKrNC9hdOyJNRdcyeQy%2FmkaM0nwZTsMGmfBukK9kyNjSvi06aCTz5EMJQmFBWljAWe%2BWyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
yhACiZZS1DVBU58.SfZkBFXMPUW9g.XP
x-amz-cf-pop
IAD89-C1
cf-ray
68c50551cd8f6546-LHR
x-amz-cf-id
cvh0jlCvCKgVJoNFX3lGT9PGUrfLfStHW-UECcVkYuIGVcyfG0EM0A==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
shield-wow.min.js
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1619786239704/Shield/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1619786239704/Shield/js/shield-wow.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e39d20e83d85ce70995d12a3ae85b4e0c70a288b04dacd344cfbbecc15f4e5fe

Request headers

:path
/hs-fs/hub/7048931/hub_generated/template_assets/32379253675/1619786239704/Shield/js/shield-wow.min.js
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1619786240147
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 041a4887d523cabe8177e269cc358163.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1734
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
7N5XK0RZZBCQK7A8
x-amz-id-2
g/eQfot7WkHsJJWLIIfIxe+ub97qz5KtgRP+YYseENlgnBXVprmI/zKmoq2B4f3vFZJpucJU02E=
last-modified
Fri, 30 Apr 2021 12:37:21 GMT
server
cloudflare
etag
W/"a5b3cbba25b1b52bb4ce7c0376098ea3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V3%2FJxrb1CmycjE8fiUpEx5y6DUSoiz5CHo3fqL0m8q2plS%2BiTAPmRlINJfgL1LICRhz5qkYcYU5XkUH8csbIV3VvBJqc%2Fsi%2Bc10ETwQHG2e8cMBdwSXy%2FaqyZMJ26BDLntZclsmKkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
QaHaJs.WtwFgEo37VS9PTQhQCngIFt3U
x-amz-cf-pop
IAD89-C1
cf-ray
68c50551dd916546-LHR
x-amz-cf-id
QMpA7uOKc8IMXa2PRrwSQVuoEUO8NEe7oqFoMKbnOftteihLVkKqJA==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
module_39027676914_Mega_Menu.min.js
www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133783/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133783/module_39027676914_Mega_Menu.min.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
30c582f4480ac01ccc5d0040483b6cfbdef887951b12871cbd62b6ab7e6d0b43

Request headers

:path
/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133783/module_39027676914_Mega_Menu.min.js
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-created-unix-time-millis
1620397133783
date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 fba666ceffdeb316c8edf476d8994bd5.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1735
x-hs-alternate-content-type
text/plain
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-replication-status
PENDING
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
content-encoding
br
x-amz-request-id
N7T4AT3JB2NJQKXJ
x-amz-id-2
GQg8TPHdx+PNlcIr6GIoSg19W7KnJtHtcAfi4wubatAYIk+/PaJ1IU6qJob3z/cIuw8dnJweEVY=
last-modified
Fri, 07 May 2021 14:18:54 GMT
server
cloudflare
etag
W/"2e75b2ccb6d79ad01408224e3cf5f7d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaaeYe5N16%2B5Tz9oGwjf2dxIQUrGbO2PrQ80NYkbl%2FgRaDJINkeX6KMClVpH8cioL9ugVNfLPuTAOhX%2B%2FNKefNAf4zTQ7nCDtKQdAsd4C4ky3kGBfIUqWnpHrVE1DyiUpQ%2BsZT8Kxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900, s-maxage=31536000, max-age=31536000
access-control-allow-credentials
false
x-amz-version-id
2JTRgO0jtpX5A3TlrzgTQNm5rg3a2wOD
x-amz-cf-pop
IAD89-C1
cf-ray
68c50551fda16546-LHR
x-amz-cf-id
SvNm84n9EOl3o9bLEjXXSsqxGJI42YXDReJq5LqPYQXCbuqWgWIBbg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
7048931.js
www.picussecurity.com/hs/scriptloader/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/hs/scriptloader/7048931.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d9170292410620029b47da0ac46631a42535d8a0b61cfd4b0ea2860b9e535af

Request headers

:path
/hs/scriptloader/7048931.js
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
b52e5cc9-eda5-454b-aefc-d5f1d38d79df
server
cloudflare
x-trace
2B466767B80BF9078BBE0E7FA0913AC85F1C839DA4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHv3HEud835sN5AnNJsdZbYA6OYlTfdZ%2BaGvgWGhF5ZVtn8n68KsZitNFa8UAi4IDscMvEOV9dLFPj5gAdKsaJvhYJzr1BLY17%2BQ5wk0jmJaRxj%2Be5gfcQ%2FcT1n5LscuJjNCsZGVMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
68c505520db36546-LHR
expires
Fri, 10 Sep 2021 01:54:07 GMT
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s11-in-f10.1e100.net
Software
ESF /
Resource Hash
c60e17dc79dc71bf62414206a27c7212b271ec87001ffb57aa19f9962ba80871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 01:53:06 GMT
server
ESF
date
Fri, 10 Sep 2021 01:53:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Sep 2021 01:53:06 GMT
w.js
d10lpsik1i8c69.cloudfront.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.56.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-56-59.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:33:27 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:29:57 GMT
server
AmazonS3
age
1180
etag
W/"6f6cd12e9b9fb6a70e03f3fc2cae03a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 92deec7c8876604efe2f17b072bc68d7.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
jNiLoRHCoWS_J7zvTUEqzNlQnElA-F_dt0d9LiXHUGdqHZbJvb6sHA==
gtm.js
www.googletagmanager.com/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.232 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn09s19-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
587cd0ec7f20abeac28c2a915333e8a12c7ea043685cf6a29dae69baedd29d01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38731
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 10 Sep 2021 01:53:06 GMT
hotjar-2366058.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2366058.js?sv=6
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-94.hel50.r.cloudfront.net
Software
/
Resource Hash
4c2d3de532af65b47b752d4b84587392b1206538ddccb3d83fd84d15070f9c95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
HEL50-C1
etag
W/82bcf0c8d0e8d642765f4b80ff000c56
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1870
via
1.1 b56f9b741cabfa29551ca2899d93a1e9.cloudfront.net (CloudFront)
x-amz-cf-id
CAfTbnl_0uNpWE9e25rUHJ5nPTJv_RlbT93OL2IZ5vfWvoNYlUa9qA==
tracking.min.js
t.visitorqueue.com/p/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-100.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e6b1ba9070d7bde8c36398f130fed6693194d63de9cd5d289f95bf7490999345

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
dCseU1.ywVNlIdyRIhPyVgV_s2BLgNOX
via
1.1 20e9cd7a84a4b4e0dce285f587c43f9b.cloudfront.net (CloudFront)
last-modified
Thu, 26 Aug 2021 07:40:55 GMT
server
AmazonS3
age
1575
etag
"dacbb720311953017afbd37635130da3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 10 Sep 2021 01:33:56 GMT
x-amz-cf-pop
HEL50-C2
accept-ranges
bytes
content-length
6620
x-amz-cf-id
79rdCVrDhVtsJQsx09Ev6q3mmbZCXR1jP75dKiiseTkyocroJlQfCg==
picus-logo-arrow.png
www.picussecurity.com/hubfs/Shield/Icons/other/ 		750 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Icons/other/picus-logo-arrow.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60a7b0cd55aa8f2dfd59b3cc53bfd237fcb3df54a2993c03f9101fc3b2f360eb

Request headers

:path
/hubfs/Shield/Icons/other/picus-logo-arrow.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-34045770858,FD-33856159417,P-7048931,FLS-ALL
age
225470
x-amz-server-side-encryption
AES256
edge-cache-tag
F-34045770858,FD-33856159417,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="picus-logo-arrow.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
9PVRN0TK7RHPSKJH
cf-bgj
imgq:85,h2pri
etag
"7d3cbf0983cfad99831d4de9b9cb97d8"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1598341178035
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 1a97a9eebcc711c0fc19ac157ae64d21.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MAN50-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=1735
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
750
x-amz-id-2
bKEzx735gjcTeJfDnPeaq395fFcgA6bpJ0vUJtWKb3aKORlnZNmC3Pgx/DWFh7CGjtTz/LDK9ww=
last-modified
Tue, 25 Aug 2020 07:39:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q72bwDoAW04sbj2XLcAqaT%2F3W89BXd6yOgacec%2Bh8Zkdj%2B7uXKk%2FIxlI2z4JGvqGsVV%2FeK1hZ%2FknmHQHtNu8E58IfxneRnYnM1y8F6BPBtX59ZK6xbh4roJBYdHPFNB%2BhmfhP6AsdA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
l9na9ux_Ers.6Fg91plZ5JthBOUwnkhp
accept-ranges
bytes
cf-ray
68c505520db56546-LHR
x-amz-cf-id
r6q5oawo1KIGYSBreh_RWA_2-O469y62jr1CCVBbF0kAZtweCPC3zQ==
mega-menu-down-arrow.png
www.picussecurity.com/hubfs/Shield/Images/ 		98 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Images/mega-menu-down-arrow.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133876/module_39027676914_Mega_Menu.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463

