blog.semmle.com Open in urlscan Pro
2606:4700:20::6819:db14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lgtm.com/blog/apache_struts_CVE-2017-9805
Effective URL:
https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Submission: On August 20 via api (August 20th 2019, 11:17:09 pm UTC) from US

Summary HTTP 39 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 39 HTTP transactions. The main IP is 2606:4700:20::6819:db14, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is blog.semmle.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 26th 2019. Valid for: a year.

This is the only time blog.semmle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE - Google LLC)
14	2606:4700:20:... 2606:4700:20::6819:db14	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:43b0	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:efcc	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:82ab	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2606:4700::68... 2606:4700::6810:f905	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700::68... 2606:4700::6810:fa05	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
39	14

1 2001:4860:4802:38::15 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

lgtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:20::6819:db14 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

blog.semmle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:43b0 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efcc (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:82ab (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f905 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:fa05 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	semmle.com blog.semmle.com	936 KB
4	hsforms.com forms.hsforms.com	2 KB
3	hubspot.com api.hubspot.com track.hubspot.com	1 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net Failed	102 B
1	hsforms.net js.hsforms.net	116 KB
1	hscollectedforms.net js.hscollectedforms.net	20 KB
1	usemessages.com js.usemessages.com	14 KB
1	hs-analytics.net js.hs-analytics.net	26 KB
1	hs-scripts.com js.hs-scripts.com	1 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	googletagmanager.com www.googletagmanager.com	24 KB
1	lgtm.com 1 redirects lgtm.com	1 KB
39	13

	Domain	Requested by
14	blog.semmle.com	blog.semmle.com
4	forms.hsforms.com	js.hsforms.net blog.semmle.com
2	track.hubspot.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	stats.g.doubleclick.net	blog.semmle.com
1	api.hubspot.com	js.usemessages.com
1	js.hsforms.net	blog.semmle.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	blog.semmle.com
1	lgtm.com	1 redirects
0	googleads.g.doubleclick.net Failed	www.googleadservices.com
39	15

This site contains links to these domains. Also see Links.

Domain
semmle.com
help.semmle.com
lgtm.com
news.ycombinator.com
struts.apache.org
cve.mitre.org
cwiki.apache.org
frohoff.github.io
www.bleepingcomputer.com
www.linkedin.com

Subject Issuer	Validity	Valid
semmle.com CloudFlare Inc ECC CA-2	`2019-03-26` - `2020-03-26`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
ssl817718.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-13` - `2020-02-19`	6 months	crt.sh
ssl803670.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-29` - `2019-12-05`	6 months	crt.sh
ssl817703.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-13` - `2020-02-19`	6 months	crt.sh
ssl803673.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-05-29` - `2019-12-05`	6 months	crt.sh
ssl766686.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-06-28` - `2020-01-04`	6 months	crt.sh
ssl431287.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-24` - `2020-01-30`	6 months	crt.sh
hubspot.com CloudFlare Inc ECC CA-2	`2019-06-16` - `2020-06-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Frame ID: 2A2B5D0DBC353ECE70B962C57DE36AE3
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://lgtm.com/blog/apache_struts_CVE-2017-9805 HTTP 301
https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/ Page URL

Detected technologies

Gatsby (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Gatsby(?: ([0-9.]+))?$/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i
meta generator /^Gatsby(?: ([0-9.]+))?$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Gatsby(?: ([0-9.]+))?$/i

Page Statistics

39
Requests

77 %
HTTPS

93 %
IPv6

13
Domains

15
Subdomains

14
IPs

3
Countries

1282 kB
Transfer

2673 kB
Size

0
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://semmle.com/privacy-policy/
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://semmle.com/

Search URL Search Domain Scan URL

URL: https://semmle.com/#book-a-demo
Title: book a demo

Search URL Search Domain Scan URL

URL: https://semmle.com/ql
Title: QL

Search URL Search Domain Scan URL

URL: https://semmle.com/lgtm
Title: LGTM

Search URL Search Domain Scan URL

URL: https://semmle.com/variant-analysis
Title: Variant Analysis

Search URL Search Domain Scan URL

URL: https://semmle.com/security
Title: Security Research

Search URL Search Domain Scan URL

URL: https://semmle.com/case-studies
Title: Case Studies

Search URL Search Domain Scan URL

URL: https://semmle.com/about
Title: About Us

Search URL Search Domain Scan URL

URL: https://semmle.com/events
Title: Events

Search URL Search Domain Scan URL

URL: https://semmle.com/careers
Title: Jobs

Search URL Search Domain Scan URL

URL: https://semmle.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://help.semmle.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://lgtm.com/?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: GO TO LGTM.COM

