blog.netlab.360.com Open in urlscan Pro
36.110.234.55 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Submission: On July 27 via api (July 27th 2021, 6:26:59 pm UTC) from US

Summary HTTP 64 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 18 domains to perform 64 HTTP transactions. The main IP is 36.110.234.55, located in Beijing, China and belongs to CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN. The main domain is blog.netlab.360.com.
TLS certificate: Issued by WoTrus DV Server CA [Run by the Issuer] on January 26th 2021. Valid for: a year.

This is the only time blog.netlab.360.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	36.110.234.55 36.110.234.55	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
13	2600:9000:212... 2600:9000:2127:6c00:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:a40d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:800::200d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
5	151.101.12.64 151.101.12.64	54113 (FASTLY) (FASTLY)
4 6	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
2 3	65.9.96.89 65.9.96.89	16509 (AMAZON-02) (AMAZON-02)
1 1	52.214.43.23 52.214.43.23	16509 (AMAZON-02) (AMAZON-02)
2 4	52.212.225.58 52.212.225.58	16509 (AMAZON-02) (AMAZON-02)
3 3	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
64	19

20 36.110.234.55 (Beijing, China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

blog.netlab.360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

blog-netlab-360.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:2127:6c00:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:a40d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.viglink.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.12.64 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

glitter.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

ejp.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.96.89 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.43.23 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-43-23.eu-west-1.compute.amazonaws.com

obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.212.225.58 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-225-58.eu-west-1.compute.amazonaws.com

io.narrative.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.13 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	360.com blog.netlab.360.com	2 MB
14	disquscdn.com c.disquscdn.com a.disquscdn.com	546 KB
11	disqus.com blog-netlab-360.disqus.com disqus.com glitter.services.disqus.com referrer.disqus.com links.services.disqus.com	60 KB
6	rlcdn.com 4 redirects ejp.rlcdn.com idsync.rlcdn.com	2 KB
5	google.com 1 redirects apis.google.com accounts.google.com fcmatch.google.com	42 KB
4	narrative.io 2 redirects io.narrative.io	1 KB
3	adnxs.com 3 redirects ib.adnxs.com	3 KB
3	rezync.com 2 redirects live.rezync.com	3 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net	1 KB
2	rfihub.com 2 redirects p.rfihub.com	2 KB
2	viglink.com cdn.viglink.com	541 B
2	facebook.net connect.facebook.net	69 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	imrworldwide.com 1 redirects obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	139 B
1	youtube.com fcmatch.youtube.com
1	gstatic.com ssl.gstatic.com	40 KB
1	facebook.com www.facebook.com
1	jquery.com code.jquery.com	30 KB
64	18

	Domain	Requested by
20	blog.netlab.360.com	blog.netlab.360.com
13	c.disquscdn.com	blog-netlab-360.disqus.com disqus.com c.disquscdn.com
4	idsync.rlcdn.com	2 redirects live.rezync.com
4	io.narrative.io	2 redirects blog.netlab.360.com
4	links.services.disqus.com	c.disquscdn.com blog.netlab.360.com
4	disqus.com	blog-netlab-360.disqus.com c.disquscdn.com
3	ib.adnxs.com	3 redirects
3	live.rezync.com	2 redirects c.disquscdn.com
3	cm.g.doubleclick.net	3 redirects
2	p.rfihub.com	2 redirects
2	ejp.rlcdn.com	2 redirects
2	accounts.google.com	apis.google.com ssl.gstatic.com
2	cdn.viglink.com	blog.netlab.360.com
2	apis.google.com	c.disquscdn.com apis.google.com
2	connect.facebook.net	c.disquscdn.com connect.facebook.net
2	www.google-analytics.com	blog.netlab.360.com www.google-analytics.com
1	obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com	1 redirects
1	fcmatch.youtube.com	c.disquscdn.com
1	fcmatch.google.com	1 redirects
1	referrer.disqus.com	blog.netlab.360.com
1	glitter.services.disqus.com	c.disquscdn.com
1	ssl.gstatic.com	accounts.google.com
1	www.facebook.com	c.disquscdn.com
1	a.disquscdn.com	blog.netlab.360.com
1	blog-netlab-360.disqus.com	blog.netlab.360.com
1	code.jquery.com	blog.netlab.360.com
64	26

This site contains links to these domains. Also see Links.

Domain
twitter.com
feedly.com
msrc-blog.microsoft.com
178.62.226.184
github.com
www.w3.org
schemas.microsoft.com
schemas.xmlsoap.org
quake.360.cn
www.facebook.com
ghost.org

Subject Issuer	Validity	Valid
*.netlab.360.com WoTrus DV Server CA [Run by the Issuer]	`2021-01-26` - `2022-01-26`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
ssl1029306.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-12` - `2022-06-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
accounts.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.services.disqus.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.rezync.com Amazon	`2021-01-26` - `2022-02-23`	a year	crt.sh
*.narrative.io Amazon	`2021-04-07` - `2022-05-06`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Frame ID: A738C847740811B333EE349412250A55
Requests: 35 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
Frame ID: B65C346513F378F5007C105041721C05
Requests: 23 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: ED8E390B18A5E5B81D0717D38D4E937B
Requests: 3 HTTP requests in this frame

Frame: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN9SF3h5ROw
Frame ID: DFC5764EC5A67D7AB5755C18FCD9FC3E
Requests: 1 HTTP requests in this frame

Frame: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c6rda3p0h3b67a&pctry=BE&referrer=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
Frame ID: 527F647CF7652F13ED752304DD5B7D17
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ghost (Blogs) Expand

Overall confidence: 100%
Detected patterns

meta generator /Ghost(?:\s([\d.]+))?/i

Node.js (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

meta generator /Ghost(?:\s([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

64
Requests

100 %
HTTPS

48 %
IPv6

18
Domains

26
Subdomains

19
IPs

5
Countries

3326 kB
Transfer

4303 kB
Size

0
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/360Netlab
Title:

Search URL Search Domain Scan URL

URL: https://feedly.com/i/subscription/feed/https://blog.netlab.360.com/rss/
Title:

Search URL Search Domain Scan URL

URL: https://msrc-blog.microsoft.com/2021/03/05/microsoft-exchange-server-vulnerabilities-mitigations-march-2021/
Title: [1]

Search URL Search Domain Scan URL

URL: http://178.62.226.184/run.ps1
Title: http://178.62.226.184/run.ps1

Search URL Search Domain Scan URL

URL: https://github.com/projectdiscovery/nuclei-templates/blob/master/cves/2021/CVE-2021-26855.yaml
Title: [2]