Request headers

:path
/hubfs/Shield/Images/mega-menu-down-arrow.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133876/module_39027676914_Mega_Menu.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/module_assets/39027676914/1620397133876/module_39027676914_Mega_Menu.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-39029899220,FD-32586780943,P-7048931,FLS-ALL
age
225471
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39029899220,FD-32586780943,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="mega-menu-down-arrow.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
N85ER13A0K3AQ653
cf-bgj
imgq:85,h2pri
etag
"8e2b3f8a9be7c266f20ac70b5ef7c9ef"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1608564034330
date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 786e4a2e529b092f5f187cf1d9ab9307.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MAN50-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=121
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
98
x-amz-id-2
7kZgUzl/XbHaVKmCaFDoO/N9lvmVy49zAS8MrWt5syPZT72rSVqRZ5Rcxo63b6zsb0eFdsJhM5U=
last-modified
Mon, 21 Dec 2020 15:20:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a0Jyy4OTHblDGsC4pmN0nFqWqdZzOMYb%2BI%2BBM%2BKItLPvyCPfQSrOQtAy6Y0PkIoTUmY75adO%2FG9vGfMYdX4z%2FD4gGFIoZxMcrwmTZl1UgJp8YYj76H3VN70IvbxcfsF6H33ZKHDtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
oVZ1tmPGae_LgGyoO.g0kL81yj6KC.HE
accept-ranges
bytes
cf-ray
68c505520db66546-LHR
x-amz-cf-id
srbP8RiyKsxb9lJtIVcFpcjw9_jjfdlBb36-vM-F-81VxgeXYicArQ==
Emerging%20threaths-1.png
www.picussecurity.com/hubfs/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Emerging%20threaths-1.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf0089fe5ebbe72d53c0ce9ee78eacce2124eb69363787d20a87b8ec41b4bc00

Request headers

:path
/hubfs/Emerging%20threaths-1.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-54889069313,P-7048931,FLS-ALL
age
48647
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54889069313,P-7048931,FLS-ALL
x-amz-replication-status
PENDING
content-disposition
inline; filename="Emerging%20threaths-1.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
3RG34XP4S36MS708
cf-bgj
imgq:85,h2pri
etag
"2d3cbba282df489472a774706ca54b5c"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1631189531820
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 121c88058ec4bc13c2348ddff26afc99.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=278330
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
167688
x-amz-id-2
ae6J6MIMP6kJKoLz3UU1oSGc4raPzI0FxYCh9LqUUMWmklyf9FIdkCGYa1OFxf1G7RB0Uva7+7Q=
last-modified
Thu, 09 Sep 2021 12:12:12 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDd%2FifqyVPNeJUgItGtasA%2F7raJZ%2BbomOrvnawLdDKeb9LyswNmiCcFkYiaFxGFLpupp%2FZ6I89vGJBTTdnsgmH6X1KbSx%2B%2FFTkx1fvCqXufA%2BFxHsgMM8IdsHZCG%2F6Off27A%2F2PI9w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
km.9_DBMHghzE..yDqK4fkDgnBejVjB4
accept-ranges
bytes
cf-ray
68c505520db76546-LHR
x-amz-cf-id
aWJtynF8GVXf_0mOPm_5Ub6VkyC5Y-SJ60ucQTqNedYGh2-bEQwa3w==
Picus%20Labs%20Blog%20%285%29-4.png
www.picussecurity.com/hubfs/ 		227 KB
228 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Picus%20Labs%20Blog%20%285%29-4.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
18878ce32911ec98573af832841095fd7cc1ff2fe20ffff93cf57674539e2c57

Request headers

:path
/hubfs/Picus%20Labs%20Blog%20%285%29-4.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-54696332326,P-7048931,FLS-ALL
age
225470
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54696332326,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Picus%20Labs%20Blog%20(5)-4.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
2DT88CCN8NK6YCDW
cf-bgj
imgq:85,h2pri
etag
"22794dd2fc2eab97b66b1d799ce29b96"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1631002340705
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 c5dd4b18ed9adf7bc0574a33c2887012.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MAN50-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=369165
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
232086
x-amz-id-2
IdcS9pMY9vt8aWazRaPIHSEMul5ISCtUXCrMpuA2yGkTKwbPuq5FHzTYP76CsaOlPAf3VSc8nw0=
last-modified
Tue, 07 Sep 2021 08:12:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=boUxucAUKo4YcH1dp8ctu%2F9sYcFX2lgJHEY%2FxYsNyMxiJgP3TjbIMqP%2BkeRG2Kjyp6PGSYoXkMk4qlPwXsi%2BT9wH3r5YlEqyvbwy6IXsASvUkMEuCEJ36jfRfvcMFrtBqCECijJ%2BoA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
VMy8WeO8GW1GvLYTo_ZYDkgXXaSmPeaB
accept-ranges
bytes
cf-ray
68c505520db86546-LHR
x-amz-cf-id
N1ECJkOjCR_rXL_Jlz9dXE00xpVpUnMYUtGkznSaWgTUmj5NDoWYBA==
Emerging%20threaths.png
www.picussecurity.com/hubfs/ 		262 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Emerging%20threaths.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e44a75cc12be671526c1df9e50cfc35a8dbb680beaddb5ab079cedf3621973a

Request headers

:path
/hubfs/Emerging%20threaths.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-54363595422,P-7048931,FLS-ALL
age
46006
x-amz-server-side-encryption
AES256
edge-cache-tag
F-54363595422,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Emerging%20threaths.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
F68WJNBBJX63TNCW
cf-bgj
imgq:85,h2pri
etag
"bdd3caf30e0c59a4c37fa99875db8473"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1630572738631
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 69f8ad486723f285e484ce57919faf2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=408923
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
268154
x-amz-id-2
27DLkM4Q1SyhjIn2iD872PbNVbWjhF8Ogj8hK4g8bJDJ1DfpN69YxkFe1f650BHcpoHggpXWHVc=
last-modified
Thu, 02 Sep 2021 08:52:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvBuSXXE4kP82KHbM2yaTgZd%2FCAscHezb7kqMERvuWwk9DzIdUx%2Bhj1x6X8wtV4Pji8QnO8xslAgW8JnCTq7K5tA9gYEQt192WB5kDvadxJE4qV2DJ9TIW%2BEYJqt%2BN7GMiNhbqDtDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
ULnpnevlYVkuQlydxtT3xWQywA4COmf4
accept-ranges
bytes
cf-ray
68c505520db96546-LHR
x-amz-cf-id
V3-rjMoK8qLQDeBEVBEn6IeVxN3OuoefinBsfNefMQQeJmR6xZEhnQ==
background-pattern-20.svg
cdn2.hubspot.net/hubfs/7048931/raw_assets/public/Shield/images/ 		1013 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.hubspot.net/hubfs/7048931/raw_assets/public/Shield/images/background-pattern-20.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.241.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3145adf1bffb7600649b9ec6dfc09809307e270dbe6283dbb3c217677a33a2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-32587224910,FD-32294001075,P-7048931,FLS-ALL
age
924764
x-amz-server-side-encryption
AES256
edge-cache-tag
F-32587224910,FD-32294001075,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 11
x-amz-request-id
S613PXC4702TJ7QZ
etag
W/"399b73fe70f94e2b0fe7d2a023265e66"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1595251668028
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
none
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 11
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 f6d81b3012ddbb7788e324c7c08594a7.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG53-C1
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
none
access-control-allow-methods
GET
x-amz-id-2
ptpqee5FBdijC50VDEhZp5ykPnPKlHV6dA/LBC9FSAX1DPoaigDHSc5MbwDdy6GiJ5d8imWIk5c=
last-modified
Mon, 20 Jul 2020 13:27:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zGV5Jlz7fUfK674jc9m20WJ0WYSjdkYirA2FhVjGaHg7J4NcctoHzYQDVuRnbfwq6UsygnlZgSDts6phyWH1WcDtRqiUCv70ZMWmTT2sG4kS6SA9oo%2F7WU1Po07Bdd%2FXAk4%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
mViV1q64F1is5e_tSVdlZtjxaYvXeqgy
cf-ray
68c505524bba0877-CDG
x-amz-cf-id
b1JXcQGb-i0ryA1Vkldc_hYGnhpSzf4gNgqXKUPRnFC6jpq3vmYNAA==
discover-latest-resources-background.png
www.picussecurity.com/hubfs/Shield/Backgrounds/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Backgrounds/discover-latest-resources-background.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
87907ed308d9f94e7160fc56e7ede37dcab6c850c76be67de7bb26db0d15e1f0

Request headers

:path
/hubfs/Shield/Backgrounds/discover-latest-resources-background.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-48927946102,FD-32488148221,P-7048931,FLS-ALL
age
60753
x-amz-server-side-encryption
AES256
edge-cache-tag
F-48927946102,FD-32488148221,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="discover-latest-resources-background.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
ZTR2M7R256F2C20D
cf-bgj
imgq:85,h2pri
etag
"477599939a85ac3e0a2b8a9355bafc30"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1623857145292
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 7176d7cdb1755c0cca0750416f1054ad.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR61-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=157236
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
131740
x-amz-id-2
5Yr5Ked4s1NGGG9qw66fmnTSMDqYmRUfF9R4itqkLqFVfTDQoYUBoa2dtoVCWFS9pkrE8QhLlXA=
last-modified
Wed, 16 Jun 2021 15:25:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYfaCWSyOukFfpBeGxuOlXSNO3NEUgND6ZV7YIYASJPbB0QVWg88twW6zw3ZugN9kSlSfqk5%2F74qLwdmPO2I9BmW1R6OkDVDBxUKf7hI78WC2cW26i6gH7VbwikmCVvklJmL7aVxvg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
XcLnqw1KV0.7BvpT7VMk6DJgTZqKI6GS
accept-ranges
bytes
cf-ray
68c505520dba6546-LHR
x-amz-cf-id
S7CWIDRPdMUAR_VYMT1z2waIyaIO4-_lfGHMe6CkHWRE1jhFphqw6Q==
9-System%20Information%20Discovery-2.jpg
www.picussecurity.com/hubfs/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/9-System%20Information%20Discovery-2.jpg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c185b7eb49180776b4b26fb27a3111d51bd13110ed85c22f4233ecdf5eb4e9