Search URL Search Domain Scan URL

URL: https://news.ycombinator.com/submitlink?u=https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/&t=CVE-2017-9805:%20How%20QL%20found%20a%20remote%20code%20execution%20vulnerability%20in%20Apache%20Struts

Search URL Search Domain Scan URL

URL: https://struts.apache.org/
Title: Apache Struts

Search URL Search Domain Scan URL

URL: https://lgtm.com/blog/apache_struts_CVE-2017-9805_announcement?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: can be found here

Search URL Search Domain Scan URL

URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9805
Title: CVE-2017-9805

Search URL Search Domain Scan URL

URL: https://struts.apache.org/announce.html
Title: release announcement

Search URL Search Domain Scan URL

URL: https://struts.apache.org/docs/s2-052.html
Title: security bulletin

Search URL Search Domain Scan URL

URL: https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.3.34
Title: 2.3.34

Search URL Search Domain Scan URL

URL: https://cwiki.apache.org/confluence/display/WW/Version+Notes+2.5.13
Title: 2.5.13

Search URL Search Domain Scan URL

URL: https://frohoff.github.io/appseccali-marshalling-pickles/
Title: discovered a deserialization flaw in Apache Commons Collections

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/50-google-engineers-volunteered-to-patch-thousands-of-java-open-source-projects/
Title: Many Java applications

Search URL Search Domain Scan URL

URL: https://lgtm.com/blog/finding_unsafe_deserialization_with_ql?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: LGTM documentation page on this topic

Search URL Search Domain Scan URL

URL: https://lgtm.com/rules/1823453799/?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: potentially unsafe deserialization of user-controlled data

Search URL Search Domain Scan URL

URL: http://struts.apache.org/maven/struts2-plugins/struts2-rest-plugin/apidocs/org/apache/struts2/rest/handler/ContentTypeHandler.html
Title: ContentTypeHandler

Search URL Search Domain Scan URL

URL: https://lgtm.com/query/rule:1823453799?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: Deserialization of user-controlled data query

Search URL Search Domain Scan URL

URL: https://lgtm.com/query/2055730541/project:1878521151/lang:java?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: one result

Search URL Search Domain Scan URL

URL: https://lgtm.com/docs/lgtm/using-lgtm-analysis-continuous-integration?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: pull request integration

Search URL Search Domain Scan URL

URL: https://lgtm.com/blog?__hstc=70225743.0b8c0c6d70a26f709d6d0ce30d76ae23.1566343003342.1566343003342.1566343003342.1&__hssc=70225743.1.1566343003346&__hsfp=818329955
Title: LGTM.com

Search URL Search Domain Scan URL

URL: https://semmle.com/privacy-policy
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://semmle.com/terms-conditions
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/semmle
Title: Follow us on LinkedIn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lgtm.com/blog/apache_struts_CVE-2017-9805 HTTP 301
https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j78&a=844116824&t=pageview&_s=1&dl=https%3A%2F%2Fblog.semmle.com%2Fapache-struts-vulnerability-cve-2017-9805%2F&ul=en-us&de=UTF-8&dt=CVE-2017-9805%3A%20How%20QL%20found%20a%20remote%20code%20execution%20vulnerability%20in%20Apache%20Struts%20%7C%20Semmle%20Blog&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=361504402&gjid=1901304748&cid=2025721828.1566342995&tid=UA-36097845-1&_gid=1726509260.1566342995&_r=1&gtm=2wg874K53TDXZ&z=589911981 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36097845-1&cid=2025721828.1566342995&jid=361504402&_gid=1726509260.1566342995&gjid=1901304748&_v=j78&z=589911981

39 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Redirect Chain

https://lgtm.com/blog/apache_struts_CVE-2017-9805
https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/

239 KB
135 KB

442ms
403ms

Document
text/html

2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d9fc8f30c688996542aa17ad6c3e67262f273ef39620374c204bb5a1635f6b82

Request headers

:method: GET
:authority: blog.semmle.com
:scheme: https
:path: /apache-struts-vulnerability-cve-2017-9805/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
date: Tue, 20 Aug 2019 23:16:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df6ea67a72367fe02118b356e25dd6ec91566342992; expires=Wed, 19-Aug-20 23:16:32 GMT; path=/; domain=.semmle.com; HttpOnly; Secure
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Mon, 19 Aug 2019 20:45:28 GMT
etag: W/"3ba91-16caba0a640"
via: 1.1 vegur
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 509813550da8dfb7-FRA
content-encoding: br

