swarm.ptsecurity.com
Open in
urlscan Pro
217.73.60.13
Public Scan
Submission: On July 04 via api from TR — Scanned from DE
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on July 26th 2023. Valid for: a year.
This is the only time swarm.ptsecurity.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
16 | 217.73.60.13 217.73.60.13 | 51219 (CROC_INC) (CROC_INC) | |
2 | 2a00:1450:400... 2a00:1450:4001:82f::2008 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42::485 2a04:4e42::485 | 54113 (FASTLY) (FASTLY) | |
2 | 2a00:1450:400... 2a00:1450:4001:831::2003 | 15169 (GOOGLE) (GOOGLE) | |
6 13 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
2 | 2a00:1450:400... 2a00:1450:4001:828::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2001:4860:480... 2001:4860:4802:34::36 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:400c:c1d::9b | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.217.18.3 172.217.18.3 | 15169 (GOOGLE) (GOOGLE) | |
1 | 172.217.16.196 172.217.16.196 | 15169 (GOOGLE) (GOOGLE) | |
38 | 12 |
ASN51219 (CROC_INC, RU)
PTR: c2-217-73-60-13.elastic.cloud.croc.ru
swarm.ptsecurity.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13238 (YANDEX, RU)
mc.yandex.ru | |
mc.webvisor.org | |
mc.yandex.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f196.1e100.net
www.google.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
ptsecurity.com
swarm.ptsecurity.com |
2 MB |
9 |
yandex.ru
4 redirects
mc.yandex.ru — Cisco Umbrella Rank: 3382 |
7 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 8088 |
126 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136 |
408 B |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5 |
63 B |
2 |
yandex.com
1 redirects
mc.yandex.com — Cisco Umbrella Rank: 8749 |
894 B |
2 |
webvisor.org
1 redirects
mc.webvisor.org — Cisco Umbrella Rank: 25201 |
1005 B |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71 |
21 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81 |
166 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381 |
81 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
1 KB |
38 | 12 |
Domain | Requested by | |
---|---|---|
16 | swarm.ptsecurity.com |
swarm.ptsecurity.com
|
9 | mc.yandex.ru |
4 redirects
swarm.ptsecurity.com
cdn.jsdelivr.net |
2 | www.google.de |
swarm.ptsecurity.com
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | mc.yandex.com |
1 redirects
swarm.ptsecurity.com
|
2 | mc.webvisor.org |
1 redirects
swarm.ptsecurity.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | www.googletagmanager.com |
swarm.ptsecurity.com
www.googletagmanager.com |
1 | www.google.com |
swarm.ptsecurity.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | cdn.jsdelivr.net |
swarm.ptsecurity.com
|
1 | fonts.googleapis.com |
swarm.ptsecurity.com
|
38 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
twitter.com |
github.com |
airbus-seclab.github.io |
www.compass-security.com |
zolder.io |
www.blackhat.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.ptsecurity.com GlobalSign RSA OV SSL CA 2018 |
2023-07-26 - 2024-08-25 |
a year | crt.sh |
*.google-analytics.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.gstatic.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
mc.yandex.ru GlobalSign ECC OV SSL CA 2018 |
2024-05-23 - 2024-11-02 |
5 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.google.de WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
*.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://swarm.ptsecurity.com/inside-xerox-workcentre-two-unauthenticated-rces/
Frame ID: 4712DFE9C44D2269FA8249F38BC52D3C
Requests: 38 HTTP requests in this frame
Frame:
https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 6BF4365AE8D7CCCADE7C5614026925D7
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Inside Xerox WorkCentre: Two Unauthenticated RCEs – PT SWARMDetected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: Follow @ptswarm
Search URL Search Domain Scan URL
Title: _mohemiv