Request headers

:path
/hubfs/9-System%20Information%20Discovery-2.jpg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-34232797406,P-7048931,FLS-ALL
age
223879
x-amz-server-side-encryption
AES256
edge-cache-tag
F-34232797406,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="9-System%20Information%20Discovery-2.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
WZBHZW4G3MBX0KZY
cf-bgj
imgq:85,h2pri
etag
"6fedded8915befde1c5dedbd1840a7e1"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1598616054849
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 174c08439d0479ee62deefc2d025760e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR61-C1
x-hs-alternate-content-type
text/plain
cf-polished
qual=85, origFmt=jpeg, origSize=1017184
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
170094
x-amz-id-2
JqizSGDnbl2Xu+qpyJ5BgLDpCzdW3gi8nldIrGKoqPbAoxB8l4N6/s8j4d+JmEFMbjoe1w004bQ=
last-modified
Fri, 28 Aug 2020 12:00:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qstWTPuJm2pJetUMFBUrUvBzXlLLRVZ3mDPOvGlz58WKgrHOZ1Jp%2FS2%2BLkwUygASeYm3TAtoBBV5RX7VfiPts0VVy9xugLp%2F6HJAhHwSz5Jt5QMl9t7mzIJhByCZMB4Wkok6J6fNUA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
DyLAoIj2eWckgjLsuKtTJ9tn.zfS_kGK
accept-ranges
bytes
cf-ray
68c505520dbb6546-LHR
x-amz-cf-id
OflXWMSPh9IBtv3MIQ7jRv22TMm_rnyOJkavKvSTSXATcHY031ehfw==
Website%20Landing%20Page%20Banner-2.png
www.picussecurity.com/hubfs/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Website%20Landing%20Page%20Banner-2.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a700615023d6226ad5cc185b271a07aaf8f2ee532ef7c74d98a67c991306e94

Request headers

:path
/hubfs/Website%20Landing%20Page%20Banner-2.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-37343795757,P-7048931,FLS-ALL
age
225470
x-amz-server-side-encryption
AES256
edge-cache-tag
F-37343795757,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Website%20Landing%20Page%20Banner-2.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
26C0674ATAM5NHPH
cf-bgj
imgq:85,h2pri
etag
"d84c42b91b2036bbaf9a73b2d0c62bb8"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1605011958120
date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 24a54386a87a6d9ed1bc8c44c4e9a7e9.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MAN50-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=4215824
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
2793450
x-amz-id-2
fvM642tWrpxnJnIlA1Wt7fw90Z0RII7LoqJ+BDNVseRaBHbr1DrkbX0UXH8Mjv6GXRi9XLrSqKk=
last-modified
Tue, 10 Nov 2020 12:39:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kL6mDVC48GsOACHr1CDAg%2FoVvrdabvIXv%2Bqj42QfEkfqRFdRfASY%2FkBxMAwB%2Bq5HIc%2Fx7EThLBkboMg6EWyqrwkCiTiTBp7pcUWPFq0yOBoGO3DqHOBQxC2zzJpG%2FyCgthNxRpf6JA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
5sqR8HPPXslxLo6jVkjczIm6nuxnafvF
accept-ranges
bytes
cf-ray
68c505520dbc6546-LHR
x-amz-cf-id
iZorG9Ecv7WUCUyNb5Ufmy_9HEp92c8GBrXDKZRXFE2hcTuTNoTZkw==
Picus%20Labs%20Blog-6.png
www.picussecurity.com/hubfs/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Picus%20Labs%20Blog-6.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e9c53feb97a9d94f4ca6beb7a638a006be6e357063d5f8ee9363e8aab2edad

Request headers

:path
/hubfs/Picus%20Labs%20Blog-6.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-50132459935,P-7048931,FLS-ALL
age
123148
x-amz-server-side-encryption
AES256
edge-cache-tag
F-50132459935,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="Picus%20Labs%20Blog-6.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
8ZPPYMQ5P2YN2DN5
cf-bgj
imgq:85,h2pri
etag
"913a2f1818618558f67b248d5fd57ab4"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1625408293839
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 20405ed0e9ef5e72d636863d6d962363.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR3-C2
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=169831
x-cache
Miss from cloudfront
x-amz-meta-index-tag
all
content-length
80666
x-amz-id-2
CH93pR5jlVa6USlS+h1KuHzfanDG6lMNlo5NxivWFt8mQLXT1DQURWwHrBw4bsFaFBk0pm8oD0s=
last-modified
Sun, 04 Jul 2021 14:18:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4qjfwTFm%2F%2B%2BYXGc8nj0uvZ8%2Bt0FTqlG0o%2F3zK8Vp2a4fPQeE0wk93pzGZoksYS1NQTevKf5DFh67eN3qSSIJGQRD3VIVC8X5m1J9MeP%2BweE8U0Pdx3NMG4m6lWFD3p6qUHyB2AAkw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
DMGsEBtx4D_9rV1dGSCEv3ZVsL_alvWM
accept-ranges
bytes
cf-ray
68c505520dbd6546-LHR
x-amz-cf-id
_NWlRM7dgzYKzWHUb6KFLlTmyS3wjU7odat8klKChsfyspLwOVHoGA==
picus-cta-banner-blue.png
www.picussecurity.com/hubfs/raw_assets/public/Shield/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/raw_assets/public/Shield/images/picus-cta-banner-blue.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e13189d1fff8e31882b630932faaeb79eb98a0c5514addf6770135014f07837a

Request headers

:path
/hubfs/raw_assets/public/Shield/images/picus-cta-banner-blue.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-meta-cache-tag
F-32961024991,FD-32294001075,P-7048931,FLS-ALL
age
73684
x-amz-server-side-encryption
AES256
edge-cache-tag
F-32961024991,FD-32294001075,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="picus-cta-banner-blue.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
NP38YDBPCB9P3PB1
cf-bgj
imgq:85,h2pri
etag
"a60223f88985cbb892578da33c9c7aea"
vary
Accept, Accept-Encoding
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
none
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
x-amz-meta-created-unix-time-millis
1595938893417
date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 4d5db5d8b78e0b583e041b582e55cfc7.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
TLV50-C2
cf-polished
origFmt=png, origSize=26958
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
none
content-length
13124
x-amz-id-2
W2qpdHvnPXjT6HnzQzWoACic9Q4UXKNzU4GveU2MqTjlE0DRUS2GT29jsrWyGCIkTq/QL5v481c=
last-modified
Tue, 28 Jul 2020 12:21:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmEURZSv9UniXxp3%2F0QKjZwsGsu869txe8DmtLLqqiKb9Te2vK63ugk8v9SZsUAiW9aAO7yghJ33zuofKQ712GmIGOE%2Ft943Y5jShQY%2BGH%2BY8crJm9NYnWLU2qGYueyI0JORubgLOA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
kFBsfNFhuTweyGPHIaAy1K.qQ47dB5Pf
accept-ranges
bytes
cf-ray
68c505520dbe6546-LHR
x-amz-cf-id
pzvwWRM4jeBjVuF-LYV7jBsmeUZsp3xc8ZE4XAGdX0Y3wJUMWWwo6A==
background-pattern-footer.svg
www.picussecurity.com/hubfs/Shield/Backgrounds/ 		1012 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hubfs/Shield/Backgrounds/background-pattern-footer.svg
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d74aea3ea1a09d7239128033be4a712352c7d38e458103f16f27c9446e8b329

Request headers

:path
/hubfs/Shield/Backgrounds/background-pattern-footer.svg
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/hs-fs/hub/7048931/hub_generated/template_assets/32300424271/1623857315941/Shield/css/main.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding
br
x-amz-meta-cache-tag
F-32488001577,FD-32488148221,P-7048931,FLS-ALL
age
225605
x-amz-server-side-encryption
AES256
edge-cache-tag
F-32488001577,FD-32488148221,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
x-amz-request-id
149SSZQNMKHX93QW
etag
W/"5d838d296347ac210f658dd228f5e4d5"
vary
Accept-Encoding
x-amz-meta-created-unix-time-millis
1594983750124
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
date
Fri, 10 Sep 2021 01:53:06 GMT
via
1.1 04354ce99e843be4590eff596a34d268.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
LHR61-C1
x-cache
Miss from cloudfront
x-amz-meta-index-tag
all
access-control-allow-methods
GET
x-amz-id-2
HyWaUmyt5vEAZSNy9JlZno3jTBsuYgwVsR/PtKSFaXRNmpDhmBHaW8hr2km2JsrP+tDojovyF94=
last-modified
Fri, 17 Jul 2020 11:02:31 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKTGrMHk4yAfOgmc33A%2FyvxEuvczukwpDUhFIrmXlK%2Fw3ggE42IZKwUbwDHTMBRHjNpwPgCscx3nsBPYhKlTS8lHhm1kuFs6KjpdsDDwa7X8GKvn%2FYqrMCSvsp1au%2FgPzzY%2BFKU4ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
_FuCvoAKP6E7gHr_urCXSjMGDpA0scJz
cf-ray
68c505520dbf6546-LHR
x-amz-cf-id
OhxMZPdN6u4uw_KKakq3aJRNvSqelklbdzb7dsd_kLLPp4qi2W94fg==
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v3/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f3.1e100.net
Software
sffe /
Resource Hash
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.picussecurity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 10:57:00 GMT
x-content-type-options
nosniff
age
572167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37056
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 22:48:53 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Sep 2022 10:57:00 GMT
red-report-doc.png
www.picussecurity.com/hs-fs/hubfs/Red%20Report/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hs-fs/hubfs/Red%20Report/red-report-doc.png?width=256&name=red-report-doc.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6848a7c6411f11b08ee82b11a490a0dc3b187383b68e5b3adafb9365ed8dd76