Redirect headers

status: 301
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block; report=https://lgtm.com/browser_report/
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://stats.g.doubleclick.net https://js.hs-scripts.com https://js.hscollectedforms.net https://js.hs-analytics.net https://js.usemessages.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://www.gravatar.com https://img.shields.io https://www.google-analytics.com https://stats.g.doubleclick.net https://track.hubspot.com; object-src 'none'; connect-src 'self' https://forms.hubspot.com https://storage.googleapis.com; font-src 'self'; media-src 'self'; manifest-src 'self'; frame-src https://www.youtube.com; report-uri https://lgtm.com/browser_report/; report-to https://lgtm.com/browser_report/
referrer-policy: same-origin
strict-transport-security: max-age=31536000; includeSubDomains
set-cookie: lgtm_short_session=68cb140b988f10de4960aaaa7b810a1b8aed4ff63435a283f275e6b972774b92dd1f09bd8327c1b39a955d80d076dc7826d1f6694a92f56f2cad7dbb0a03bd40;Path=/;Secure;HttpOnly lgtm_long_session=60bf1f607cea4948c7aafb4fe198b5e12c08e4fc454adcdd7a5dc9a5a61f977b6421df71fb1949f20020a93dc640ed64ac6eba73e17d8ccb42952091bfc67619;Path=/;Expires=Wed, 19-Aug-2020 23:16:32 GMT;Secure;HttpOnly
expires: Fri, 01 Jan 1990 00:00:00 GMT
x-deploy-time: 1566293577000
location: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
x-cloud-trace-context: 7366025b6b6fd3024f6963ca41ccd00a;o=1
date: Tue, 20 Aug 2019 23:16:32 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate
content-type: text/html
server: Google Frontend
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 73 KB
24 KB 38ms
17ms Script
application/javascript 2a00:1450:4001:80b::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K53TDXZ

Requested by

Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

309c73f79a63c860555076371a3a8593ce2ab44eeac9773e8fc23a9109e8b289

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:32 GMT
content-encoding: br
last-modified: Tue, 20 Aug 2019 21:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 24299
x-xss-protection: 0
expires: Tue, 20 Aug 2019 23:16:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
18 KB 2586ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K53TDXZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Jul 2019 21:35:27 GMT
server: Golfe2
age: 4678
date: Tue, 20 Aug 2019 21:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17724
expires: Tue, 20 Aug 2019 23:58:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 5675ms
23ms Script
text/javascript 216.58.210.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K53TDXZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

0bcc6754df5587a76ab8e050914ae579051169c8412343f44e438b0d77b6967c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9094
x-xss-protection: 0
server: cafe
etag: 14081135725490644800
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Aug 2019 23:16:38 GMT

GET
H2 200 component---src-templates-post-page-jsx-da740c83bb59ba617d3e.js Show response
blog.semmle.com/ 161 KB
50 KB 755ms
754ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/component---src-templates-post-page-jsx-da740c83bb59ba617d3e.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 9b5efa524a1ffe6649f86213bd850a286164eddab81b4e64faae2a956d071c94

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50981359dd84dfb7-FRA
date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"28446-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
H2 200 app-a61e30991647bbd3c372.js Show response
blog.semmle.com/ 188 KB
56 KB 684ms
682ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/app-a61e30991647bbd3c372.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 104688641b350d39d275e5b3bd0d153c6c0b951be70be6fd94056a1c245d35e6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50981359dd87dfb7-FRA
date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"2ef9b-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
H2 200 0-19fd4ce0d17c9804ba44.js Show response
blog.semmle.com/ 527 KB
208 KB 727ms
726ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/0-19fd4ce0d17c9804ba44.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ba0579d7e5c1dec805c489f4b091ecb434cf6bcfb7b4b9ef3df473bc26a90e48

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50981359dd88dfb7-FRA
date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"83c5b-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
H2 200 1-24d9cd0a09a6d7a799fa.js Show response
blog.semmle.com/ 193 KB
124 KB 646ms
645ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/1-24d9cd0a09a6d7a799fa.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fe67a41964cc04aebe799b4e145e609db8223aa3aed905c832a6f9ad2ef7b9ac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50981359dd89dfb7-FRA
date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"30418-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
H2 200 14-4556c848ba03226b5902.js Show response
blog.semmle.com/ 50 KB
16 KB 564ms
563ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/14-4556c848ba03226b5902.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d60bebc4bc9b534ac7e93470e75574a1ddbdcddc5fe5c532ddeec5639186b856

