threatprotect.qualys.com
Open in
urlscan Pro
35.230.125.173
Public Scan
URL:
https://threatprotect.qualys.com/2023/12/08/apache-struts2-remote-code-execution-vulnerability-cve-2023-50164/
Submission: On December 13 via api from ZA — Scanned from DE
Submission: On December 13 via api from ZA — Scanned from DE
Summary
This website contacted 21 IPs
in 4 countries
across 18 domains to perform 45 HTTP transactions.
The main IP is 35.230.125.173, located in
The Dalles, United States and
belongs to GOOGLE-CLOUD-PLATFORM, US.
The main domain is threatprotect.qualys.com.
TLS certificate: Issued by R3 on December 10th 2023. Valid for: 3 months.
This is the only time threatprotect.qualys.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on December 10th 2023. Valid for: 3 months.
This is the only time threatprotect.qualys.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
12
35.230.125.173
(The Dalles, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.125.230.35.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.125.230.35.bc.googleusercontent.com
| threatprotect.qualys.com |
2
2a00:1450:4001:80f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
7
18.245.78.35
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-245-78-35.fra60.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-245-78-35.fra60.r.cloudfront.net
| d1uyme8f6ss6qi.cloudfront.net |
2
2a02:26f0:3500:16::215:1484
(Frankfurt am Main, Germany)
ASN20940 (AKAMAI-ASN1, NL)
ASN20940 (AKAMAI-ASN1, NL)
| snap.licdn.com |
2
104.64.124.188
(Prague, Czech Republic)
ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com
| munchkin.marketo.net |
2
34.96.102.137
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com
| dev.visualwebsiteoptimizer.com |
5
2620:1ec:21::14
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| px.ads.linkedin.com | |
| www.linkedin.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 12 |
qualys.com
threatprotect.qualys.com |
93 KB |
| 7 |
cloudfront.net
d1uyme8f6ss6qi.cloudfront.net |
258 KB |
| 6 |
linkedin.com
4 redirects
px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419 |
5 KB |
| 4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189 |
21 KB |
| 2 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 2954 |
2 KB |
| 2 |
marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3659 |
7 KB |
| 2 |
licdn.com
snap.licdn.com — Cisco Umbrella Rank: 763 |
16 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36 |
174 KB |
| 2 |
wp.com
stats.wp.com — Cisco Umbrella Rank: 2814 pixel.wp.com — Cisco Umbrella Rank: 2796 |
3 KB |
| 1 |
geoip-js.com
geoip-js.com — Cisco Umbrella Rank: 15399 |
964 B |
| 1 |
mktoresp.com
797-eni-742.mktoresp.com — Cisco Umbrella Rank: 495707 |
318 B |
| 1 |
google.de
www.google.de — Cisco Umbrella Rank: 6765 |
408 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
408 B |
| 1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2843 |
212 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75 |
355 B |
| 1 |
maxmind.com
js.maxmind.com — Cisco Umbrella Rank: 27538 |
1 KB |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204 |
28 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
914 B |
| 45 | 18 |
| Domain | Requested by | |
|---|---|---|
| 12 | threatprotect.qualys.com |
threatprotect.qualys.com
|
| 7 | d1uyme8f6ss6qi.cloudfront.net |
threatprotect.qualys.com
|
| 4 | px.ads.linkedin.com |
3 redirects
snap.licdn.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com threatprotect.qualys.com |
| 2 | dev.visualwebsiteoptimizer.com |
threatprotect.qualys.com
|
| 2 | munchkin.marketo.net |
www.googletagmanager.com
munchkin.marketo.net |
| 2 | snap.licdn.com |
www.googletagmanager.com
snap.licdn.com |
| 2 | www.googletagmanager.com |
threatprotect.qualys.com
www.googletagmanager.com |
| 1 | geoip-js.com |
js.maxmind.com
|
| 1 | 797-eni-742.mktoresp.com |
munchkin.marketo.net
|
| 1 | www.google.de |
threatprotect.qualys.com
|
| 1 | www.google.com |
threatprotect.qualys.com
|
| 1 | api.ipify.org |
threatprotect.qualys.com
|
| 1 | px4.ads.linkedin.com |
threatprotect.qualys.com
|
| 1 | www.linkedin.com | 1 redirects |
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | region1.google-analytics.com |
www.googletagmanager.com
|
| 1 | js.maxmind.com |
www.googletagmanager.com
|
| 1 | pixel.wp.com |
threatprotect.qualys.com