Request headers

:path
/hs-fs/hubfs/Red%20Report/red-report-doc.png?width=256&name=red-report-doc.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

age
225571
x-amz-server-side-encryption
AES256
edge-cache-tag
F-39111672604,FD-37653136293,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="red-report-doc.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
cf-bgj
imgq:85,h2pri
etag
"8563d4438df9ffea7fc8a82f2c4a30e4"
vary
Accept, Accept-Encoding
x-amz-meta-created-unix-time-millis
1608740141932
content-type
image/webp
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 d1cde188ada6755fe03b8541b71fce4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
IAD89-C1
x-hs-alternate-content-type
text/plain
cf-polished
origFmt=png, origSize=40744
x-cache
RefreshHit from cloudfront
x-amz-meta-index-tag
all
content-length
25938
last-modified
Wed, 23 Dec 2020 16:15:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzJ%2BDk5uGk%2FmGnlSPaxlooHc2fOgoPBK7BWCto9BlEoetspND1UIQcOg5vKIYEvRzlwnhOYcMMSgomOT5w8%2Bka6CCBkR4M%2BiaeNRbbJz%2FoMbxYgKJq0r9Cv8tR49owV%2Bx6Ls4O0UPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
false
accept-ranges
bytes
cf-ray
68c505522dc76546-LHR
x-amz-cf-id
l6pWunk5-4KK5slnKa5ezByQ3xB3iUJ8ifPFZGVPiAbifg5dYBdULg==
red-report-doc.png
www.picussecurity.com/hs-fs/hubfs/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.picussecurity.com/hs-fs/hubfs/red-report-doc.png?width=236&name=red-report-doc.png
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d76acf9735c02403bc87313692604261a3c0189d7bc82202c3dd6a32ed678b9d

Request headers

:path
/hs-fs/hubfs/red-report-doc.png?width=236&name=red-report-doc.png
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 cb41e4c888d6077f0196a8e9993a2655.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
225571
cf-polished
origFmt=png, origSize=51127
edge-cache-tag
F-39034528957,P-7048931,FLS-ALL
x-amz-replication-status
COMPLETED
content-disposition
inline; filename="red-report-doc.webp"
x-hs-cf-lambda
us-east-1.enforceAclForReadsProd 12
content-length
28952
x-amz-server-side-encryption
AES256
last-modified
Thu, 19 Aug 2021 17:55:35 GMT
server
cloudflare
x-cache
RefreshHit from cloudfront
etag
"c1634039f87e6bfb5fbdebb752cb40fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Jc2rY7qBu5TLyLTT%2BR6%2B8wcxes%2FAipAlNnc58BMEdLj3kSAI2Fp%2B%2Fq4SYIllCGDrEMG%2FvRFvXgzyP2Vg0ZAI2Klu3dcz9KYixajoqhVs6xslFkqgzbyrZvfBW%2FqVUM0%2BcBUVSrtxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cf-bgj
imgq:85,h2pri
cache-control
s-maxage=1814400, max-age=1209600, stale-while-revalidate=900
access-control-allow-credentials
false
x-amz-cf-pop
IAD89-C1
accept-ranges
bytes
cf-ray
68c505522dc86546-LHR
x-amz-cf-id
NLvtFm5aoYYuKKGdWZFFoVhfVRVSNqfyEm7avq7fqfIQsQrg8s4YNg==
x-hs-cf-lambda-enforce
us-east-1.enforceAclForReadsProd 12
1CA9oP8ghilNJPhaaPnI9fX9g2I8btLK4bbtopZpMYcbOQJD4MgGSzN-Qf8HKNRQbNcui3AYJWNlYEhESkM9rAE1SDgfCXiObyAj18eBh7R-k27B_XU2vnzmMYczRaA-0IUTMJu-=s0
lh5.googleusercontent.com/ 		191 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh5.googleusercontent.com/1CA9oP8ghilNJPhaaPnI9fX9g2I8btLK4bbtopZpMYcbOQJD4MgGSzN-Qf8HKNRQbNcui3AYJWNlYEhESkM9rAE1SDgfCXiObyAj18eBh7R-k27B_XU2vnzmMYczRaA-0IUTMJu-=s0
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.211.1 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
muc03s13-in-f1.1e100.net
Software
fife /
Resource Hash
449bd4c9dd10af1fac04aaeebcf8c95c05302086048baef6faad6c6b2defb336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
x-content-type-options
nosniff
age
0
content-disposition
inline;filename="pasted image 0.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195558
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 10 Sep 2021 13:34:26 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/ 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: cdn.popt.in
URL: https://cdn.popt.in/pixel.js?id=64d678615e3d0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3729755
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
26909
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL18OI3vHW7IXINAwok0Nz9UShC3W2v43dnFmtT4ikOkHOjDMY4hvGio75Mx15z2UZMcuRhtJYto6r%2Fb37LFK0UcU031ORxqNx2WMT08cHqjKuiPHYd%2FmSuUr0fEaUkCDDPGsaxg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68c50552d87ebd77-CDG
expires
Wed, 31 Aug 2022 01:53:07 GMT
/
settings.luckyorange.net/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&s=202290
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.10.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e2e62fe9e5fbd988991ac666d0a61f03649343ed729e2bcf4ab373f285bfb19
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.picussecurity.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuivrmRCsk1P%2FoOre1dm%2B%2BwMWaKQqYzA0mnOxI64QYZp3%2BL8T%2Bwiuqi%2F5O1NbOS0hfkTelNsys5V2AAkwqze69xmNBOhN9cAPwZ26jZ8DXCdDiQUYHQ2IXi1C99QaBDFfbeoCUKHMJjstw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
68c50552fa4565ca-LHR
access-control-allow-headers
Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
open
a.visitorqueue.com/ 		2 B
138 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://a.visitorqueue.com/open
Requested by
Host: t.visitorqueue.com
URL: https://t.visitorqueue.com/p/tracking.min.js?id=67ab0ee7-fcba-400b-8cb3-db7bb1cc0033
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.222.195.45 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-222-195-45.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 01:53:07 GMT
access-control-request-method
*
access-control-allow-headers
*
content-length
2
content-type
text/plain
open
a.visitorqueue.com/ 		42 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.visitorqueue.com/open?l=9&q=cGFnZVZpZXdJZD1jZWEzN2YyMy0zNjliLTQ3N2QtOGQ5Yi03MGU1ZTIzNmI3MjQmcGF0aE5hbWU9L3Jlc291cmNlL2Jsb2cvc2ltdWxhdGluZy1taWNyb3NvZnQtbXNodG1sLWN2ZS0yMDIxLTQwNDQ0LXplcm8tZGF5LWV4cGxvaXQmdmlzaXRvcklkPTViNzQyZWFjLWM2MmYtNDJjNC05Mzk3LWQ2NjlhMTlhNjRhNCZhY2Nlc3NlZEF0PTE2MzEyMzg3ODcmdnFUcmFja2luZ0lkPTY3YWIwZWU3LWZjYmEtNDAwYi04Y2IzLWRiN2JiMWNjMDAzMyZvcmlnaW49d3d3LnBpY3Vzc2VjdXJpdHkuY29tJnNjcmlwdFZlcnNpb249MS4zLjI=
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.222.195.45 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-222-195-45.ca-central-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Sep 2021 01:53:07 GMT
access-control-request-method
*
cache-control
No-Store
access-control-allow-headers
*
content-length
42
content-type
image/gif
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2366058.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-115.hel50.r.cloudfront.net
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
67082
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 92deec7c8876604efe2f17b072bc68d7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HEL50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
LKOE6aIE3LAvr9Kp_xMZM4fhXu4CB3YVi0yEoa-SlbjQxOH0XorG4A==
10a2d0b0-9f91-4cd7-a1e0-1cff39706638
www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638?callback=hs_reqwest_0&hutk=
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
845f6ed942c91897165e8695ea3cb308eaa3522fc0c9c15ecce9da32c90e9256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638?callback=hs_reqwest_0&hutk=
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; poptin_old_user=true; poptin_user_id=0.jrfpg6a884; vq_initial_source=; vq_utm_source=; vq_utm_term=; vq_utm_medium=; vqa_vid=5b742eac-c62f-42c4-9397-d669a19a64a4
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
8ecd9104-4041-4a8f-be20-240e7b8a61db
cf-ray
68c505532e3d6546-LHR
content-disposition
attachment; filename=no-rfd.txt
vary
Accept-Encoding
server
cloudflare
x-trace
2B89B46A3E521354144E567B93C9CE903823D31721000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkJXGXDMIdm8Vwbec3%2F6LSwhSVapKGyM5FO%2FowD8JMllrn91BlN2RNYNX%2BOhFSqKBJ2TUgR1mEiBvcyEUQKGV1r%2BGFZtpu4tn4cxkJspp%2BB7eW6ax%2BZQCt%2F1XjpXOtwBsB2mVU%2BsYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
10a2d0b0-9f91-4cd7-a1e0-1cff39706638
www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638?callback=hs_reqwest_1&hutk=
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/_hcms/forms/v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa530d5f8a92fc7c8b0200d106424857796a41ba12ac159a0a02f37f3d3687b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_hcms/forms//embed/v3/form/7048931/10a2d0b0-9f91-4cd7-a1e0-1cff39706638?callback=hs_reqwest_1&hutk=
pragma
no-cache
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; poptin_old_user=true; poptin_user_id=0.jrfpg6a884; vq_initial_source=; vq_utm_source=; vq_utm_term=; vq_utm_medium=; vqa_vid=5b742eac-c62f-42c4-9397-d669a19a64a4
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
2b10e6d3-f9ab-4458-acb2-a0689fe475bd
cf-ray
68c505532e3e6546-LHR
content-disposition
attachment; filename=no-rfd.txt
vary
Accept-Encoding
server
cloudflare
x-trace
2B6ED41271522571319E77D2A903965671B1B596AD000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gD9BCe%2BW%2F30cKexgVPMuKb37kQitZokLX0pn7nvaEDwkvAne03NJ5yc5HfdLUfNEqNL0mg1DGiRYWW1Cel2E0p4AmnntP%2Fp%2FOgUi8qwNCTfdmffwhDr4IZJSaU4VdZK6%2BOpiota1qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
x-robots-tag
none
all.js
connect.facebook.net/en_GB/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
3b49ee3d1ececfa22283cd0d264670350a76193964849b8ae33ff0183cad884f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QjUo7bMtQnV2jvc+09aoLQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
nQMlfdV+9PYzoonIesSQENy8WTxelaW+suih4itnJRj916Qt4MduERVKO7v/4rfa7FPxoDNSqWUPVbaFjt7bAQ==
x-fb-trip-id
917726464
x-fb-content-md5
dfe73bfcf73c75767d7e4b6e2b9a69aa
x-frame-options
DENY
etag
"a88f90427b0497047d37dfaf84934fbc"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Sep 2021 02:08:40 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 01:53:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Aug 2021 20:34:57 GMT
Server
ECS (frb/67AA)
Age
1297
Etag
"d405b816322f9770c70cbd10cfa87be4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28872
has-permission
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission?portalId=7048931&callback=jsonpHandler
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/hsstatic/HubspotToolsMenu/static-1.109/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-hs-worker-debug-mode
false
server
cloudflare
x-hubspot-correlation-id
e97a6c78-037a-4004-a638-e42989937b51
x-trace
2BBD4B16CD098B003011F535C1FB9BEEC15AFBE5DD000000000000000000
date
Fri, 10 Sep 2021 01:53:07 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
cf-cache-status
DYNAMIC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]}
cache-control
max-age=0
access-control-allow-credentials
true
cf-ray
68c50553996e3ac8-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.112.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00b4e498e234c71b14fba50f7be5190e5361e3a9d8345926b40c553295d2f2a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 2f66aa06710fece8ed203ab0ea81eb56.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
332
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.243/bundles/pixels-release.js&cfRay=68c4fd38bc8d32c2-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Tue, 07 Sep 2021 01:31:17 UTC
server
cloudflare
etag
W/"b2c78dd7d31336706445638fc639a215"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
S6FQeL9Scofdyk064pc4GFuLvEJ_FwbW
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
68c505539b8a4001-CDG
x-amz-cf-id
6fFTj9IavInMGT_oLrcBFdJcJDgX-EML2XAcGGgJ0cOHeQGne_plaA==
x-hs-target-asset
adsscriptloaderstatic/static-1.243/bundles/pixels-release.js
collectedforms.js
js.hscollectedforms.net/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.129.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Origin
https://www.picussecurity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 8d6071bd169bbf5fd46638140132b1d1.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
age
81795
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.243/bundles/project.js&cfRay=68bd38644d00089f-IAD
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
68c505539ff73a8d-CDG
last-modified
Mon, 26 Jul 2021 08:57:16 UTC
server
cloudflare
etag
W/"71e1b9bc533ea0484715e256cd176305"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
B7tJDnPGhJYQnx9vLunWV_JVNjkGgLI4
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
tN5pQ-pZfatv5D7jyS_9GsDjvoWgu-UnRVRw_1bFsydIpoZjl9Ygjg==
x-hs-target-asset
collected-forms-embed-js/static-1.243/bundles/project.js
7048931.js
js.hs-analytics.net/analytics/1631238600000/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1631238600000/7048931.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.67.176 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9a1a646c12fac169e7992657a5e1d838aadb1e74534e085216e23222a1cecd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
cf-cache-status
MISS
x-guploader-uploadid
ADPycdu2l_CaWyhWSW_m27c2lxrZcOMrgrhhMnltkNHCygmYOMoHwKrGUTA6-q_g3kP3ZF1_6reArWMNxdb4mgVjUQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-type
text/javascript
last-modified
Mon, 19 Jul 2021 15:46:29 GMT
server
cloudflare
etag
W/"d155b4907ef89a229aecdd795f5270c2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-goog-hash
crc32c=hDxJuA==, md5=0VW0kH74miKa7N15X1Jwwg==
x-goog-generation
1626709589388216
cache-control
max-age=300, public
access-control-allow-credentials
false
x-goog-stored-content-length
63353
cf-ray
68c50553b95e3b97-CDG
expires
Fri, 10 Sep 2021 01:58:07 GMT
conversations-embed.js
js.usemessages.com/ 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.237.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47399f567ee20a34dda641c05cb1d1425be6e5a6bd7d962841153fb52851e3af