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50981359dd8adfb7-FRA
date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"c636-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
H2 200 3-5ece0a646f08a18ca974.js Show response
blog.semmle.com/ 69 KB
24 KB 579ms
578ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/3-5ece0a646f08a18ca974.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 079203f0e8e2f337afb75aa76b09caff17d011e8eb5b8ee43993149d998c238e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50981359dd8bdfb7-FRA
date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"1148e-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
H2 200 webpack-runtime-114ee4c332a2743fa510.js Show response
blog.semmle.com/ 3 KB
1 KB 711ms
710ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/webpack-runtime-114ee4c332a2743fa510.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2de13cd0991e281aa986839317b333f53264158a2d67ddc0a9aa6c6e7bbc66b3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50981359dd8cdfb7-FRA
date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"b39-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
H2 200 path---apache-struts-vulnerability-cve-2017-9805-429-125-XoPlzGgFuCCemO1PhMunMaKuEE4.json
blog.semmle.com/static/d/178/ 17 KB
6 KB 569ms
569ms Other
application/json 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/static/d/178/path---apache-struts-vulnerability-cve-2017-9805-429-125-XoPlzGgFuCCemO1PhMunMaKuEE4.json
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 53fe0d52f4c9d6eb554b9e291cc3d4d5013422d0369b72190eb905772fdc1896

Request headers

Sec-Fetch-Mode: cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Origin: https://blog.semmle.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"4582-16cab9d3370"
last-modified: Mon, 19 Aug 2019 20:41:42 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 50981359dd8ddfb7-FRA
content-type: application/json; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 745bc207493d7828b999f7fbdc74b30584ec6adb5dd078c6c422d32e816e070a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 38 KB
38 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 330ffaf06f7e58e60861e6d21e23e7e855e9a5abe2d7f2af7773929514c03b9c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://blog.semmle.com

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 38 KB
38 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dedde4a0e58d75b1524c2198ef8d5cde603ee8c8bf8e4de94dcca9cf752c6659

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://blog.semmle.com

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ 39 KB
39 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1867b319ec83f5a1acd7eb87ee4930e0e011f1c6b5ff64b0a802e04b79944893

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://blog.semmle.com

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 double_calculator.png
blog.semmle.com/static/9e6d8f06c8344610be2e5cf62df9e4e6/e4982/ 88 KB
88 KB 486ms
485ms Image
image/png 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.semmle.com/static/9e6d8f06c8344610be2e5cf62df9e4e6/e4982/double_calculator.png
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e15d4cfa7671ea99087c8d2c06e570c31ee6afe433a928a04062725628b79557

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"15e89-16cab9efc78"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:43:39 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5098135a5e64dfb7-FRA
content-length: 89737

GET
H2 200 struts.png
blog.semmle.com/static/06b1b949aad5e3dc5571bb74dbd88a3e/a489e/ 78 KB
78 KB 540ms
540ms Image
image/png 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.semmle.com/static/06b1b949aad5e3dc5571bb74dbd88a3e/a489e/struts.png
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 821dbf021433c1a36afc6c42ca51101efd0a9e71638d155343e74f989e2e1d32

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"13746-16cab9d1430"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:41:34 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5098135a5e66dfb7-FRA
content-length: 79686

GET
H2 200 restlet-vulnerable.png
blog.semmle.com/static/14234fc69ae120fa5a1962eb5903d840/e4982/ 65 KB
65 KB 470ms
469ms Image
image/png 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.semmle.com/static/14234fc69ae120fa5a1962eb5903d840/e4982/restlet-vulnerable.png
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 860a07fb5ef74a28ad10fb39bca7d17a18f3f896f8cc74766bcd3b0a5cdf78de

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"10343-16cab9dc010"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:42:18 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5098135a5e67dfb7-FRA
content-length: 66371

GET
H2 200 spring-vulnerable.png
blog.semmle.com/static/8f3c8b9a6de4932efa69b428e57c2e77/e4982/ 76 KB
76 KB 529ms
528ms Image
image/png 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.semmle.com/static/8f3c8b9a6de4932efa69b428e57c2e77/e4982/spring-vulnerable.png
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 781174e24a27ff08fedaeaccc51fce88f40efd5d708ab31d3b5be2a598d679d9

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:33 GMT
via: 1.1 vegur
etag: W/"130bb-16cab9e1218"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:42:39 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5098135a5e68dfb7-FRA
content-length: 78011

