blog.scrt.ch
Open in
urlscan Pro
2606:4700:3032::6815:1d23
Public Scan
Submission: On March 29 via manual from JP — Scanned from JP
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 24th 2022. Valid for: a year.
This is the only time blog.scrt.ch was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
20 | 2606:4700:303... 2606:4700:3032::6815:1d23 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2404:6800:400... 2404:6800:4004:811::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2404:6800:400... 2404:6800:4004:824::2003 | 15169 (GOOGLE) (GOOGLE) | |
2 | 192.0.77.48 192.0.77.48 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
26 | 5 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
scrt.ch
blog.scrt.ch |
296 KB |
3 |
gstatic.com
fonts.gstatic.com |
57 KB |
2 |
w.org
s.w.org — Cisco Umbrella Rank: 1855 |
2 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
2 KB |
26 | 4 |
Domain | Requested by | |
---|---|---|
20 | blog.scrt.ch |
blog.scrt.ch
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | s.w.org |
blog.scrt.ch
|
1 | fonts.googleapis.com |
blog.scrt.ch
|
26 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
github.com |
en.wikipedia.org |
clang.llvm.org |
twitter.com |
mathworld.wolfram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-24 - 2023-05-24 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-06 - 2023-05-29 |
3 months | crt.sh |
*.w.org Sectigo ECC Domain Validation Secure Server CA |
2022-12-06 - 2024-01-06 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://blog.scrt.ch/2020/06/19/engineering-antivirus-evasion/
Frame ID: EA9980E9096B0F137EA0840703393D0C
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
Engineering antivirus evasion – Sec Team BlogDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Lightbox (JavaScript Libraries) Expand
Detected patterns
- lightbox(?:-plus-jquery)?.{0,32}\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
Title: https://github.com/scrt/avcleaner
Search URL Search Domain Scan URL
Title: c/meterpreter/source/extensions/extapi/extapi.c
Search URL Search Domain Scan URL
Title: https://en.wikipedia.org/wiki/Abstract_syntax_tree
Search URL Search Domain Scan URL
Title: ASTMatcher
Search URL Search Domain Scan URL
Title: MatchResult
Search URL Search Domain Scan URL
Title: clang::ast_matchers::MatchFinder::MatchCallback
Search URL Search Domain Scan URL
Title: clang::Rewriter
Search URL Search Domain Scan URL
Title: getNodeAs
Search URL Search Domain Scan URL
Title: CallExpr
Search URL Search Domain Scan URL
Title: InitListExpr
Search URL Search Domain Scan URL
Title: ReplaceText
Search URL Search Domain Scan URL
Title: FunctionDecl
Search URL Search Domain Scan URL
Title: VarDecl
Search URL Search Domain Scan URL
Title: @1mm0rt411
Search URL Search Domain Scan URL
Title: @TheColonial
Search URL Search Domain Scan URL
Title: https://mathworld.wolfram.com/RicesTheorem.html
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
blog.scrt.ch/2020/06/19/engineering-antivirus-evasion/ |
71 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
blog.scrt.ch/wp-includes/css/dist/block-library/ |
93 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
classic-themes.min.css
blog.scrt.ch/wp-includes/css/ |
217 B 485 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foobox.free.min.css
blog.scrt.ch/wp-content/plugins/foobox-image-lightbox/free/css/ |
29 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
20 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
genericons.css
blog.scrt.ch/wp-content/themes/scrt/genericons/ |
27 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
blog.scrt.ch/wp-content/themes/scrt/ |
95 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytprefs.min.css
blog.scrt.ch/wp-content/plugins/youtube-embed-plus/styles/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
blog.scrt.ch/wp-includes/js/jquery/ |