Search URL Search Domain Scan URL

URL: https://github.com/microsoft/CSS-Exchange/blob/main/Security/src/http-vuln-cve2021-26855.nse
Title: [3]

Search URL Search Domain Scan URL

URL: http://www.w3.org/2001/XMLSchema-instance
Title: http://www.w3.org/2001/XMLSchema-instance

Search URL Search Domain Scan URL

URL: http://schemas.microsoft.com/exchange/services/2006/messages
Title: http://schemas.microsoft.com/exchange/services/2006/messages

Search URL Search Domain Scan URL

URL: http://schemas.microsoft.com/exchange/services/2006/types
Title: http://schemas.microsoft.com/exchange/services/2006/types

Search URL Search Domain Scan URL

URL: http://schemas.xmlsoap.org/soap/envelope/
Title: http://schemas.xmlsoap.org/soap/envelope/

Search URL Search Domain Scan URL

URL: http://178.62.226.184/config.json%22,%22C:/temp/111/config.json
Title: http://178.62.226.184/config.json","C:\temp\111\config.json

Search URL Search Domain Scan URL

URL: http://178.62.226.184/javacpl.exe%22,%22C:/temp/111/javacpl.exe
Title: http://178.62.226.184/javacpl.exe","C:\temp\111\javacpl.exe

Search URL Search Domain Scan URL

URL: http://178.62.226.184/WinRing0x64.sys%22,%22C:/temp/111/WinRing0x64.sys
Title: http://178.62.226.184/WinRing0x64.sys","C:\temp\111\WinRing0x64.sys

Search URL Search Domain Scan URL

URL: https://quake.360.cn/quake/#/searchResult?searchVal=app%3A%22Exchange%E9%82%AE%E4%BB%B6%E6%9C%8D%E5%8A%A1%E5%99%A8%22&selectIndex=quake_service
Title: Microsoft Exchange服务器

Search URL Search Domain Scan URL

URL: http://178.62.226.184/mini-reverse.ps1
Title: http://178.62.226.184/mini-reverse.ps1

Search URL Search Domain Scan URL

URL: http://178.62.226.184/config.json
Title: http://178.62.226.184/config.json

Search URL Search Domain Scan URL

URL: http://178.62.226.184/javacpl.exe
Title: http://178.62.226.184/javacpl.exe

Search URL Search Domain Scan URL

URL: http://178.62.226.184/WinRing0x64.sys
Title: http://178.62.226.184/WinRing0x64.sys

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&url=https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Title:

Search URL Search Domain Scan URL

URL: https://ghost.org/
Title: Ghost

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://ejp.rlcdn.com/501709.html HTTP 307
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCM2fgYgGEgUI6AcQAEIASgA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb25JaEZ4MzZ1S1VpSlVLa1V2T2d3ZXg1ZThTeG9BWGxqTE92Ri1VNnVsOA==&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb25JaEZ4MzZ1S1VpSlVLa1V2T2d3ZXg1ZThTeG9BWGxqTE92Ri1VNnVsOA==&google_cm=&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN9SF3h5ROw HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN9SF3h5ROw

Request Chain 60

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac6rda3p0h3b67a HTTP 302
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c6rda3p0h3b67a HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=2454dbd1-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c6rda3p0h3b67a

Request Chain 61

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac6rda3p0h3b67a&ret=img&ref=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F HTTP 302
https://io.narrative.io/?io.narrative.guid.v2=244f84a0-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac6rda3p0h3b67a&ret=img&ref=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F

Request Chain 62

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=4876255329334983190 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=1&userid=b28f12b6-e18f-4c18-84c2-e7d505690688%3A1627410381.54&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc6rda3p0h3b67a HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c6rda3p0h3b67a HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4876255329334983190

Request Chain 63

https://p.rfihub.com/cm?pub=39342&in=1&userid=b28f12b6-e18f-4c18-84c2-e7d505690688%3A1627410381.54&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab1986e4ee8c5c88c54c%26pid%3D%7Buserid%7D HTTP 302
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597496994223559 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=c6rda3p0h3b67a HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMwA1oBeKxAjjjfdeBTrF_g&google_cver=1

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/ 48 KB
14 KB 1908ms
266ms Document
text/html 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

90e67a0766f2925c44ab9f5cd2c4b01e0d53ac455bd2f4703eb2c7de19a68905

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: blog.netlab.360.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.9.15
Date: Tue, 27 Jul 2021 18:26:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Cache-Control: public, max-age=0
ETag: W/"bed5-BTT5wOkR/rQ3tuB/xbXdOcKMUhk"
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK screen.css
blog.netlab.360.com/assets/built/ 35 KB
8 KB 220ms
220ms Stylesheet
text/css 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.netlab.360.com/assets/built/screen.css?v=db215a41fd

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

d821f29d80bfc3257dd3bf5dbf1874ccaa53d82fca4bdc8a511b9f3efc8560c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 15 Feb 2019 10:23:47 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"8a18-168f0af010f"
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/css; charset=UTF-8
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes

GET
H/1.1 200
OK ghost-sdk.min.js Show response
blog.netlab.360.com/public/ 755 B
1 KB 405ms
184ms Script
application/javascript 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.netlab.360.com/public/ghost-sdk.min.js?v=db215a41fd

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

325eb6e77112f8b1dd52ab8f04cc03f5168de5acac9d2a586dc48902a26bc151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:19 GMT
ETag: "00d80f04e37de537a53adfbb0977af50"
Server: nginx/1.9.15
X-Powered-By: Express
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript
Cache-Control: public, max-age=31536000
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 755

GET
H/1.1 200
OK netlab-brand-5.png
blog.netlab.360.com/content/images/2019/02/ 21 KB
21 KB 1122ms
934ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2019/02/netlab-brand-5.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

d47ffdd0ca768158458845a42c746c6058867c5ce02cdb01c1858bb29aedc630

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:19 GMT
Last-Modified: Thu, 21 Feb 2019 10:23:06 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"5286-1690f94873b"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21126

GET
H/1.1 200
OK vulncheck_source_ip.png
blog.netlab.360.com/content/images/2021/03/ 602 KB
603 KB 1894ms
1682ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/vulncheck_source_ip.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

b452530c8ca099474039a8c20c0b5d662159ba246e6859937e824a63a7cd701f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:21 GMT
Last-Modified: Tue, 23 Mar 2021 10:44:15 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"96891-1785eaf610e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 616593

GET
H/1.1 200
OK vulncheck_ports.png
blog.netlab.360.com/content/images/2021/03/ 189 KB
190 KB 1474ms
352ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/vulncheck_ports.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

bd7a89e34efed04ad14e1a29950b4e470b2c5bf131f3f5c77286d04b18771cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:20 GMT
Last-Modified: Wed, 24 Mar 2021 05:37:53 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"2f551-17862bd4291"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 193873