GET
H2 200 4758889.js Show response
js.hs-scripts.com/ 2 KB
1 KB 899ms
111ms Script
application/javascript 2606:4700::6811:d4cc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/4758889.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K53TDXZ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17923ba075425d7cda07347365c064ad6168935d6bd3d352ae304511bc0d7a9f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:33 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: EXPIRED
status: 200
content-length: 554
server: cloudflare
x-trace: 2B3BB812B3CC11605FA1DA29769BFCC98F68209EB9000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://blog.semmle.com
cache-control: public, max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 5098135f6897c29f-FRA
expires: Tue, 20 Aug 2019 23:17:33 GMT

GET
H2 200 4758889.js Show response
js.hs-analytics.net/analytics/1566342900000/ 77 KB
26 KB 687ms
129ms Script
text/javascript 2606:4700::6811:43b0
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1566342900000/4758889.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4758889.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:43b0 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 491543ba0e33dccfba8a8ac3423488a7df4d7c51c9467994f4831e236e89692e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:34 GMT
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 466E51F05EA3EC36
cf-ray: 50981363a92596e6-FRA
status: 200
x-amz-id-2: h1MIlo53OsZbbNx5UE1VRKaER+fZmXIwevISTzRc0/bQ04uAKtB6MdGX/oedRfkGQpV1pxcvUEs=
last-modified: Fri, 02 Aug 2019 20:07:02 GMT
server: cloudflare
etag: W/"3eef4ebea31310bab0d0e960dfb59452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Tue, 20 Aug 2019 23:21:34 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 57 KB
14 KB 1283ms
17ms Script
application/javascript 2606:4700::6811:efcc
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4758889.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:efcc , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c33aa17bdd4d7cb5e7387219518c0740df55c6c4c4bf429899a154025a33e4a4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
via: 1.1 495532b0efe43a0c4d32da9e6929277f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 35
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: br
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Aug 2019 05:55:19 GMT
server: cloudflare
etag: W/"dcd085ca9fdb9c2863c52738a72d624b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: KKZ527zONtEsdweVPguZbA1cjiryp00_
cache-control: max-age=600
x-amz-cf-pop: IAD79-C2
cf-ray: 509813680906dffb-FRA
x-amz-cf-id: 8PPMTNRmWTB5kjCPOsMsGljqfqm0y4XrhIrhZP58SVaUPTJJnB_HZA==

GET
H2 200 collectedforms-b.js Show response
js.hscollectedforms.net/ 77 KB
20 KB 1204ms
111ms Script
application/javascript 2606:4700::6811:82ab
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms-b.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/4758889.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:82ab , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d31225bc6ba98dbdbf3ffd259b22f5291983d8442237d0df7bc459bb691e3e

Request headers

Sec-Fetch-Mode: cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
Origin: https://blog.semmle.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
via: 1.1 39174a6a452e175e6e614ff396a4ca4f.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: REVALIDATED
x-amz-cf-pop: IAD79-C1
cf-ray: 50981366faad9abc-FRA
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: gzip
last-modified: Tue, 13 Aug 2019 03:50:16 GMT
server: cloudflare
etag: W/"6ea2d5913b2973940b7d3a0e9ee234bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: vHumD5JHvMdyi2NMk5qf6rnfD1uUAcij
access-control-allow-origin: *
cache-control: max-age=600
content-type: application/javascript; charset=utf-8
x-amz-cf-id: oh2CAG8lzDdPRb4Oc-C1RAqYdK8_xM45ZDbpqYWQP6dl4bDtWu2RFQ==

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 418 KB
116 KB 578ms
19ms Script
application/javascript 2606:4700::6811:b949
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: blog.semmle.com
URL: https://blog.semmle.com/0-19fd4ce0d17c9804ba44.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c7e488257202ee0377a93654091d42927aeaf6b8d5b8967da55e6d4c19613de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
via: 1.1 b06057d522f80c65400aebb1c06a2d72.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 6
x-cache: Hit from cloudfront
status: 200
x-amz-replication-status: COMPLETED
content-encoding: gzip
content-type: application/javascript; charset=utf-8
last-modified: Wed, 03 Jul 2019 02:20:24 GMT
server: cloudflare
etag: W/"4be6a1b11b9143e6c28df13cd088cbb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-version-id: rLdSFpSzEWl2SCnov8FAHuaiM3fcUK_7
access-control-allow-origin: *
cache-control: max-age=600
x-amz-cf-pop: IAD53
cf-ray: 50981367ce3edfbf-FRA
x-amz-cf-id: H9svGPdNI8b6R9gzc2uKo0Y-6XRBbySxHLfDb2WnzL8SeDNDfUcY0g==