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 f37f104903bda438e8b0547be6e0c193.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
179
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.9187/bundles/project.js&cfRay=68c500f4eb8b4007-IAD
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
PENDING
content-encoding
br
last-modified
Tue, 07 Sep 2021 07:54:15 UTC
server
cloudflare
etag
W/"00292aa2cdadc53da8c7d50c2425cee7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
j9PHeWbKkd5JMoSAf8_zrWNhwi8tfYzQ
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
68c50553cec93ad1-CDG
x-amz-cf-id
Q3mh2di1EHwK2XnLFoDCar1ZQkK7QpEReLFBW-6MTqGEHrybjSsmbw==
x-hs-target-asset
conversations-embed/static-1.9187/bundles/project.js
7048931.js
js.hs-banner.com/ 		65 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/7048931.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f590aca52b84eb1f397905ae720c1d384853cf3197d23cb39e80e92c679f4591

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
591EWC6RHZRK8PNJ
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
eN3cSGggxQOhBFeAEPqHGZUCezNd1ZrLdDfaCs5iObK5dkmwkLFIdsCMNqlHrB1bW1pv/w0+tbQ=
timing-allow-origin
*
last-modified
Fri, 03 Sep 2021 20:51:52 GMT
server
cloudflare
etag
W/"ae0d2456167984fc4923812d05a22be8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
z2H1jhgKt.h_c7OX1c.ISsx2IXkWERUj
access-control-allow-origin
https://www.picussecurity.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
68c50553cdca0883-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Fri, 10 Sep 2021 01:58:07 GMT
leadflows.js
js.hsleadflows.net/ 		537 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsleadflows.net/leadflows.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/hs/scriptloader/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.230.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5343b9a9c667a328bd11798a1d4950326c2e48189873d45b2d515c56aad2cd6

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Origin
https://www.picussecurity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
via
1.1 7ba3a61255419c2e0d9e131796899e10.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
63733
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1053/bundle/main/lead-flows-release.js&cfRay=68bef1570e1e3ae3-IAD
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
68c505541bfb4001-CDG
last-modified
Wed, 01 Sep 2021 08:32:41 UTC
server
cloudflare
etag
W/"06b9cc0a137bb12ab3bdef2f5d9c59e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
sGyMCPzZ_yO5cY5tFaL3Y3aSs3R6Eatx
access-control-allow-origin
*
cache-control
s-maxage=86400, max-age=0
x-hs-cache-status
MISS
x-amz-cf-pop
IAD89-C3
content-type
application/javascript; charset=utf-8
x-amz-cf-id
9jjogTqKAk1bOm6QD7AWvk-UCU9kpq6wphrfDfsyzBt69Bu3fG0OXA==
x-hs-target-asset
lead-flows-js/static-1.1053/bundle/main/lead-flows-release.js
64d678615e3d0
display.popt.in/APIRequest/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://display.popt.in/APIRequest/64d678615e3d0?domain=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&referrer=&cookies=poptin_old_user%3Dtrue+poptin_user_id%3D0.jrfpg6a884+poptin_referrer%3D+poptin_new_user%3Dtrue+poptin_viewed_session%3Dfalse&triggers=&cc=false&if_mobile=false&page_title=Simulating+Microsoft+MSHTML+CVE-2021-40444+Zero-Day+Exploit&origin_landing_page=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&if_page_refreshed=false&poptin_viewed_url=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c4604ecacc87e390821f809ad7adb02efb23fed4458a638617866057419d2b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GasHsYAr7B%2Bfi7ba%2FHeruYqlU5AER7XLT9tvR5%2FlKj%2FYMsrlQ6BP2UoWKxi3fyO0LJFmG7DKVJlgCNuauPLgomLv0rzpjQ5tZo%2FMJq2fRXlYsR7PARS%2FTYDf%2FWndQyPJ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
68c50553b9f16550-LHR
access-control-allow-headers
Origin, Content-Type
widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html
platform.twitter.com/widgets/ Frame C7A3 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.picussecurity.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6724) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
11800
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 10 Sep 2021 01:53:07 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Mon, 02 Aug 2021 20:33:53 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6724)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3KD4ZR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1970
date
Fri, 10 Sep 2021 01:20:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 10 Sep 2021 03:20:17 GMT
all.js
connect.facebook.net/en_GB/ 		228 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_GB/all.js?hash=84d111ccd76d7df0e2c5f83b66998b62
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
f49af696423d64edc92826e93ff19bfc20743b648e755c720cd3c8df4354f1af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Origin
https://www.picussecurity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Jm9wW8eeohWVVCJVNh1ixQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68308
x-fb-rlafr
0
x-fb-debug
PmlhivsNQkCqvkTS/BgMPqqBj7xIZg8EkN2aawFSJjdnZRwZ9gh0pj2XUYOXxS9WAzwMOCQNAbNRM1yAtnlbPQ==
x-fb-content-md5
ae6a80792751edd4f5a2f0a362ef65c7
x-frame-options
DENY
date
Fri, 10 Sep 2021 01:53:07 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"df71e7b3f15237e2bdcaf9f976b16c22"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 10 Sep 2022 00:47:22 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame 285F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2366058.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-60.hel50.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 7edd8006b8bc56aba6e41686a63bba53.cloudfront.net (CloudFront)
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
aDkdq9QxGm8FfTbOky7bSYSUov5Z0AiV5id2knNXwLhJcOSqUtTjhw==
age
4452482
lftracker_v1_p1e024B6wKW4GB6d.js
sc.lfeeder.com/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.lfeeder.com/lftracker_v1_p1e024B6wKW4GB6d.js
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.143.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-143-110.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bcbf78ee774313aac11e9408816d3392f5249b50df534963ed2303020e8cbe3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
V11nsQUmEr1E7BFqf9u2crzet.Ykpewr
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 12:26:21 GMT
server
AmazonS3
x-amz-cf-pop
HEL50-C2
etag
W/"12eab49841748a1e3dafb313c8cc5308"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 dde62003552e800310ee1980113eedb4.cloudfront.net (CloudFront)
cache-control
max-age=3600
date
Fri, 10 Sep 2021 01:53:08 GMT
x-amz-cf-id
apgGshTcL5qFevjGRV7JpZN51sJBCi1CRv2-fIgwNILsgktvDdZ3Hg==
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame 2360 		287 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=9205c52
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.56.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-56-59.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a72a14448ee5320221100622671b5a9defdcddc331266def018afc09142d29f0