GET
H/1.1 200
OK vulncheck_source_ip_asn.png
blog.netlab.360.com/content/images/2021/03/ 130 KB
130 KB 1833ms
691ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/vulncheck_source_ip_asn.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

bfbeb46b6d0e930abc384b89ed35d52860ccb740dfdeaf4d97e8f0340a5dae7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:20 GMT
Last-Modified: Tue, 23 Mar 2021 10:46:27 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"20787-1785eb16544"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 132999

GET
H/1.1 200
OK vulncheck_source_ip_country.png
blog.netlab.360.com/content/images/2021/03/ 98 KB
98 KB 1957ms
588ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/vulncheck_source_ip_country.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

6fb3a3bf9d73629f22c8cc9a5ac455e7b82db8fbbb93c64d60643463b8f4ff07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:21 GMT
Last-Modified: Tue, 23 Mar 2021 10:47:59 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"18786-1785eb2cd5d"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 100230

GET
H/1.1 200
OK vulncheck_ip_stats.png
blog.netlab.360.com/content/images/2021/03/ 345 KB
345 KB 1750ms
346ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/vulncheck_ip_stats.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

d6fc10229a2d03787b1e398650bf2bdb995e6a2ab5ae6ba1c8cef6f6645115c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:21 GMT
Last-Modified: Wed, 24 Mar 2021 06:59:13 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"56341-1786307b88f"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 353089

GET
H/1.1 200
OK webshell_details.png
blog.netlab.360.com/content/images/2021/03/ 472 KB
472 KB 1037ms
370ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/webshell_details.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

49cfcd3a16bed30ad0231e4e250c88e99c5e4dfa1954ce499d66510c4ab4b78a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:21 GMT
Last-Modified: Wed, 24 Mar 2021 06:48:39 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"75e85-17862fe0a36"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 482949

GET
H/1.1 200
OK sample_details.png
blog.netlab.360.com/content/images/2021/03/ 186 KB
186 KB 213ms
212ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/sample_details.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

1582941297c3bfd796b48df125f962a1e486673830976c77962f0107c24138ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:21 GMT
Last-Modified: Wed, 24 Mar 2021 06:48:14 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"2e7a6-17862fda8b2"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 190374

GET
H/1.1 200
OK vulncheck_sld.png
blog.netlab.360.com/content/images/2021/03/ 161 KB
161 KB 219ms
218ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/vulncheck_sld.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f0a7896d4abe4ad2cfa9980ef35fe952bf31ebfe96c7d3da572865ea46bf99dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:22 GMT
Last-Modified: Wed, 24 Mar 2021 11:36:58 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"2840a-17864060371"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164874

GET
H/1.1 200
OK microsoft_exchange_distribution_cn.png
blog.netlab.360.com/content/images/2021/03/ 252 KB
253 KB 388ms
387ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/2021/03/microsoft_exchange_distribution_cn.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

a349e5bc71df938708882a7ec3db2c86909f04a8de0f4094d9dc9f844c2ee54c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:22 GMT
Last-Modified: Tue, 23 Mar 2021 09:36:42 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"3f103-1785e718ad0"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258307

GET
H/1.1 200
OK 1662072805.jpg
blog.netlab.360.com/content/images/size/w100/2017/10/ 2 KB
2 KB 617ms
617ms Image
image/jpeg 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/size/w100/2017/10/1662072805.jpg

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

bdf0772071c7e0d8b5a284152be10569e2f3ee6a77488b9d0494cefbbfee568d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:23 GMT
Last-Modified: Fri, 15 Feb 2019 05:20:56 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"6c4-168ef99bd9c"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1732

GET
H/1.1 200
OK ----_20210324152831-3.jpg
blog.netlab.360.com/content/images/size/w100/2021/03/ 3 KB
3 KB 1467ms
1467ms Image
image/jpeg 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/size/w100/2021/03/----_20210324152831-3.jpg

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

08240631edccfa68b41736872de4d511363a49062356fd32f42beb26a2468b96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:24 GMT
Last-Modified: Wed, 24 Mar 2021 07:40:22 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"a9a-178632d653e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2714

GET
H/1.1 200
OK 400--2-.jpeg
blog.netlab.360.com/content/images/size/w100/2019/12/ 2 KB
3 KB 444ms
443ms Image
image/jpeg 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/size/w100/2019/12/400--2-.jpeg

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

fc244966613442017d9a16528fbcd7d45416ce6a227a2535e91db62e98995dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:23 GMT
Last-Modified: Tue, 17 Dec 2019 04:38:59 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"9f3-16f1226ef8c"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2547

GET
H/1.1 200
OK head.jpg
blog.netlab.360.com/content/images/size/w100/2019/04/ 2 KB
3 KB 182ms
182ms Image
image/jpeg 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/size/w100/2019/04/head.jpg

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

971550dcc1d03bf9cd939c657820cbd1401777ca57ec2c3122f6352f41d2a0b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:24 GMT
Last-Modified: Fri, 26 Apr 2019 02:55:11 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"9a9-16a579175db"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2473

GET
H/1.1 200
OK netlab_xs-2.png
blog.netlab.360.com/content/images/size/w30/2019/02/ 2 KB
2 KB 848ms
184ms Image
image/png 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/size/w30/2019/02/netlab_xs-2.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

4b5a3702b2a13d962a0998ce7b341e19198e5b9278bf67f9ec3db979ee942e86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:20 GMT
Last-Modified: Thu, 21 Feb 2019 10:21:51 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"825-1690f93643e"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/png
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2085

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 30ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Origin: https://blog.netlab.360.com
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:26:19 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1627410379.dop237.fr8.t,1627410379.cds245.fr8.hn,1627410379.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H/1.1 200
OK jquery.fitvids.js Show response
blog.netlab.360.com/assets/built/ 2 KB
1 KB 334ms
188ms Script
application/javascript 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.netlab.360.com/assets/built/jquery.fitvids.js?v=db215a41fd

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

1b560f221a3ee06277331e405b956b384d5ef7830a643b4e0c257189b7adf887

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 15 Feb 2019 10:23:47 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"778-168f0af010f"
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Accept-Ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 897
date: Tue, 27 Jul 2021 18:11:22 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 27 Jul 2021 20:11:22 GMT

GET
H/1.1 200
OK embed.js Show response
blog-netlab-360.disqus.com/ 75 KB
25 KB 76ms
24ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://blog-netlab-360.disqus.com/embed.js