GET
H2 200 pages-manifest-731f9968f320340fcb04.js Show response
blog.semmle.com/ 30 KB
8 KB 586ms
546ms Script
application/javascript 2606:4700:20::6819:db14
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.semmle.com/pages-manifest-731f9968f320340fcb04.js
Requested by: Host: blog.semmle.com
URL: https://blog.semmle.com/webpack-runtime-114ee4c332a2743fa510.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:db14 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b3ed55f6497386c164a777f4d30212fb39e54dcb8bdc76c2d1d1ec62a2d68cce

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 509813648c16dfcb-FRA
date: Tue, 20 Aug 2019 23:16:35 GMT
via: 1.1 vegur
etag: W/"795b-16caba08318"
cf-cache-status: MISS
last-modified: Mon, 19 Aug 2019 20:45:19 GMT
server: cloudflare
x-powered-by: Express
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=0
content-encoding: br

GET path---authors-man-yue-mo-458-578-w1z56KG8ClcUBuELAZmo4fcw.json
blog.semmle.com/static/d/233/ 0
0

GET component---src-templates-author-page-jsx-3d3126170b88d2067b97.js
blog.semmle.com/ 0
0

GET path---tags-news-952-a6c-wh2NIbVEa2ZnarTs5CjvcVmvJ4o.json
blog.semmle.com/static/d/345/ 0
0

GET component---src-templates-tag-page-jsx-5df93553fd68399b3697.js
blog.semmle.com/ 0
0

GET path---tags-ql-f-9-f-9f1-3foOhRBsV4gEZyK53bAFylFQAYc.json
blog.semmle.com/static/d/465/ 0
0

GET path---index-6a9-3zGYF32yaOgPRj6G9frMOfdIRtg.json
blog.semmle.com/static/d/739/ 0
0

GET component---src-pages-index-jsx-e404cb82d16e06ad6429.js
blog.semmle.com/ 0
0

GET path---tags-security-4-c-3-2cd-aUVp75J9kXJzwEQZqGvjTYgmdw.json
blog.semmle.com/static/d/20/ 0
0

GET
H2 200 53ad10da-bdc3-4b5c-a9a6-d9d1ed7834e1 Show response
forms.hsforms.com/embed/v3/form/4758889/ 2 KB
2 KB 122ms
105ms Script
application/javascript 2606:4700::6810:5905
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/4758889/53ad10da-bdc3-4b5c-a9a6-d9d1ed7834e1?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b90d62cf73af1f0b31c96fff6c24369472ae7573a8b00595557c30334bda5e00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-disposition: attachment; filename=no-rfd.txt
vary: Accept-Encoding
content-length: 1281
server: cloudflare
x-trace: 2B21FA9D4827F044D062EAF32385B199735DC9AE96000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 509813684f97c29a-FRA

GET
H2 200 timings.gif
forms.hsforms.com/embed/v3/ 35 B
149 B 196ms
179ms Image
image/gif 2606:4700::6810:5905
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/timings.gif?key=embed-script&valueInMs=43.80500037223101

Requested by

Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
server: cloudflare
x-trace: 2B5E77A02C29E6FBD40653F6B2610AB22430A2E60A000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 509813684f9ac29a-FRA
content-length: 35

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 300 B
902 B 148ms
111ms XHR
application/json 2606:4700::6810:f905
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=4758889&conversations-embed=static-1.4138&mobile=false&messagesUtk=6a901419bb25426ebecd5efb91f2c6ff

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:f905 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab56e6711b9ffa15f77136db0b00bbd15bb863e47b14da643535af85fe0d9c01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-HubSpot-Messages-Uri: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 236
server: cloudflare
x-trace: 2BEF3104F1A8BFB330C49667B74B950911D922AB0B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://blog.semmle.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 5098136ada79973c-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j78&a=844116824&t=pageview&_s=1&dl=https%3A%2F%2Fblog.semmle.com%2Fapache-struts-vulnerability-cve-2017-9805%2F&ul=en-us&de=UTF-8&dt=CVE-2017-9805%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36097845-1&cid=2025721828.1566342995&jid=361504402&_gid=1726509260.1566342995&gjid=1901304748&_v=j78&z=589911981

35 B
102 B

167ms
15ms

Image
image/gif

2a00:1450:400c:c00::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36097845-1&cid=2025721828.1566342995&jid=361504402&_gid=1726509260.1566342995&gjid=1901304748&_v=j78&z=589911981