Request headers

Referer
Origin
https://www.picussecurity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 17:15:10 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
7375078
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 16 Jun 2021 16:29:56 GMT
server
AmazonS3
etag
W/"4b96c4bfb5d8c300201f4074054196b7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 8f473fbf4c5fc98461ca6905ec13126d.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
EVi-mHKlhGxIEBNYi1cSnBzrKQJuaMqMpNqse-axaC3L66BFaNsBZw==
settings
syndication.twitter.com/ Frame C7A3 		287 B
453 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=b6333d7d004f7825d7e90a190242be35d01df34c
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=https%3A%2F%2Fwww.picussecurity.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
78078258a77fab030b24a53932c0c8d21a0f5ce6e8cee911a0d6d90b2898d233
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 01:53:07 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
7b309abeef5d98b534d20cfcdb8b61e36e746e76607ffcc0c465e0b0adf85d53
content-length
187
widget
www.picussecurity.com/_hcms/livechat/ 		337 B
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/_hcms/livechat/widget?portalId=7048931&conversations-embed=static-1.9187&mobile=false&messagesUtk=b1eab40b06b047a396901eec9eb4da5d&traceId=b1eab40b06b047a396901eec9eb4da5d
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
012d56787268201889a1168336194d06792089c88b9cc11d4ed4308fa54b95d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; poptin_old_user=true; poptin_user_id=0.jrfpg6a884; vq_initial_source=; vq_utm_source=; vq_utm_term=; vq_utm_medium=; vqa_vid=5b742eac-c62f-42c4-9397-d669a19a64a4; poptin_referrer=; _hjid=731419dc-44c6-457b-812f-c3d0d1566771; _hjFirstSeen=1
x-hubspot-messages-uri
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:path
/_hcms/livechat/widget?portalId=7048931&conversations-embed=static-1.9187&mobile=false&messagesUtk=b1eab40b06b047a396901eec9eb4da5d&traceId=b1eab40b06b047a396901eec9eb4da5d
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
GET
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
54359f71-1e21-4d83-91fa-adb4b887851d
server
cloudflare
x-trace
2B6869808E22E7440C33198C3A722A955F7606B38E000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUas56H51Zz9uCxcDHjhlUMzoqMsVUDOkX5apHn0DKrvTc%2BUURWRG7YbM364YDEuwsmWIM6o4jYX%2BjBYLkcAYh4o%2BjE0GYDi4Xyf3Lf%2BTrStPFbVnjPLyxCZOxaeAoyEDrNhWDFx7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
68c505544eb56546-LHR
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
json
forms.hubspot.com/collected-forms/v1/config/ 		115 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hubspot.com/collected-forms/v1/config/json?portalId=7048931&utk=
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99055dba9f2387917c3e9808aacc7c2e23a12705985bb8c4a6fcef05a2a0c682
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
67837513-b33a-441f-8327-abe0befdb666
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wqiJGkfxhX%2BscVwe1GqJYMvkbsohbB%2FCEgZ1Y78CoiZo1%2BQSqNeMihBsJpPOhf0oWKSfc6tboASP4s5CnlfFdPgvt0TPh41IGIPdT3DBovtz%2FhL%2F77ZllMsTk1gh0RouipJ"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.picussecurity.com
x-robots-tag
none
access-control-allow-credentials
false
cf-ray
68c50554ab8339ff-CDG
access-control-allow-headers
*
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=871555958&t=pageview&_s=1&dl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&ul=en-us&de=UTF-8&dt=Simulating%20Microsoft%20MSHTML%20CVE-2021-40444%20Zero-Day%20Exploit&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1743782942&gjid=354921602&cid=1574378603.1631238787&tid=UA-37993489-1&_gid=1429588810.1631238787&_r=1&gtm=2wg910N3KD4ZR&z=1695039153
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
arn11s10-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Sep 2021 01:53:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.picussecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/2366058/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2366058/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.159.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
05c37335-cb18-410c-91ce-f84dfbb2fb99
x-trace
2B4234D3A267CCE767485DC1910BD586474B144BF3000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
false
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
68c50555cb2f40b7-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
35
x-robots-tag
none
/
tr.lfeeder.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.lfeeder.com/?sid=p1e024B6wKW4GB6d&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTM3OTkzNDg5LTEiXSwiZ2FDbGllbnRJZHMiOlsiMTU3NDM3ODYwMy4xNjMxMjM4Nzg3Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuMjYuMiJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cucGljdXNzZWN1cml0eS5jb20vcmVzb3VyY2UvYmxvZy9zaW11bGF0aW5nLW1pY3Jvc29mdC1tc2h0bWwtY3ZlLTIwMjEtNDA0NDQtemVyby1kYXktZXhwbG9pdCIsInBhZ2VUaXRsZSI6IlNpbXVsYXRpbmcgTWljcm9zb2Z0IE1TSFRNTCBDVkUtMjAyMS00MDQ0NCBaZXJvLURheSBFeHBsb2l0IiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJiZTg3NTg3YWMzOGI5YmJlIiwiY2xpZW50VGltZXN0YW1wIjoiMjAyMS0wOS0xMFQwMTo1MzowNy40NzNaIiwiY2xpZW50VGltZXpvbmUiOjAsInNjcmlwdElkIjoicDFlMDI0QjZ3S1c0R0I2ZCIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS42ODg3ZmFjN2E0ZjNkZTM1LjE2MzEyMzg3ODc0NzEiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9fQ==
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.242.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-242-52.hel50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
collect
stats.g.doubleclick.net/j/ 		1 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-37993489-1&cid=1574378603.1631238787&jid=1743782942&gjid=354921602&_gid=1429588810.1631238787&_u=YEBAAEAAAAAAAC~&z=1465226314
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.222.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lo-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 10 Sep 2021 01:53:07 GMT
content-type
text/plain
access-control-allow-origin
https://www.picussecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
js.hs-banner.com/cookie-banner/activity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner/activity/view
Protocol
H2
Server
104.18.20.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.picussecurity.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 10 Sep 2021 01:53:08 GMT
content-type
application/octet-stream
content-length
0
access-control-allow-origin
https://www.picussecurity.com
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
access-control-max-age
604800
timing-allow-origin
*
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
68c5055759cb3ffb-CDG
__ptq.gif
track.hubspot.com/ 		45 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=17&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=8a458547-f02d-4bca-97d8-e549bfa2b9c6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857800448&v=1.1&a=7048931&pi=54365624987&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&cpi=54365624987&cgi=35190412163&lpi=54365624987&lvi=54365624987&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&t=Simulating+Microsoft+MSHTML+CVE-2021-40444+Zero-Day+Exploit&cts=1631238787619&vi=f5843415181508a4a6fdedb4c8387169&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0d7513a5-5d2a-4f6a-94ed-69668b90e5eb
cf-ray
68c50556db5a3ac8-CDG
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtLDCh3M0Xu8iDIsmXjAZyIAA8gE8cCHT45V8G69rlW67detWyqczOVxezAUMuJ2%2FUXshttxf%2BH3yAzw47vV2o4EtXM%2BTtmS0cYjPrm7UiP%2B2B9AgvMgcBYv4tr2XGfyk4%2Br"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=8a458547-f02d-4bca-97d8-e549bfa2b9c6&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857800448&v=1.1&a=7048931&pi=54365624987&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&cpi=54365624987&cgi=35190412163&lpi=54365624987&lvi=54365624987&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&t=Simulating+Microsoft+MSHTML+CVE-2021-40444+Zero-Day+Exploit&cts=1631238787622&vi=f5843415181508a4a6fdedb4c8387169&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
d2259f3d-351d-4e00-94d2-325710956734
cf-ray
68c50556db583ac8-CDG
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKovStL7eZbudIE%2BEBgpr36XU2uWm0O3gJ4v%2FO1RY%2Fo2mAopjcBN9Yxoxrz7B9p7bGUhA0CuiSveJAfXd%2B4vkf8qLqgiyDABX71Ci5YIecR6AOZ6CP5xs6fZf%2B5HZaWzq8Fw"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=15&fi=10a2d0b0-9f91-4cd7-a1e0-1cff39706638&fci=1ed00569-72de-46fd-b58e-03852c813fd7&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857800448&v=1.1&a=7048931&pi=54365624987&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&cpi=54365624987&cgi=35190412163&lpi=54365624987&lvi=54365624987&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&t=Simulating+Microsoft+MSHTML+CVE-2021-40444+Zero-Day+Exploit&cts=1631238787624&vi=f5843415181508a4a6fdedb4c8387169&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
ab6a38d0-edea-422a-80ea-fa032029373c
cf-ray
68c50556db573ac8-CDG
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fa3DJrX9AiY1AnQbbgaz8kM4PS2lShgG%2FXnwE9ZmGbS7816HOErCts35UsZJuOvGXASqIxUqyYrxuXe5Uz7VNDNxFuuhbMtX2c0IY8SgcFZlygn74wbmpikXmZft5bENfyPz"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
__ptq.gif
track.hubspot.com/ 		45 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3857800448&v=1.1&a=7048931&pi=54365624987&ct=blog-post&ccu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&cpi=54365624987&cgi=35190412163&lpi=54365624987&lvi=54365624987&lvc=en-gb&pu=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit&t=Simulating+Microsoft+MSHTML+CVE-2021-40444+Zero-Day+Exploit&cts=1631238787625&vi=f5843415181508a4a6fdedb4c8387169&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 01:53:07 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
f49cda6e-2da1-4374-ab72-b025fe7b2f4f
cf-ray
68c50556db593ac8-CDG
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBsPHZJMXDxkcuz1nct9oqf7Lc0JrUHnjfz5ROBB1l14zHsSOvYkbz9vr78wrZ4051fTs4JLYErLp7Vnub5YbZ2pS9DAk4THg%2FZwq2t8%2FkuVsTdiJlNO%2BLu7sKszgm%2Bpvt8M"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.56.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-56-59.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:05 GMT
via
1.1 92deec7c8876604efe2f17b072bc68d7.cloudfront.net (CloudFront)
last-modified
Wed, 16 Jun 2021 16:29:56 GMT
server
AmazonS3
age
7377783
etag
"2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
HEL50-C1
accept-ranges
bytes
content-length
1283
x-amz-cf-id
9EBeTkklplN2Ol66D9xJ79wOTyhZd89t77N4IbE0HC06_9gylTJ-jA==
logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.56.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-56-59.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:05 GMT
via
1.1 92deec7c8876604efe2f17b072bc68d7.cloudfront.net (CloudFront)
last-modified
Wed, 16 Jun 2021 16:29:56 GMT
server
AmazonS3
age
7377783
etag
"35ce74c31e3ef54462a234340af702d7"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
HEL50-C1
accept-ranges
bytes
content-length
1143
x-amz-cf-id
P-adxhMDGfLHIJd9pdvn_EoGCx4G5Q20kRf_5mhOacbUK_xUhYkYJA==
sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 		277 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.56.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-56-59.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:05 GMT
via
1.1 92deec7c8876604efe2f17b072bc68d7.cloudfront.net (CloudFront)
last-modified
Wed, 16 Jun 2021 16:29:56 GMT
server
AmazonS3
age
7377783
etag
"76f1993de0fd323f67cece8d8e63bfa2"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
HEL50-C1
accept-ranges
bytes
content-length
277
x-amz-cf-id
MERmesZSyIOv_h60zvJGGCh_ZOLT67QklUKveQyjhLCG_tKwonhudA==
view
js.hs-banner.com/cookie-banner/activity/ 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/cookie-banner/activity/view
Requested by
Host: js.hs-banner.com
URL: https://js.hs-banner.com/7048931.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.20.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Fri, 10 Sep 2021 01:53:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-hubspot-correlation-id
c1fd1418-4081-487f-a633-9bdfea8092aa
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.picussecurity.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials
true
cf-ray
68c505598c033ffb-CDG
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
reset.css
d10lpsik1i8c69.cloudfront.net/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by
Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=9205c52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.56.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-56-59.hel50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 16 Jun 2021 16:30:05 GMT
content-encoding
gzip
last-modified
Wed, 16 Jun 2021 16:29:56 GMT
server
AmazonS3
age
7377783
etag
W/"7144eaceff0b31347712515a6116074e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 92deec7c8876604efe2f17b072bc68d7.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
HEL50-C1
x-amz-cf-id
yXfOeg9MHdQpCqwgLfuVxB6zE4LujVRiPY6MqUDG3bOygggDMAv7Ig==
47ee5861-9cbf-4adb-beea-fa8f4f645188
https://www.picussecurity.com/ Frame 2360 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.picussecurity.com/47ee5861-9cbf-4adb-beea-fa8f4f645188
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
0
b8dde417-dfb9-4fad-86bb-1b4202ec3cdd
https://www.picussecurity.com/ Frame 2360 		30 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.picussecurity.com/b8dde417-dfb9-4fad-86bb-1b4202ec3cdd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
31224
perf
www.picussecurity.com/_hcms/ 		2 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.picussecurity.com/_hcms/perf
Requested by
Host: www.picussecurity.com
URL: https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.227 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-fetch-mode
cors
origin
https://www.picussecurity.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
__cfruid=87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786; poptin_old_user=true; poptin_user_id=0.jrfpg6a884; vq_initial_source=; vq_utm_source=; vq_utm_term=; vq_utm_medium=; vqa_vid=5b742eac-c62f-42c4-9397-d669a19a64a4; poptin_referrer=; _hjid=731419dc-44c6-457b-812f-c3d0d1566771; _hjFirstSeen=1; _ga=GA1.2.1574378603.1631238787; _gid=GA1.2.1429588810.1631238787; _gat_UA-37993489-1=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _lfa=LF1.1.6887fac7a4f3de35.1631238787471; poptin_user_ip=216.131.111.174; poptin_user_country_code=false; poptin_session_account_613f053dd8506=true; poptin_d_r_v_d30dcad11266b=0; poptin_session=true; poptin_c_visitor=true; _lo_uid=202290-1631238787114-4dc0e77c0a3fd217; _lorid=202290-1631238787114-9ae897ba56c67f8c; _lo_v=1; __lotl=https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
content-length
843
:path
/_hcms/perf
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.picussecurity.com
referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.picussecurity.com/resource/blog/simulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type
application/json