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

f447cead02ff8f622d5f889ab8b60e2481e25d62b2f5eabd549b646de0801c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:19 GMT
Content-Encoding: gzip
Server: openresty
Age: 71
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24717

GET
H/1.1 200
OK astronomy-constellation-dark-998641-4.jpg
blog.netlab.360.com/content/images/size/w600/2019/02/ 22 KB
23 KB 212ms
212ms Image
image/jpeg 36.110.234.55
CHINANET-IDC-BJ-A...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.netlab.360.com/content/images/size/w600/2019/02/astronomy-constellation-dark-998641-4.jpg

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

36.110.234.55 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),

Reverse DNS

Software

nginx/1.9.15 / Express

Resource Hash

f70dcec0f2c1d351acf79ed157c212e3e914d8a4f3549183cab7bae441b0a506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: blog.netlab.360.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Cookie: _ga=GA1.2.1956255303.1627410380; _gid=GA1.2.1050759712.1627410380; _gat=1
Connection: keep-alive
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:24 GMT
Last-Modified: Thu, 21 Feb 2019 10:24:31 GMT
Server: nginx/1.9.15
X-Powered-By: Express
ETag: W/"59cf-1690f95d555"
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22991

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1012319468&t=pageview&_s=1&dl=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&ul=en-us&de=UTF-8&dt=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2130089439&gjid=1640894278&cid=1956255303.1627410380&tid=UA-83587830-1&_gid=1050759712.1627410380&_r=1&_slc=1&z=1914889339

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jul 2021 18:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.netlab.360.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 34ms
10ms Other
text/css 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: blog-netlab-360.disqus.com
URL: https://blog-netlab-360.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292712
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: L8JIQkrIVznP981O_E854d0C-ZhFrjdw-huIixDj5JV70hMX5SpOUA==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
c.disquscdn.com/next/embed/ 0
93 KB 43ms
19ms Other
application/javascript 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: blog-netlab-360.disqus.com
URL: https://blog-netlab-360.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 685146
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: Hiq3VWLilMvKpg1gaCRDrdIcDoZ9N7YL9DpIlPcFq4dukxS1TkexUw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js
c.disquscdn.com/next/embed/ 0
119 KB 53ms
30ms Other
application/javascript 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Requested by

Host: blog-netlab-360.disqus.com
URL: https://blog-netlab-360.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603607
x-cache: Hit from cloudfront
content-length: 120690
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-1d772"
content-type: application/javascript; charset=utf-8
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: NVXDtWHEO_JsZjNTkvHJLYD4O9r2tTcOXImHZTCXev_MDHKjajUloA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 59ms
19ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: blog-netlab-360.disqus.com
URL: https://blog-netlab-360.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:19 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 56
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12153
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame B65C 6 KB
4 KB 118ms
118ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default

Requested by

Host: blog-netlab-360.disqus.com
URL: https://blog-netlab-360.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c71055b5535a5bd23236b154fca43c00bd47e571cc58e9446dae66209c156a75

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Response headers

Connection: keep-alive
Content-Length: 2730
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Tue, 23 Mar 2021 07:13:22 GMT
ETag: W/"lounge:view:8448282676.13922ca1174c7c6475d251894e23902f.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Tue, 27 Jul 2021 18:26:19 GMT
Age: 5
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.load.7302391be467f75d298eac65b5cfa2cc.js Show response
c.disquscdn.com/next/embed/ Frame B65C 1 KB
1 KB 41ms
13ms Script
application/javascript 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

aa9ee4c2caf4f0c4054f1da752a01fec1ff1a656983327b69a75c3c0b63ef270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603607
x-cache: Hit from cloudfront
content-length: 534
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-216"
content-type: application/javascript; charset=utf-8
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: ayHyqgDq5Iw3nfLBwNCmjZ9Yb6o4hl9Ash9bX3483IXjFh37NFlEbw==
x-cache-hits: 0

GET
H2 200 common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js Show response
c.disquscdn.com/next/embed/ Frame B65C 282 KB
93 KB 10ms
10ms Script
application/javascript 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.7302391be467f75d298eac65b5cfa2cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 20:07:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 685147
x-cache: Hit from cloudfront
content-length: 94790
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 19 Jul 2021 19:39:06 GMT
server: nginx
etag: "60f5d4da-17246"
content-type: application/javascript; charset=utf-8
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
expires: Tue, 19 Jul 2022 20:07:13 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: P9b4eePmhzwnu5H3-cwj_zcmDJT2GNH4DiUeA-2O-5ohITI_im13dQ==
x-cache-hits: 0

GET
H2 200 lounge.e16bb81d3982e913e07bd7f31be71a6c.css
c.disquscdn.com/next/embed/styles/ Frame B65C 163 KB
26 KB 10ms
10ms Stylesheet
text/css 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 19:21:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292713
x-cache: Hit from cloudfront
content-length: 25871
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 08 Jul 2021 22:07:43 GMT
server: nginx
etag: "60e7772f-650f"
content-type: text/css; charset=utf-8
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
expires: Tue, 12 Jul 2022 19:21:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: IRGj7CsP5uFpcjtHPOJ3LA9_GHpo8x0Ren5An_N8INgBDl-MSlGh3g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js Show response
c.disquscdn.com/next/embed/ Frame B65C 468 KB
119 KB 10ms
10ms Script
application/javascript 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.106faac21c6c76e0298d1a260d46eaf3.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bd3479f3c97c6aa3b27aaaae6eb5407fbdc64a942d876db9fbbb08ce06ad63d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 18:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603608
x-cache: Hit from cloudfront
content-length: 120690
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 20 Jul 2021 18:26:52 GMT
server: nginx
etag: "60f7156c-1d772"
content-type: application/javascript; charset=utf-8
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
expires: Wed, 20 Jul 2022 18:46:12 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: -B5KapMOlEhaWt1CZ6s8jQCaUGDeNDfaZthoCbInOaipHunW488qvQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame B65C 12 KB
12 KB 51ms
51ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

992caeeef5c8ce8d12cd5bfa0aef3922f4013d082f147e886d847ac071991a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:20 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 56
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12153
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame B65C 3 KB
3 KB 114ms
114ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=blog-netlab-360&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7a7c7c83aa720a5499b3cc5a5968e0dc71d14e2988f3a8ba1d50a17de7d2985a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3003
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1624570071/images/ Frame B65C 2 KB
2 KB 1128ms
52ms Image
image/png 151.101.14.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1624570071/images/noavatar92.png