Requested by

Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Aug 2019 23:16:35 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Aug 2019 23:16:35 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-36097845-1&cid=2025721828.1566342995&jid=361504402&_gid=1726509260.1566342995&gjid=1901304748&_v=j78&z=589911981
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 timings.gif
forms.hsforms.com/embed/v3/ 35 B
138 B 102ms
101ms Image
image/gif 2606:4700::6810:5905
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/timings.gif?key=fetch-definition&valueInMs=122.92500026524067

Requested by

Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
server: cloudflare
x-trace: 2B35B5995044B1E4B2CC6FD03D805FC71C0E00016E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5098136938e0c29a-FRA
content-length: 35

GET
H2 200 timings.gif
forms.hsforms.com/embed/v3/ 35 B
138 B 103ms
103ms Image
image/gif 2606:4700::6810:5905
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/timings.gif?key=render&valueInMs=31.78500011563301

Requested by

Host: blog.semmle.com
URL: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 20 Aug 2019 23:16:35 GMT
server: cloudflare
x-trace: 2B8C8AE2EEDC66C44D1B7FF10D15A4187147DC788B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ranges: bytes
cf-ray: 5098136938e1c29a-FRA
content-length: 35

GET /
googleads.g.doubleclick.net/pagead/viewthroughconversion/798319813/ 0
0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
464 B 43ms
26ms Image
image/gif 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=4758889&pu=https%3A%2F%2Fblog.semmle.com%2Fapache-struts-vulnerability-cve-2017-9805%2F&t=CVE-2017-9805%3A+How+QL+found+a+remote+code+execution+vulnerability+in+Apache+Struts+%7C+Semmle+Blog&cts=1566343003357&vi=0b8c0c6d70a26f709d6d0ce30d76ae23&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 5098139b5d4dd6e1-FRA
date: Tue, 20 Aug 2019 23:16:43 GMT
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: none
content-length: 45

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
103 B 45ms
28ms Image
image/gif 2606:4700::6810:fa05
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=53ad10da-bdc3-4b5c-a9a6-d9d1ed7834e1&fci=b980bb29-2f94-44f9-86fa-3bd4c707ce89&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=818329955&v=1.1&a=4758889&pu=https%3A%2F%2Fblog.semmle.com%2Fapache-struts-vulnerability-cve-2017-9805%2F&t=CVE-2017-9805%3A+How+QL+found+a+remote+code+execution+vulnerability+in+Apache+Struts+%7C+Semmle+Blog&cts=1566343003393&vi=0b8c0c6d70a26f709d6d0ce30d76ae23&nc=true&ce=false&pt=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fa05 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://blog.semmle.com/apache-struts-vulnerability-cve-2017-9805/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 5098139b5d4ed6e1-FRA
date: Tue, 20 Aug 2019 23:16:43 GMT
content-type: image/gif
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI CUR ADM OUR NOR STA NID"
status: 200
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-robots-tag: none
content-length: 45

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blog.semmle.com
URL: https://blog.semmle.com/static/d/233/path---authors-man-yue-mo-458-578-w1z56KG8ClcUBuELAZmo4fcw.json

Domain: blog.semmle.com
URL: https://blog.semmle.com/component---src-templates-author-page-jsx-3d3126170b88d2067b97.js

Domain: blog.semmle.com
URL: https://blog.semmle.com/static/d/345/path---tags-news-952-a6c-wh2NIbVEa2ZnarTs5CjvcVmvJ4o.json

Domain: blog.semmle.com
URL: https://blog.semmle.com/component---src-templates-tag-page-jsx-5df93553fd68399b3697.js

Domain: blog.semmle.com
URL: https://blog.semmle.com/static/d/465/path---tags-ql-f-9-f-9f1-3foOhRBsV4gEZyK53bAFylFQAYc.json

Domain: blog.semmle.com
URL: https://blog.semmle.com/static/d/739/path---index-6a9-3zGYF32yaOgPRj6G9frMOfdIRtg.json

Domain: blog.semmle.com
URL: https://blog.semmle.com/component---src-pages-index-jsx-e404cb82d16e06ad6429.js

Domain: blog.semmle.com
URL: https://blog.semmle.com/static/d/20/path---tags-security-4-c-3-2cd-aUVp75J9kXJzwEQZqGvjTYgmdw.json

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/798319813/?random=1566342998304&cv=9&fst=1566342998304&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg874&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fblog.semmle.com%2Fapache-struts-vulnerability-cve-2017-9805%2F&tiba=CVE-2017-9805%3A%20How%20QL%20found%20a%20remote%20code%20execution%20vulnerability%20in%20Apache%20Struts%20%7C%20Semmle%20Blog&async=1&rfmt=3&fmt=4