Response headers

cf-ray
68c50569583c6546-LHR
date
Fri, 10 Sep 2021 01:53:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-hubspot-correlation-id
cfb1df46-f80a-4df8-83d8-045cff0ec3bf
x-trace
2B6074A625245881629224245961D71D2C80D55E69000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tgRUEP8lgEuiM0OHc4phy%2BH8T6267JxV7noQjVwlZtaZyygMujgG8FFzI49NvyWbbCEBettBOdO2tc3p2PXRL5vBYPu0G9NRq4I3RL1D7wbsJDoBsAfE4HAATbc3ov91tQ8u0vNlg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-credentials
false
x-robots-tag
none
content-length
2

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| hsjQuery object| _hsp number| __lo_site_id object| dataLayer function| hj object| _hjSettings function| vqTrackId object| __core-js_shared__ object| Sslac object| IN object| jQuery1710902366057070914 function| WOW function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage boolean| pixelAdded boolean| poptin_loadcontrol_fix boolean| poptin_disable_fa boolean| poptin_single_page_app function| jQ224 object| poptinSubmitted function| showLog function| poptinVisible function| onpoptinClose function| onpoptinSubmit function| pageLoadCheck boolean| poptinAfterPageLoad function| closePoptinOnXclick function| poptin_display function| PoptinQueue boolean| __lo_csr_added function| VQTracker object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules undefined| module_39027676914 function| i18n_getmessage function| i18n_getlanguage function| bindToWindowOnError object| globalRoot function| hns object| hubspot object| hbspt object| __hsRoot object| hspreserve undefined| React function| OutpostErrorReporter function| hmerge undefined| ReactDOM undefined| require undefined| requirejs undefined| module undefined| bootstrap object| options object| HSFR object| _hsq function| hs_reqwest_0 function| hs_reqwest_1 object| hsVars function| jsonpHandler object| cookies string| relevent_cookie string| poptin_viewed_session number| once string| ap_triggers string| lp object| google_tag_manager object| __twttrll object| twttr object| __twttr object| google_tag_data string| GoogleAnalyticsObject function| ga object| ldfdr object| FB boolean| PIXELS_RAN object| __hsCollectedFormsDebug boolean| hubspot_live_messages_running object| HubSpotConversations function| defineProperties object| leadflows boolean| popupPoliceActive function| hns2 undefined| jade undefined| I18n undefined| hubspot_mailcheck undefined| Pikaday undefined| reqwest undefined| exports undefined| define boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN object| _paq function| sanitizeKey boolean| _hstc_loaded object| WTW_Watcher object| LO object| gaplugins object| gaGlobal object| gaData boolean| __discoverInitialized boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| _loq boolean| _hspb_ran

27 Cookies

Domain/Path Name / Value
.www.picussecurity.com/ Name: __cfruid
Value: 87f4d7e2f0f0c775b7b20ae6efedef227d8f4c2d-1631238786
www.picussecurity.com/ Name: poptin_old_user
Value: true
www.picussecurity.com/ Name: poptin_user_id
Value: 0.jrfpg6a884
www.picussecurity.com/ Name: vq_initial_source
Value:
www.picussecurity.com/ Name: vq_utm_source
Value:
www.picussecurity.com/ Name: vq_utm_term
Value:
www.picussecurity.com/ Name: vq_utm_medium
Value:
www.picussecurity.com/ Name: vqa_vid
Value: 5b742eac-c62f-42c4-9397-d669a19a64a4
www.picussecurity.com/ Name: poptin_referrer
Value:
.picussecurity.com/ Name: _hjid
Value: 731419dc-44c6-457b-812f-c3d0d1566771
.picussecurity.com/ Name: _hjFirstSeen
Value: 1
.picussecurity.com/ Name: _ga
Value: GA1.2.1574378603.1631238787
.picussecurity.com/ Name: _gid
Value: GA1.2.1429588810.1631238787
.picussecurity.com/ Name: _gat_UA-37993489-1
Value: 1
www.picussecurity.com/ Name: _hjIncludedInPageviewSample
Value: 1
.picussecurity.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.picussecurity.com/ Name: _lfa
Value: LF1.1.6887fac7a4f3de35.1631238787471
www.picussecurity.com/ Name: poptin_user_ip
Value: 216.131.111.174
www.picussecurity.com/ Name: poptin_user_country_code
Value: false
www.picussecurity.com/ Name: poptin_session_account_613f053dd8506
Value: true
www.picussecurity.com/ Name: poptin_d_r_v_d30dcad11266b
Value: 0
www.picussecurity.com/ Name: poptin_session
Value: true
www.picussecurity.com/ Name: poptin_c_visitor
Value: true
.picussecurity.com/ Name: _lo_uid
Value: 202290-1631238787114-4dc0e77c0a3fd217
.picussecurity.com/ Name: _lorid
Value: 202290-1631238787114-9ae897ba56c67f8c
.picussecurity.com/ Name: _lo_v
Value: 1
.picussecurity.com/ Name: __lotl
Value: https%3A%2F%2Fwww.picussecurity.com%2Fresource%2Fblog%2Fsimulating-microsoft-mshtml-cve-2021-40444-zero-day-exploit