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:26:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 18:53:57 GMT
server: nginx
age: 2500911
etag: "60d4d4c5-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C1
content-type: image/png
content-length: 1644
x-amz-cf-id: CuKOWug1Tl31GITn7e6Q8TK4A8JwMtpFSCR3qynTLsqqsWnjs1SaoQ==
expires: Wed, 28 Jul 2021 19:44:30 GMT

GET
DATA 200
OK truncated
/ Frame B65C 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame B65C 13 KB
13 KB 10ms
10ms Image
image/svg+xml 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7789719
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZjfxoKEtgusFqqlMR7VcFa2YupmYq4lO4jyvxAHXDmm1vVyGzfeQ2Q==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame B65C 3 KB
3 KB 10ms
9ms Image
image/gif 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 04:58:07 GMT
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 15082093
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 27 Jan 2021 17:23:07 GMT
server: nginx
etag: "6011a17b-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Thu, 03 Feb 2022 04:58:07 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: aIWDLemBZqCyBP1YnXpczl7m0DSEdBam6mkXOFWBu6XeI0w1RKaXcg==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame B65C 2 KB
2 KB 10ms
10ms Image
image/png 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 10:47:19 GMT
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4001941
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Thu, 10 Jun 2021 21:33:44 GMT
server: nginx
etag: "60c28538-746"
content-type: image/png
access-control-allow-origin: *
expires: Sat, 11 Jun 2022 10:47:19 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: CADT7hdNwN1CobDu_9BM6IysWVtIfYGmBjWxXdwCS7i0z-bFwe28eA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame B65C 8 KB
8 KB 14ms
13ms Font
application/octet-stream 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 09:01:33 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7291486
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Wed, 04 May 2022 09:01:33 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 92JTStU9sz1ZFjLlSTrmqo1CzIMvkWrtEvA789zDDbjNpbY0ScnpGw==
x-cache-hits: 0

GET
H2 200 alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js Show response
c.disquscdn.com/next/embed/ 78 KB
27 KB 10ms
10ms Script
application/javascript 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js

Requested by

Host: blog-netlab-360.disqus.com
URL: https://blog-netlab-360.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 15:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7182050
x-cache: Hit from cloudfront
content-length: 26578
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-67d2"
content-type: application/javascript; charset=utf-8
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 15:25:30 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
timing-allow-origin: *
x-amz-cf-id: vxFHkLViTp24Fg_34yzT9swP2mbu6bFJj-qIz-dwPVpZDHQqHvO0Sw==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame B65C 13 KB
13 KB 10ms
10ms Image
image/svg+xml 2600:9000:2127:6c00:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2127:6c00:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.e16bb81d3982e913e07bd7f31be71a6c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 14:37:41 GMT
via: 1.1 4b7022ec3e11edfdd972039992f837df.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 7789719
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Tue, 27 Apr 2021 21:01:56 GMT
server: nginx
etag: "60887bc4-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Thu, 28 Apr 2022 14:37:41 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Af7r-ARYqSe2UynlwfP2Gc-7WyPkvtLedNJabUyEyxqrjnKjjl5eAQ==
x-cache-hits: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B65C 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

780efbed4cd37a37a6ca06d83929745d0cda057b37db999631d41cf6f4a87c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: pZtpunKhC0ELAcPynLPThw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: OGgrydJwvarcjrku8NBdtSa4Tf5dMUKQYev7x80d/NIi2pBTzeYHUPeqM9+PN4I9Z9PSe86ejk4T70DnqXF50A==
x-fb-trip-id: 2050670934
x-fb-content-md5: 5ba06a303dc85a4084253ffd3749dbcb
x-frame-options: DENY
date: Tue, 27 Jul 2021 18:26:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "012abacf0884d97a81825c75a28eb4de"
timing-allow-origin: *
expires: Tue, 27 Jul 2021 18:30:47 GMT

GET
H2 200 api.js Show response
apis.google.com/js/ Frame B65C 13 KB
6 KB 46ms
26ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

988bcde72299686944d0d999925fb176b03d274eb3f1b2dc9f714654a93bfabf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ugus6KBrtiF078SuZmKaAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "b6acb3309cfece49fdc532caca33f653"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-Ugus6KBrtiF078SuZmKaAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Tue, 27 Jul 2021 18:26:20 GMT

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
102 B 66ms
37ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=1&rn=2.910562864473347
Requested by: Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 8
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6757ea5d9db34e38-FRA
x-amz-request-id: 9XASVBPZZ8WMPQ1Y
x-amz-id-2: pMKguQPpwTprnkBouPC+bayQrVoLCHZ6TrT0OgWZdfwvxczOfNycx8DBPVGD9kavO0wDreinU127ASoHSbVa+Q==

GET
H2 200 pixel.gif
cdn.viglink.com/images/ 43 B
439 B 54ms
25ms Image
image/gif 2606:4700::6810:a40d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.viglink.com/images/pixel.gif?ch=2&rn=2.910562864473347
Requested by: Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:a40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:26:20 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Feb 2015 03:29:39 GMT
server: cloudflare
age: 8
etag: "221d8352905f2c38b3cb2bd191d630b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=15, must-revalidate
content-length: 43
accept-ranges: bytes
cf-ray: 6757ea5d9db64e38-FRA
x-amz-request-id: 9XASVBPZZ8WMPQ1Y
x-amz-id-2: pMKguQPpwTprnkBouPC+bayQrVoLCHZ6TrT0OgWZdfwvxczOfNycx8DBPVGD9kavO0wDreinU127ASoHSbVa+Q==

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B65C 232 KB
67 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=61d91c21d3b4538a7013083901f8437b

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9949b9f3492188102129dffe53231a1db0e21cfbc36b7cee501ef76558bc5c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sRZyymD4+2hqRQnzeLZhNA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69060
x-fb-rlafr: 0
x-fb-debug: ZF/fCcfYtwtHFJ8YWyLoqpgukjzSwFLnLHx1pO4taBMQvF/SxvTEI4HfKU7VDJFNUyzIiwwIgNOHIgmSGlE7FA==
x-fb-content-md5: 04d3ddbfd6ec7de9be5e10b76b748862
x-frame-options: DENY
date: Tue, 27 Jul 2021 18:26:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ad3d1ff4d643ba17e085c0b44bee0746"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Jul 2022 17:41:33 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ Frame B65C 0
0 108ms
108ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fblog.netlab.360.com&client_id=52254943976&input_token&origin=1&redirect_uri=https%3A%2F%2Fdisqus.com%2Fembed%2Fcomments%2F%3Fbase%3Ddefault%26f%3Dblog-netlab-360%26t_i%3Dghost-604ece23d0d9b7000712c910%26t_u%3Dhttps%253A%252F%252Fblog.netlab.360.com%252Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%252F%26t_d%3DMicrosoft%2520Exchange%2520%25E6%25BC%258F%25E6%25B4%259E%25EF%25BC%2588CVE-2021-26855%25EF%25BC%2589%25E5%259C%25A8%25E9%2587%258E%25E6%2589%25AB%25E6%258F%258F%25E5%2588%2586%25E6%259E%2590%25E6%258A%25A5%25E5%2591%258A%26t_t%3DMicrosoft%2520Exchange%2520%25E6%25BC%258F%25E6%25B4%259E%25EF%25BC%2588CVE-2021-26855%25EF%25BC%2589%25E5%259C%25A8%25E9%2587%258E%25E6%2589%25AB%25E6%258F%258F%25E5%2588%2586%25E6%259E%2590%25E6%258A%25A5%25E5%2591%258A%26s_o%3Ddefault%23version%3D7302391be467f75d298eac65b5cfa2cc&sdk=joey&wants_cookie_data=false