|
| 1 | stats.wp.com |
threatprotect.qualys.com
|
| 1 | cdnjs.cloudflare.com |
threatprotect.qualys.com
|
| 1 | fonts.googleapis.com |
threatprotect.qualys.com
|
| 45 | 22 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| lists.apache.org |
| cwiki.apache.org |
| www.openwall.com |
| www.qualys.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| threatprotect.qualys.com R3 |
2023-12-10 - 2024-03-09 |
3 months | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
| *.wp.com Sectigo ECC Domain Validation Secure Server CA |
2023-11-28 - 2024-12-28 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
| snap.licdn.com DigiCert SHA2 Secure Server CA |
2023-02-01 - 2024-01-31 |
a year | crt.sh |
| *.marketo.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-06 - 2024-02-05 |
a year | crt.sh |
| *.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2023-07-06 - 2024-07-06 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| *.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
| *.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-07 - 2024-10-07 |
a year | crt.sh |
| www.linkedin.com DigiCert SHA2 Secure Server CA |
2023-11-03 - 2024-05-03 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://threatprotect.qualys.com/2023/12/08/apache-struts2-remote-code-execution-vulnerability-cve-2023-50164/
Frame ID: D0D93F95A6EDBDAD4B1DD61B72035249
Requests: 45 HTTP requests in this frame
Screenshot
Page Title
Apache Struts2 Remote Code Execution Vulnerability (CVE-2023-50164) – Qualys ThreatPROTECTDetected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Linkedin Insight Tag
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Marketo
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj
Title: Apache Struts2 Security Advisory
Title: Apache Struts2 Security Advisory
Search URL Search Domain Scan URL
URL: https://cwiki.apache.org/confluence/display/WW/S2-066
Title: https://cwiki.apache.org/confluence/display/WW/S2-066
Title: https://cwiki.apache.org/confluence/display/WW/S2-066
Search URL Search Domain Scan URL
URL: https://www.openwall.com/lists/oss-security/2023/12/07/1
Title: https://www.openwall.com/lists/oss-security/2023/12/07/1
Title: https://www.openwall.com/lists/oss-security/2023/12/07/1
Search URL Search Domain Scan URL
URL: https://www.qualys.com/company/privacy/
Title: privacy policy
Title: privacy policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 34- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3605201&time=1702451642572&url=https%3A%2F%2Fthreatprotect.qualys.com%2F2023%2F12%2F08%2Fapache-struts2-remote-code-execution-vulnerability-cve-2023-50164%2F HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3605201&time=1702451642572&url=https%3A%2F%2Fthreatprotect.qualys.com%2F2023%2F12%2F08%2Fapache-struts2-remote-code-execution-vulnerability-cve-2023-50164%2F&cookiesTest=true HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3605201%26time%3D1702451642572%26url%3Dhttps%253A%252F%252Fthreatprotect.qualys.com%252F2023%252F12%252F08%252Fapache-struts2-remote-code-execution-vulnerability-cve-2023-50164%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3605201&time=1702451642572&url=https%3A%2F%2Fthreatprotect.qualys.com%2F2023%2F12%2F08%2Fapache-struts2-remote-code-execution-vulnerability-cve-2023-50164%2F&cookiesTest=true&liSync=true HTTP 302
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3605201&time=1702451642572&url=https%3A%2F%2Fthreatprotect.qualys.com%2F2023%2F12%2F08%2Fapache-struts2-remote-code-execution-vulnerability-cve-2023-50164%2F&cookiesTest=true&liSync=true&e_ipv6=AQJA5wla7UoTeQAAAYxiBoKgEwQTwOwPmVn3xAfrOsLsfCqzUJ0OBjywOCSCRH6cJnbHJ6LdY5k8smJn9EtJ9FIl9uypiQ
45 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
threatprotect.qualys.com/2023/12/08/apache-struts2-remote-code-execution-vulnerability-cve-2023-50164/ |
34 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
threatprotect.qualys.com/wp-includes/css/dist/block-library/ |
107 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mediaelementplayer-legacy.min.css
threatprotect.qualys.com/wp-includes/js/mediaelement/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-mediaelement.min.css
threatprotect.qualys.com/wp-includes/js/mediaelement/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 914 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