1 Console Messages

Source Level URL
Text
network error URL: https://tr.lfeeder.com/?sid=p1e024B6wKW4GB6d&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTM3OTkzNDg5LTEiXSwiZ2FDbGllbnRJZHMiOlsiMTU3NDM3ODYwMy4xNjMxMjM4Nzg3Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuMjYuMiJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly93d3cucGljdXNzZWN1cml0eS5jb20vcmVzb3VyY2UvYmxvZy9zaW11bGF0aW5nLW1pY3Jvc29mdC1tc2h0bWwtY3ZlLTIwMjEtNDA0NDQtemVyby1kYXktZXhwbG9pdCIsInBhZ2VUaXRsZSI6IlNpbXVsYXRpbmcgTWljcm9zb2Z0IE1TSFRNTCBDVkUtMjAyMS00MDQ0NCBaZXJvLURheSBFeHBsb2l0IiwicmVmZXJyZXIiOiIifSwiZXZlbnQiOiJ0cmFja2luZy1ldmVudCIsImNsaWVudEV2ZW50SWQiOiJiZTg3NTg3YWMzOGI5YmJlIiwiY2xpZW50VGltZXN0YW1wIjoiMjAyMS0wOS0xMFQwMTo1MzowNy40NzNaIiwiY2xpZW50VGltZXpvbmUiOjAsInNjcmlwdElkIjoicDFlMDI0QjZ3S1c0R0I2ZCIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS42ODg3ZmFjN2E0ZjNkZTM1LjE2MzEyMzg3ODc0NzEiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9fQ==
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.visitorqueue.com
app.hubspot.com
cdn.popt.in
cdn2.hubspot.net
cdnjs.cloudflare.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
display.popt.in
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hsadspixel.net
js.hscollectedforms.net
js.hsleadflows.net
js.usemessages.com
lh5.googleusercontent.com
platform.linkedin.com
platform.twitter.com
sc.lfeeder.com
script.hotjar.com
settings.luckyorange.net
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
t.visitorqueue.com
tr.lfeeder.com
track.hubspot.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.picussecurity.com
104.16.18.94
104.16.88.5
104.17.112.176
104.17.129.171
104.17.230.204
104.17.237.204
104.17.241.204
104.17.67.176
104.18.20.191
104.19.154.83
104.244.42.72
104.26.0.26
104.26.10.16
13.32.143.100
13.32.143.110
13.32.56.59
13.33.242.115
13.33.242.52
13.33.242.60
13.33.242.94
142.250.74.110
142.250.74.138
142.250.74.99
15.222.195.45
152.199.22.144
172.67.70.79
173.194.222.157
185.60.216.19
199.60.103.227
216.58.207.232
216.58.211.1
54.75.159.38
93.184.220.66
00b4e498e234c71b14fba50f7be5190e5361e3a9d8345926b40c553295d2f2a6
012d56787268201889a1168336194d06792089c88b9cc11d4ed4308fa54b95d3
036fe6409879eb761d10430709e2ae2e84134980939e7242eaaab21313c14022
05087b4843e48f47450a513164d20cf4ea58f5ac6cfeedba6c478cab47611658
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
1018aad3ed798d98490fb01484d0aaf7ba3528f74288091644ae53523c3aa82f
109b317e316baf368c0dff0f14ce68fdf3f6baa0b1a0f55fccc97e60c01531c3
182c0c4a049b82ebaa738d7c22e68bceb8aad2f6d78b94c300b80613c92bff0a
18878ce32911ec98573af832841095fd7cc1ff2fe20ffff93cf57674539e2c57
1d214792b986a7986cf226ad5f346fa58b7857bcfee980f8c3bc897cf17df564
20c185b7eb49180776b4b26fb27a3111d51bd13110ed85c22f4233ecdf5eb4e9
20cdcf578aba67769a54909b38ef0b919268c0489df6339321a1713b38d8dfe8
2bcbf78ee774313aac11e9408816d3392f5249b50df534963ed2303020e8cbe3
30c582f4480ac01ccc5d0040483b6cfbdef887951b12871cbd62b6ab7e6d0b43
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
34350dee947083733dcd88d858cf65df7a4f282846c465b8f9627090aa5da3c0
387fafc4558eb44d4303fb1710ec85e39755ffa9378b8cdf982c7e66db79c463
3b49ee3d1ececfa22283cd0d264670350a76193964849b8ae33ff0183cad884f
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
43ac0ae9e90f01a0afabe35cc0aaa377336aac90759e74770251de89db0af44c
449bd4c9dd10af1fac04aaeebcf8c95c05302086048baef6faad6c6b2defb336
47399f567ee20a34dda641c05cb1d1425be6e5a6bd7d962841153fb52851e3af
4c2d3de532af65b47b752d4b84587392b1206538ddccb3d83fd84d15070f9c95
4e2e62fe9e5fbd988991ac666d0a61f03649343ed729e2bcf4ab373f285bfb19
5458bb001fbaee0822a06901d6989a7568457bc97c78ce726d8884c34f665910
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587cd0ec7f20abeac28c2a915333e8a12c7ea043685cf6a29dae69baedd29d01
5e44a75cc12be671526c1df9e50cfc35a8dbb680beaddb5ab079cedf3621973a
60a7b0cd55aa8f2dfd59b3cc53bfd237fcb3df54a2993c03f9101fc3b2f360eb
69aea70ed00c6297e407afc0b1ccf6db9629eedc412bf0779467f3e462d346e3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
6c4604ecacc87e390821f809ad7adb02efb23fed4458a638617866057419d2b8
6d74aea3ea1a09d7239128033be4a712352c7d38e458103f16f27c9446e8b329
78078258a77fab030b24a53932c0c8d21a0f5ce6e8cee911a0d6d90b2898d233
7b01eefec75fa2dedde4c39ef0d71394acf5a68474c93ffd5a0e05db0bf75503
845f6ed942c91897165e8695ea3cb308eaa3522fc0c9c15ecce9da32c90e9256
87907ed308d9f94e7160fc56e7ede37dcab6c850c76be67de7bb26db0d15e1f0
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8a700615023d6226ad5cc185b271a07aaf8f2ee532ef7c74d98a67c991306e94
8acd930d7a72da64980a950dea0c1507411900cb1459aa8c743e003df27444dd
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8d9170292410620029b47da0ac46631a42535d8a0b61cfd4b0ea2860b9e535af
8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c
963d1c6c2c8a1703d438ee2c652f4bfc3299fd797362f971ef556f4feef65d7d
96e9c53feb97a9d94f4ca6beb7a638a006be6e357063d5f8ee9363e8aab2edad
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
99055dba9f2387917c3e9808aacc7c2e23a12705985bb8c4a6fcef05a2a0c682
a72a14448ee5320221100622671b5a9defdcddc331266def018afc09142d29f0
b5779200444c0da3554694b521545677be435705abd25a27ee04969fdd04d9f0
b8a4e46be38c9ebf85c169e5a4d78b2e7047fbd35319bb12ce8ffba91d9465da
b9a1a646c12fac169e7992657a5e1d838aadb1e74534e085216e23222a1cecd6
bf0089fe5ebbe72d53c0ce9ee78eacce2124eb69363787d20a87b8ec41b4bc00
c60e17dc79dc71bf62414206a27c7212b271ec87001ffb57aa19f9962ba80871
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cd28cf99e2e8aa2015c80e6a4de778bf326824014f8fa42de3606f45b930b76c
d10796cbbc20c4c77064bac037d2970697313e002a8242d09201d6ec40d1c803
d5343b9a9c667a328bd11798a1d4950326c2e48189873d45b2d515c56aad2cd6
d76acf9735c02403bc87313692604261a3c0189d7bc82202c3dd6a32ed678b9d
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
dafc2e9fba20287a8da0b9f2ca12bc5d649bad79dbdbcf294cc98713a55be8c8
dbeb60814bcddc3c9beed36f81c9dd5ce091cff1c5204402fe27c54e8f450882
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e13189d1fff8e31882b630932faaeb79eb98a0c5514addf6770135014f07837a
e39d20e83d85ce70995d12a3ae85b4e0c70a288b04dacd344cfbbecc15f4e5fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b1ba9070d7bde8c36398f130fed6693194d63de9cd5d289f95bf7490999345
eaa530d5f8a92fc7c8b0200d106424857796a41ba12ac159a0a02f37f3d3687b
ee596884317564904ae040715f9d2961b96b088c0034ff3f4904a6ddfea7221f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06150cd74f4090b6b1194c7fb227fda21f859229aa851169b8116e330ee160b
f3145adf1bffb7600649b9ec6dfc09809307e270dbe6283dbb3c217677a33a2e
f49af696423d64edc92826e93ff19bfc20743b648e755c720cd3c8df4354f1af
f590aca52b84eb1f397905ae720c1d384853cf3197d23cb39e80e92c679f4591
f6789b1579e3915acc50ce2f56d956c05dc3186238eb4d1a0d4ad1e403a625ac
f6848a7c6411f11b08ee82b11a490a0dc3b187383b68e5b3adafb9365ed8dd76
f7b861c1a9a573b57465a6c661e88035def5f5891941ae94900a02e4c2ba2b14
fb4e13a1634f80c917db6ab8f891e485494d66c1efeef735585992fb7af993eb
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fb5a1fff57218742c5c1e469970504556a10d235b2379872b4ffcef9901d3bc0
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62