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: O+a6bBtA/VRU/YZgSvhsOfVGdCe1vJrFzoyuhUWTjcxCqTVcv0dntvsG05KoTM/9pCb/Gj2ZQ/mK6QOkcQvVQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 27 Jul 2021 18:26:20 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://disqus.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame B65C 103 KB
34 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a8dbc111ec4272a34fae97aa7a2dcd6f99cfb9b3067dcac29abc892912b6ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Jul 2021 15:25:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35063
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 15:25:16 GMT

GET
H2 200 iframe Show response
accounts.google.com/o/oauth2/ Frame ED8E 513 B
925 B 62ms
43ms Document
text/html 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

03a4e12557c3511fb01301eb0708a508e81dc1fc2a6e4f0e8fb83ee1df9af429

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lV8HXnQ/rzODD39O5GIZ8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/iframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=220=WrtGlz2xauHvtWzSosaEEtNdDFkQ7LeUSNn40mAxrXkMWmOfFGwIItD9I3wImV5_oUJFiRsrStxPEFENLrRonAMgeaOFaZDxFwWYZDjgfQbGA8-ZSKN2Dqa8Jg5dnvTjUdnK_pQvQ76ewO4tcTDjsjxSXwgoSkP8O0EANFApze0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default

Response headers

content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Jul 2021 18:26:20 GMT
content-language: en-US
content-security-policy: script-src 'report-sample' 'nonce-lV8HXnQ/rzODD39O5GIZ8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1376071356-idpiframe.js Show response
ssl.gstatic.com/accounts/o/ Frame ED8E 116 KB
40 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/1376071356-idpiframe.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cd47b8df2fcfbefbac624b4a6856f65e13d83721be2805e864f5993a05428e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 18:01:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40353
x-xss-protection: 0
last-modified: Sat, 24 Jul 2021 04:25:27 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Jul 2022 18:01:24 GMT

GET
H3-29 200 iframerpc Show response
accounts.google.com/o/oauth2/ Frame ED8E 14 B
58 B 56ms
41ms XHR
application/json 2a00:1450:4001:800::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fdisqus.com&client_id=508198334196-bgmagrg0a2rub674g0shidj8fnd50dji.apps.googleusercontent.com

Requested by

Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/1376071356-idpiframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/o/oauth2/iframe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XmlHttpRequest

Response headers

date: Tue, 27 Jul 2021 18:26:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
content-type: application/json; charset=utf-8
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 27 Jul 2021 19:26:20 GMT

GET
H/1.1 200
OK / Show response
glitter.services.disqus.com/urls/ Frame B65C 701 B
864 B 434ms
347ms Script
application/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://glitter.services.disqus.com/urls/?callback=dsqGlitterResponseHandler&forum_shortname=blog-netlab-360&thread_id=8448282676&referer=

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

7db4b5f2392b8640c60af6da7fe8a9d4be55b7b0a0f7974dba8c32b152c459f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: openresty
X-Frame-Options: DENY
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: no-cache
transfer-encoding: chunked
X-Service: glitter
Content-Disposition: attachment; filename=f.txt
Strict-Transport-Security: max-age=300; includeSubdomains
Vary: Accept-Encoding, Cookie

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame B65C 43 B
295 B 228ms
111ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=533&event=init_embed&thread=8448282676&forum=blog-netlab-360&forum_id=4524066&imp=6rda3mq4uis4g&prev_imp&thread_slug=microsoft_exchange_cve_2021_26855&user_type=anon&referrer=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&theme=next&dnt=0&tracking_enabled=1&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:20 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 299 B
736 B 137ms
55ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: f0e6e2773b8199632fd54457b004419cef7da5931ff9233f6fc96fc835f99c01

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 27 Jul 2021 18:26:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://blog.netlab.360.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 299
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.gif
links.services.disqus.com/api/ 43 B
375 B 52ms
52ms Image
image/gif 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://links.services.disqus.com/api/sync.gif?key=cfdfcf52dffd0a702a61bad27507376d
Requested by: Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Jul 2021 18:26:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Cache-Control: no-cache, no-store
Connection: keep-alive
Content-Type: image/gif;charset=UTF-8
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 58 B
494 B 549ms
500ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: d766b27b23351dc8720b0cfac30b9ff325f68e62e4b5a2f04186d80368925a6e

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 27 Jul 2021 18:26:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://blog.netlab.360.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 58
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK domains Show response
links.services.disqus.com/api/ 68 B
504 B 99ms
50ms XHR
text/javascript 151.101.12.64
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/domains
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.64 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 2f8a707728206625452e8cf5ec9406e17bb669995e8cb08b4cc65f063ed40548

Request headers

Referer: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Tue, 27 Jul 2021 18:26:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://blog.netlab.360.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 68
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/ Frame DFC5
Redirect Chain

https://ejp.rlcdn.com/501709.html
https://ejp.rlcdn.com/1000.gif?memo=CM3PHhoNCM2fgYgGEgUI6AcQAEIASgA
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb25JaEZ4MzZ1S1VpSlVLa1V2T2d3ZXg1ZThTeG9BWGxqTE92Ri1VNnVsOA==&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwb25JaEZ4MzZ1S1VpSlVLa1V2T2d3ZXg1ZThTeG9BWGxqTE92Ri1VNnVsOA==&google_cm=&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN9...
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN...