88 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
blog.scrt.ch/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foobox.free.min.js
blog.scrt.ch/wp-content/plugins/foobox-image-lightbox/free/js/ |
98 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ytprefs.min.js
blog.scrt.ch/wp-content/plugins/youtube-embed-plus/scripts/ |
13 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prettify.css
blog.scrt.ch/wp-content/plugins/code-prettify/prettify/ |
771 B 621 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-scrt.png
blog.scrt.ch/wp-content/uploads/2016/01/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-emoji-release.min.js
blog.scrt.ch/wp-includes/js/ |
18 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
LLVMCompiler1.png
blog.scrt.ch/wp-content/uploads/2020/06/ |
21 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
run_prettify.js
blog.scrt.ch/wp-content/plugins/code-prettify/prettify/ |
18 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
skip-link-focus-fix.js
blog.scrt.ch/wp-content/themes/scrt/js/ |
727 B 960 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
functions.js
blog.scrt.ch/wp-content/themes/scrt/js/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fitvids.min.js
blog.scrt.ch/wp-content/plugins/youtube-embed-plus/scripts/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ |
12 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
QlddNThLqRwH-OJ1UHjlKENVzkWGVkL3GZQmAwLyya15.woff2
fonts.gstatic.com/s/inconsolata/v31/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
45n9vu.jpg
blog.scrt.ch/wp-content/uploads/2020/06/ |
95 KB 95 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f609.svg
s.w.org/images/core/emoji/14.0.0/svg/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1f61b.svg
s.w.org/images/core/emoji/14.0.0/svg/ |
665 B 725 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery object| FOOBOX object| FooBox object| _EPYT_ object| _EPADashboard_ function| onYouTubeIframeAPIReady string| codePrettifyLoaderBaseUrl boolean| PR_SHOULD_USE_CONTINUATION object| PR object| screenReaderText object| twemoji object| wp function| epdofitvids0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=63072000; includeSubdomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1;mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blog.scrt.ch
fonts.googleapis.com
fonts.gstatic.com
s.w.org
192.0.77.48
2404:6800:4004:811::200a
2404:6800:4004:824::2003
2606:4700:3032::6815:1d23
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
10765865e03a12890cf5546f3e3828a3ba743f8116d5f438a71bc105e93f5faa
1ebb59bb8897b36e178e6d5ad747440a17877c52b03dc5ff5d211e721b43f77a
1f592c1248f3224a2adddaa84e9ec8c8e7ed7a7bcf0913e658534eeb1dd5fe00
2468609517599c10415c9c9b65024cf697b747dbb837d07d0ea12130f224c65f
2dbf655761eece562032574c2864edf4ba50a3c37b2bc771ea564ff4061c3172
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5d5476afa39f08490e9c4e1844eb25fd5c1fd71169e360b44e1398ee5ecece40
6c9e9bd4e992b05389236894daba31e34cc03e95c1dcb18fdb229087df1606c6
801e577c5160243b91d1df7daa24ffa34d21470929810e1b755e4663794fcb21
86600d3f1d065fa942ce6c413193f8428af30123aba9274b6078f743b04151e7
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8ca8a4feeb61ae9e7c5b6dc7a7918cf9c214c601be52f73231bb20cec8861c00
9dc8ce8b5f8200d37b7434c106df70011a64a37a4ea31b5485dd0a3feae40798
a29c4fd82afd9f61263a0f7a2ed0ec5d307e2a454d2182a721844b14b37500fa
a5103a474ded8b7a0bc46fd6e42bf2814b81acb2322a7aa3d4cda40ff4d8f04e
a888921054db01c3913c8127d5a4dd01132808311c2de04f16d64977f7a96515
b30c516aff39ef95f92f376ef8388501caaf2b964a6e25b540bd9a024388c389
b44b18e9a6cced6ba24a25855c23095283dba1ddfad87bc68859d87463eac07f
b5df5c8ea5019f4f1c8d162fa037b9be2fa6b1347d9553bfed77558e6b37c878
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c99b9b0e6f18e2095f1552d926fbb566e5cd18b3867672d84689ca97a69b9479
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a