genericons.css
threatprotect.qualys.com/wp-content/plugins/jetpack/_inc/genericons/genericons/ |
28 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.css
threatprotect.qualys.com/wp-content/themes/threatprotect/ |
77 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jetpack.css
threatprotect.qualys.com/wp-content/plugins/jetpack/css/ |
99 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ |
87 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
skip-link-focus-fix.js
threatprotect.qualys.com/wp-content/themes/threatprotect/js/ |
1 KB 795 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
comment-reply.min.js
threatprotect.qualys.com/wp-includes/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
functions.js
threatprotect.qualys.com/wp-content/themes/threatprotect/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e-202350.js
stats.wp.com/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
akismet-frontend.js
threatprotect.qualys.com/wp-content/plugins/akismet/_inc/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET BLOB |
47568bfb-4c72-4974-80f5-fc456d860d2a
https://threatprotect.qualys.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
250 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gotham-book.woff2
d1uyme8f6ss6qi.cloudfront.net/font/ |
40 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gotham-bold.woff2
d1uyme8f6ss6qi.cloudfront.net/font/ |
38 KB 39 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gotham-medium.woff2
d1uyme8f6ss6qi.cloudfront.net/font/ |
40 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gotham-light.woff2
d1uyme8f6ss6qi.cloudfront.net/font/ |
39 KB 40 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
caecilia-lt-pro-55-roman.woff2
d1uyme8f6ss6qi.cloudfront.net/font/ |
31 KB 32 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
caecilia-lt-pro-75-bold.woff2
d1uyme8f6ss6qi.cloudfront.net/font/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
caecilia-lt-pro-76-bold-italic.woff2
d1uyme8f6ss6qi.cloudfront.net/font/ |
32 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
g.gif
pixel.wp.com/ |
50 B 153 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
268 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.min.js
snap.licdn.com/li.lms-analytics/ |
1 KB 807 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
geoip2.js
js.maxmind.com/js/apis/geoip2/v2.1/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 260 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 142 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 215 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ |
42 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 355 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
px4.ads.linkedin.com/ Redirect Chain
|
0 267 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
munchkin.js
munchkin.marketo.net/163/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
/
api.ipify.org/ |
38 B 212 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-emoji-release.min.js
threatprotect.qualys.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
visitWebPage
797-eni-742.mktoresp.com/webevents/ |
2 B 318 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
me
geoip-js.com/geoip/v2.1/country/ |
764 B 964 B |
XHR
application/vnd.maxmind.com-country+json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
px.ads.linkedin.com/wa/ |
0 201 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| _wpemojiSettings function| $ function| jQuery object| dataLayer object| screenReaderText object| _stq function| st_go function| linktracker_init object| wpcom object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id number| settings_timer number| _vwo_settings_timer object| _vwo_code object| addComment function| onYouTubeIframeAPIReady object| gaGlobal undefined| vwo_e number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue number| _vwo_acc_id object| gaplugins object| gaData function| lintrk boolean| _already_called_lintrk function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| geoip2 function| ipifyCallback object| MunchkinTracker object| twemoji object| wp object| ORIBILI16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .qualys.com/ | Name: leadsource Value: 85585 |
|