0
0

35ms
14ms

Document
image/png

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN9SF3h5ROw

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: fcmatch.youtube.com
:scheme: https
:path: /pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN9SF3h5ROw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default

Response headers

content-type: image/png
date: Tue, 27 Jul 2021 18:26:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorwS8cW2C3sixp_H9_IFdYRo1RNQmSIerVsbAHVyJ3ia2Q9RJLjIdj2To8pWmM0d16mKsgA30zAZjxS-KjiK8pfduNaaq9vyekOFp8qmp9en9awKA1mkWagjAqrDDLLXCIRl9f65zKkEWlBjY-tN9SF3h5ROw
date: Tue, 27 Jul 2021 18:26:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 403
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.html Show response
live.rezync.com/ Frame 527F 507 B
1 KB 571ms
235ms Document
text/html 65.9.96.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c6rda3p0h3b67a&pctry=BE&referrer=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
Requested by: Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.ee2555081038338ea4f41cbb3ea1bc17.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.96.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: lighttpd/1.4.33 /
Resource Hash: 991a9fa1a3abfba31ee4486c5248f8a0de88defbcd07435bbe6bd582fd0b76e0

Request headers

:method: GET
:authority: live.rezync.com
:scheme: https
:path: /pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c6rda3p0h3b67a&pctry=BE&referrer=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default

Response headers

content-type: text/html; charset=utf-8
content-length: 507
date: Tue, 27 Jul 2021 18:26:21 GMT
server: lighttpd/1.4.33
set-cookie: zync-uuid=b28f12b6-e18f-4c18-84c2-e7d505690688:1627410381.54; Domain=rezync.com; Expires=Sun, 23-Jan-2022 11:26:21 GMT; Path=/; SameSite=None; Secure sd-session-id=.eJwVirEKgzAURX-lvNkhrcGC0EFoBqFGClniImqC5tlaawylSv696XTuuZwd6lkvz2bS0wrpujgdQfcwwSykOyhj3y4s6JJFNfFMhrhNzg34CKy21rym2qh_eGhDJDGnFbKvRLlWgtHKECI3Rm-iD8zDp0YusiPH8cOxpyWyU4EdKUS2lVfmuLhfwPsfl88xUw.E-HhTQ.Nl0Dbmt7ySWw10tvesph8R-9p9E; Expires=Sun, 23-Jan-2022 18:26:21 GMT; HttpOnly; Path=/; SameSite=None; Secure
x-cache: Miss from cloudfront
via: 1.1 7df0d6b4ce8f8b155434dd5d830b76be.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: eJifEai-hlwKp8ATc3h0WKahudWCIQBwakQXsAHUKJxvkKXwjGHMZQ==

GET
H/1.1

204
No Content

/
io.narrative.io/ Frame B65C
Redirect Chain

https://obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com/narr?gdpr=1&gdpr_consent=&url=https%3A%2F%2Fio.narrative.io%2F%3FcompanyId%3D19%26gdpr%3D1%26gdpr_consent%3D%26id%3Ddisqus_id%3Ac6rda3p0h3b67a
https://io.narrative.io/?companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c6rda3p0h3b67a
https://io.narrative.io/?io.narrative.guid.v2=2454dbd1-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c6rda3p0h3b67a

0
247 B

38ms
38ms

Image
text/plain

52.212.225.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=2454dbd1-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c6rda3p0h3b67a
Requested by: Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.225.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-225-58.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:21 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=2454dbd1-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&gdpr=1&gdpr_consent=&id=disqus_id:c6rda3p0h3b67a
Date: Tue, 27 Jul 2021 18:26:21 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

/
io.narrative.io/ Frame B65C
Redirect Chain

https://io.narrative.io/?companyId=19&id=disqus_id%3Ac6rda3p0h3b67a&ret=img&ref=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
https://io.narrative.io/?io.narrative.guid.v2=244f84a0-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac6rda3p0h3b67a&ret=img&ref=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vuln...

35 B
319 B

1408ms
1397ms

Image
image/gif

52.212.225.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://io.narrative.io/?io.narrative.guid.v2=244f84a0-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac6rda3p0h3b67a&ret=img&ref=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
Requested by: Host: blog.netlab.360.com
URL: https://blog.netlab.360.com/microsoft-exchange-vulnerability-cve-2021-26855-scan-analysis/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.225.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-225-58.eu-west-1.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=blog-netlab-360&t_i=ghost-604ece23d0d9b7000712c910&t_u=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F&t_d=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&t_t=Microsoft%20Exchange%20%E6%BC%8F%E6%B4%9E%EF%BC%88CVE-2021-26855%EF%BC%89%E5%9C%A8%E9%87%8E%E6%89%AB%E6%8F%8F%E5%88%86%E6%9E%90%E6%8A%A5%E5%91%8A&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 18:26:22 GMT
Cache-Control: no-cache
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

Redirect headers

Location: https://io.narrative.io/?io.narrative.guid.v2=244f84a0-ef08-11eb-a9a5-06119d0d8b4f&companyId=19&id=disqus_id%3Ac6rda3p0h3b67a&ret=img&ref=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
Date: Tue, 27 Jul 2021 18:26:21 GMT
Server: nginx/1.18.0
Connection: keep-alive
Content-Length: 0

GET
H2

200

52154.gif
idsync.rlcdn.com/ Frame 527F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D093016b0419d19c905c78c859b815219%26pid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%2F%2Flive.rezync.com%2Fsync%253Fc%253D4656c20ee35215f78e9273796625d90b%2526p%253D093016b0419d19c905c78c859b815219%2526pid%253D%2524UID
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=093016b0419d19c905c78c859b815219&pid=4876255329334983190
https://p.rfihub.com/cm?pub=39342&in=1&userid=b28f12b6-e18f-4c18-84c2-e7d505690688%3A1627410381.54&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dc6rda3p0h3b67a
https://idsync.rlcdn.com/501709.gif?partner_uid=c6rda3p0h3b67a
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4876255329334983190

42 B
325 B

24ms
24ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4876255329334983190
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c6rda3p0h3b67a&pctry=BE&referrer=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Jul 2021 18:26:24 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 27 Jul 2021 18:26:24 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ab498464-f3f4-4be0-813d-94113d91c631
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4876255329334983190
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 527F
Redirect Chain

https://p.rfihub.com/cm?pub=39342&in=1&userid=b28f12b6-e18f-4c18-84c2-e7d505690688%3A1627410381.54&forward=https%3A//live.rezync.com/sync%3Fc%3D4656c20ee35215f78e9273796625d90b%26p%3D260a954059a0ab...
https://live.rezync.com/sync?c=4656c20ee35215f78e9273796625d90b&p=260a954059a0ab1986e4ee8c5c88c54c&pid=1871597496994223559
https://idsync.rlcdn.com/501709.gif?partner_uid=c6rda3p0h3b67a
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMwA1oBeKxAjjjfdeBTrF_g&google_cver=1