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://blog.semmle.com/1-24d9cd0a09a6d7a799fa.js(Line 1) Message: Form ready!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubspot.com
blog.semmle.com
forms.hsforms.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-scripts.com
js.hscollectedforms.net
js.hsforms.net
js.usemessages.com
lgtm.com
stats.g.doubleclick.net
track.hubspot.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
blog.semmle.com
googleads.g.doubleclick.net
2001:4860:4802:38::15
216.58.210.2
2606:4700:20::6819:db14
2606:4700::6810:5905
2606:4700::6810:f905
2606:4700::6810:fa05
2606:4700::6811:43b0
2606:4700::6811:82ab
2606:4700::6811:b949
2606:4700::6811:d4cc
2606:4700::6811:efcc
2a00:1450:4001:80b::2008
2a00:1450:4001:80b::200e
2a00:1450:400c:c00::9a
079203f0e8e2f337afb75aa76b09caff17d011e8eb5b8ee43993149d998c238e
0bcc6754df5587a76ab8e050914ae579051169c8412343f44e438b0d77b6967c
104688641b350d39d275e5b3bd0d153c6c0b951be70be6fd94056a1c245d35e6
17923ba075425d7cda07347365c064ad6168935d6bd3d352ae304511bc0d7a9f
1867b319ec83f5a1acd7eb87ee4930e0e011f1c6b5ff64b0a802e04b79944893
2de13cd0991e281aa986839317b333f53264158a2d67ddc0a9aa6c6e7bbc66b3
309c73f79a63c860555076371a3a8593ce2ab44eeac9773e8fc23a9109e8b289
330ffaf06f7e58e60861e6d21e23e7e855e9a5abe2d7f2af7773929514c03b9c
491543ba0e33dccfba8a8ac3423488a7df4d7c51c9467994f4831e236e89692e
53fe0d52f4c9d6eb554b9e291cc3d4d5013422d0369b72190eb905772fdc1896
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
745bc207493d7828b999f7fbdc74b30584ec6adb5dd078c6c422d32e816e070a
781174e24a27ff08fedaeaccc51fce88f40efd5d708ab31d3b5be2a598d679d9
821dbf021433c1a36afc6c42ca51101efd0a9e71638d155343e74f989e2e1d32
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
860a07fb5ef74a28ad10fb39bca7d17a18f3f896f8cc74766bcd3b0a5cdf78de
8c7e488257202ee0377a93654091d42927aeaf6b8d5b8967da55e6d4c19613de
9b5efa524a1ffe6649f86213bd850a286164eddab81b4e64faae2a956d071c94
ab56e6711b9ffa15f77136db0b00bbd15bb863e47b14da643535af85fe0d9c01
b3ed55f6497386c164a777f4d30212fb39e54dcb8bdc76c2d1d1ec62a2d68cce
b90d62cf73af1f0b31c96fff6c24369472ae7573a8b00595557c30334bda5e00
ba0579d7e5c1dec805c489f4b091ecb434cf6bcfb7b4b9ef3df473bc26a90e48
c33aa17bdd4d7cb5e7387219518c0740df55c6c4c4bf429899a154025a33e4a4
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
d60bebc4bc9b534ac7e93470e75574a1ddbdcddc5fe5c532ddeec5639186b856
d9fc8f30c688996542aa17ad6c3e67262f273ef39620374c204bb5a1635f6b82
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dedde4a0e58d75b1524c2198ef8d5cde603ee8c8bf8e4de94dcca9cf752c6659
e15d4cfa7671ea99087c8d2c06e570c31ee6afe433a928a04062725628b79557
f0d31225bc6ba98dbdbf3ffd259b22f5291983d8442237d0df7bc459bb691e3e
fe67a41964cc04aebe799b4e145e609db8223aa3aed905c832a6f9ad2ef7b9ac

blog.semmle.com Open in urlscan Pro 2606:4700:20::6819:db14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

77 %HTTPS

93 %IPv6

13 Domains

15 Subdomains

14 IPs

3 Countries

1282 kBTransfer

2673 kBSize

0 Cookies

34 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.semmle.com Open in urlscan Pro
2606:4700:20::6819:db14 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

77 %
HTTPS

93 %
IPv6

13
Domains

15
Subdomains

14
IPs

3
Countries

1282 kB
Transfer

2673 kB
Size

0
Cookies

39 HTTP transactions
4 data transactions