| .threatprotect.qualys.com/ | Name: _vwo_uuid_v2 Value: DA0E3E868520B61E63410A8020DB3BFC7|b7d5a0274021a9226d287c2c9f5a53f4 |
|
| .qualys.com/ | Name: _ga Value: GA1.2.1212610138.1702451642 |
|
| .qualys.com/ | Name: _gid Value: GA1.2.1949891639.1702451643 |
|
| .qualys.com/ | Name: _gat_UA-5639091-1 Value: 1 |
|
| .qualys.com/ | Name: _mkto_trk Value: id:797-ENI-742&token:_mch-qualys.com-1702451642654-55076 |
|
| .linkedin.com/ | Name: li_sugr Value: 27fb0c03-c911-498e-ac67-12cd4773681a |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&6db8ba2e-9082-469e-8c4e-8dc03a626b23" |
|
| .linkedin.com/ | Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2741:u=1:x=1:i=1702451642:t=1702538042:v=2:sig=AQGf26Se30HSmybjVLk1i_rxSNYMxQKS" |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQJqFm6e6sF7FQAAAYxiBoGpu36Y61qOBHvM814Yzv_XpttaRGjyI-IjFcAZYjWFNZ_NSBv09lCFZA |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQIFbqVFcPpyWgAAAYxiBoGpe4BAHFV1gal77eMesC46v2TWIdCODljUf6t-rqjohmWB2oII0luHNEu1Txj9AA |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&202312130714023094977b-a6d5-4cd2-84fa-ff4ec5803045AQEVpxiNk8hp8glMtG8EHHRmeEdU6tlL" |
|
| .linkedin.com/ | Name: li_gc Value: MTswOzE3MDI0NTE2NDI7MjswMjGQQ1sS/QWy9lBIP2PNIGsQg+b2klhOoQPGZo7d+Guktg== |
|
| .threatprotect.qualys.com/ | Name: _ga Value: GA1.3.1212610138.1702451642 |
|
| .threatprotect.qualys.com/ | Name: _gid Value: GA1.3.1949891639.1702451643 |
|
| .qualys.com/ | Name: _ga_3RJMG209BM Value: GS1.1.1702451642.1.0.1702451643.0.0.0 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | block-all-mixed-content; frame-ancestors 'self' qualys.com *.qualys.com; |
| Strict-Transport-Security | max-age=15778476 |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
797-eni-742.mktoresp.com
api.ipify.org
cdnjs.cloudflare.com
d1uyme8f6ss6qi.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
geoip-js.com
js.maxmind.com
munchkin.marketo.net
pixel.wp.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
snap.licdn.com
stats.g.doubleclick.net
stats.wp.com
threatprotect.qualys.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
104.237.62.212
104.64.124.188
13.107.42.14
18.245.78.35
192.0.76.3
192.28.147.68
2001:4860:4802:32::36
2001:4860:4802:38::178
2606:4700:4400::6812:216e
2606:4700:7::a29f:8616
2606:4700::6811:180e
2620:1ec:21::14
2a00:1450:4001:802::2004
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9b
2a02:26f0:3500:16::215:1484
34.96.102.137
35.230.125.173
0af4cea7d0b9eeb9f28897580823c4e59d5a53d8da4f2b3a282e8313b95a2375
0ff098e4f46d0ce132a4b5b2aeb46511fabc66902b69c27b7f0f1e0101e85e19
140fed760d6de7f1c5efce0cef65126c2b368f7354c2f8334bc978d63b899835
1932cc11785da21be8e09b14573a3a3545e3e725ecc9cac81e2d5b66b6fcd85d
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
3309103ad665897d5aaaaf67fe4a5af8d493491481ab773db70d2f3d42b32b0a
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45556b0961111a978c99204ba48a1dccaf91b65a962cbb0dbb8cf7b4977b5099
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
548b5c7135023d9d3b1f25d0ea62aba3f6288c6475fa8473469b50c0c663d473
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
573591c00b0af42cd43b84d39edace78876c20245d8aff820cc656b2555e2f03
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
694504a142df2c66135ea0eb38d171906197fb0573cebc8376da1fc9cd3d1849
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a360e4e3e7c65709b0ffefc54e4f116ea6d8c9909e68ff4578284ebaf07c5f1
6d4083520c18bfdcdffb319248525ebf8f1a547326e10c02e6a0ed0b1722ae9a
7313da4a164ef6d375d0919efb4592a24d585f6936ea7a54e7923e6695bd0ea4
75fc5cc378127a29198195ea4a5cfecf2cb0864f4f910bec18267c121cb9edf6
7981d538d676f95c1c81b4818fc9501938641d8638b3687a2217855c2b2235fe
7c09be25314ff9962f997cd884e0654ed86419f78e9b427e1e2492384bacaa80
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
94a96a4fc313fe6dfba290ed6bc0e802eaab40810e59032a06f6774553b1c6ae
9d59318dbc0445735297ba2e769e2bc60358a0abfafe66f503ddc0a09610c28b
a438b3447a257aad3164ad9a5aacbe0db5b8b5d3830b2a5bcb97f12a23281620
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7c10e1d29b1c01024a711b8de32fdd43cc01cd4ca9d3bc3037d825b7d908dd
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b0e2a3800f73c56a4dc78562fc32130a8eec6887982d10e6a5dcf6497969c6
f7ba491af4540f6726c5d1dbca0bb9c72ff15b4cefef98ed2b6aeb3372f49703
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e