42 B
326 B

24ms
24ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMwA1oBeKxAjjjfdeBTrF_g&google_cver=1
Requested by: Host: live.rezync.com
URL: https://live.rezync.com/pixel.html?c=4656c20ee35215f78e9273796625d90b&cid=c6rda3p0h3b67a&pctry=BE&referrer=https%3A%2F%2Fblog.netlab.360.com%2Fmicrosoft-exchange-vulnerability-cve-2021-26855-scan-analysis%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://live.rezync.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Jul 2021 18:26:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 27 Jul 2021 18:26:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEMwA1oBeKxAjjjfdeBTrF_g&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
accounts.google.com
apis.google.com
blog-netlab-360.disqus.com
blog.netlab.360.com
c.disquscdn.com
cdn.viglink.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
disqus.com
ejp.rlcdn.com
fcmatch.google.com
fcmatch.youtube.com
glitter.services.disqus.com
ib.adnxs.com
idsync.rlcdn.com
io.narrative.io
links.services.disqus.com
live.rezync.com
obgpm76tt0a0sgozk8l.npdredinuid.imrworldwide.com
p.rfihub.com
referrer.disqus.com
ssl.gstatic.com
www.facebook.com
www.google-analytics.com
142.250.185.98
151.101.0.134
151.101.12.134
151.101.12.64
151.101.14.49
185.33.221.13
193.0.160.128
2001:4de0:ac18::1:a:1b
2600:9000:2127:6c00:6:8656:f5c0:93a1
2606:4700::6810:a40d
2a00:1450:4001:800::200d
2a00:1450:4001:800::200e
2a00:1450:4001:801::200e
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:828::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.244.174.68
36.110.234.55
52.212.225.58
52.214.43.23
65.9.96.89
03a4e12557c3511fb01301eb0708a508e81dc1fc2a6e4f0e8fb83ee1df9af429
08240631edccfa68b41736872de4d511363a49062356fd32f42beb26a2468b96
1582941297c3bfd796b48df125f962a1e486673830976c77962f0107c24138ed
1b560f221a3ee06277331e405b956b384d5ef7830a643b4e0c257189b7adf887
2df50c8c00e4f9f84fc1506798291ba26c73f181154596d3f2d6209978d6bc51
2f8a707728206625452e8cf5ec9406e17bb669995e8cb08b4cc65f063ed40548
325eb6e77112f8b1dd52ab8f04cc03f5168de5acac9d2a586dc48902a26bc151
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
443211c7845e0012dea1dfe8cda1ce659e7fef3c7b5af2b470704ed8186945c0
49cfcd3a16bed30ad0231e4e250c88e99c5e4dfa1954ce499d66510c4ab4b78a
4b5a3702b2a13d962a0998ce7b341e19198e5b9278bf67f9ec3db979ee942e86
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
6fb3a3bf9d73629f22c8cc9a5ac455e7b82db8fbbb93c64d60643463b8f4ff07
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
780efbed4cd37a37a6ca06d83929745d0cda057b37db999631d41cf6f4a87c60
7a7c7c83aa720a5499b3cc5a5968e0dc71d14e2988f3a8ba1d50a17de7d2985a
7a8dbc111ec4272a34fae97aa7a2dcd6f99cfb9b3067dcac29abc892912b6ab9
7db4b5f2392b8640c60af6da7fe8a9d4be55b7b0a0f7974dba8c32b152c459f3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
90e67a0766f2925c44ab9f5cd2c4b01e0d53ac455bd2f4703eb2c7de19a68905
971550dcc1d03bf9cd939c657820cbd1401777ca57ec2c3122f6352f41d2a0b2
988bcde72299686944d0d999925fb176b03d274eb3f1b2dc9f714654a93bfabf
991a9fa1a3abfba31ee4486c5248f8a0de88defbcd07435bbe6bd582fd0b76e0
992caeeef5c8ce8d12cd5bfa0aef3922f4013d082f147e886d847ac071991a9e
9949b9f3492188102129dffe53231a1db0e21cfbc36b7cee501ef76558bc5c3b
9cd47b8df2fcfbefbac624b4a6856f65e13d83721be2805e864f5993a05428e0
9efb3d5e1b082a66bd94908b42afb4cf6fe0e8eb8f50b8d2a18f6a5da03e6a18
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a349e5bc71df938708882a7ec3db2c86909f04a8de0f4094d9dc9f844c2ee54c
aa9ee4c2caf4f0c4054f1da752a01fec1ff1a656983327b69a75c3c0b63ef270
b452530c8ca099474039a8c20c0b5d662159ba246e6859937e824a63a7cd701f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd3479f3c97c6aa3b27aaaae6eb5407fbdc64a942d876db9fbbb08ce06ad63d5
bd7a89e34efed04ad14e1a29950b4e470b2c5bf131f3f5c77286d04b18771cda
bdf0772071c7e0d8b5a284152be10569e2f3ee6a77488b9d0494cefbbfee568d
bfbeb46b6d0e930abc384b89ed35d52860ccb740dfdeaf4d97e8f0340a5dae7d
c71055b5535a5bd23236b154fca43c00bd47e571cc58e9446dae66209c156a75
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d47ffdd0ca768158458845a42c746c6058867c5ce02cdb01c1858bb29aedc630
d6fc10229a2d03787b1e398650bf2bdb995e6a2ab5ae6ba1c8cef6f6645115c6
d766b27b23351dc8720b0cfac30b9ff325f68e62e4b5a2f04186d80368925a6e
d821f29d80bfc3257dd3bf5dbf1874ccaa53d82fca4bdc8a511b9f3efc8560c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a7896d4abe4ad2cfa9980ef35fe952bf31ebfe96c7d3da572865ea46bf99dd
f0e6e2773b8199632fd54457b004419cef7da5931ff9233f6fc96fc835f99c01
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f447cead02ff8f622d5f889ab8b60e2481e25d62b2f5eabd549b646de0801c38
f70dcec0f2c1d351acf79ed157c212e3e914d8a4f3549183cab7bae441b0a506
fc244966613442017d9a16528fbcd7d45416ce6a227a2535e91db62e98995dec

blog.netlab.360.com Open in urlscan Pro 36.110.234.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

48 %IPv6

18 Domains

26 Subdomains

19 IPs

5 Countries

3326 kBTransfer

4303 kBSize

0 Cookies

21 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

blog.netlab.360.com Open in urlscan Pro
36.110.234.55 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

48 %
IPv6

18
Domains

26
Subdomains

19
IPs

5
Countries

3326 kB
Transfer

4303 kB
Size

0
Cookies

64 HTTP transactions
1 data transactions