Search URL Search Domain Scan URL
Title: musl-cross-make
Search URL Search Domain Scan URL
Title: https://airbus-seclab.github.io/xerox/INFILTRATE2020-RIGO-Xerox-final.pdf
Search URL Search Domain Scan URL
Title: https://www.compass-security.com/fileadmin/Research/Advisories/2021-04_CSNC-2021-002_OS_command_injection_RCE_in_Xerox_WorkCentre.txt
Search URL Search Domain Scan URL
Title: https://zolder.io/decrypt-passwords-from-xerox-workcentre-config-backups/
Search URL Search Domain Scan URL
Title: https://www.blackhat.com/presentations/bh-usa-06/BH-US-06-OConnor.pdf
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fswarm.ptsecurity.com%2Finside-xerox-workcentre-two-unauthenticated-rces%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3Abyif4b2t06iipg89gn11z5uwnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A2%3Adp%3A0%3Als%3A1593053267459%3Ahid%3A189973163%3Az%3A120%3Ai%3A20240704041228%3Aet%3A1720059148%3Ac%3A1%3Arn%3A855392912%3Arqn%3A1%3Au%3A1720059148887176552%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A916%3Awv%3A2%3Ads%3A0%2C244%2C100%2C55%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1720059146841%3Ast%3A1720059148&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(65536)ti(1) HTTP 302
- https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fswarm.ptsecurity.com%2Finside-xerox-workcentre-two-unauthenticated-rces%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3Abyif4b2t06iipg89gn11z5uwnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A2%3Adp%3A0%3Als%3A1593053267459%3Ahid%3A189973163%3Az%3A120%3Ai%3A20240704041228%3Aet%3A1720059148%3Ac%3A1%3Arn%3A855392912%3Arqn%3A1%3Au%3A1720059148887176552%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A916%3Awv%3A2%3Ads%3A0%2C244%2C100%2C55%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1720059146841%3Ast%3A1720059148&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2865536%29ti%281%29&redirnss=1
- https://mc.yandex.ru/watch/66262255?wmode=7&page-url=https%3A%2F%2Fswarm.ptsecurity.com%2Finside-xerox-workcentre-two-unauthenticated-rces%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA)Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2t06iipg89gn11z5uwnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A595902169063%3Ahid%3A189973163%3Az%3A120%3Ai%3A20240704041228%3Aet%3A1720059148%3Ac%3A1%3Arn%3A247329704%3Arqn%3A1%3Au%3A1720059148887176552%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A916%3Awv%3A2%3Ads%3A0%2C244%2C100%2C55%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1720059146841%3Arqnl%3A1%3Ast%3A1720059148%3At%3AInside%20Xerox%20WorkCentre%3A%20Two%20Unauthenticated%20RCEs%20%E2%80%93%20PT%20SWARM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037568)ti(1) HTTP 302
- https://mc.yandex.ru/watch/66262255/1?wmode=7&page-url=https%3A%2F%2Fswarm.ptsecurity.com%2Finside-xerox-workcentre-two-unauthenticated-rces%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22126%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22126%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A126.0.6478.126%0Achl%0A%22Not%2FA%29Brand%22%3Bv%3D%228.0.0.0%22%2C%22Chromium%22%3Bv%3D%22126.0.6478.126%22%2C%22Google%20Chrome%22%3Bv%3D%22126.0.6478.126%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Abyif4b2t06iipg89gn11z5uwnz%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1382%3Acn%3A1%3Adp%3A0%3Als%3A595902169063%3Ahid%3A189973163%3Az%3A120%3Ai%3A20240704041228%3Aet%3A1720059148%3Ac%3A1%3Arn%3A247329704%3Arqn%3A1%3Au%3A1720059148887176552%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A916%3Awv%3A2%3Ads%3A0%2C244%2C100%2C55%2C1%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1720059146841%3Arqnl%3A1%3Ast%3A1720059148%3At%3AInside%20Xerox%20WorkCentre%3A%20Two%20Unauthenticated%20RCEs%20%E2%80%93%20PT%20SWARM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037568%29ti%281%29&redirnss=1
- https://mc.webvisor.org/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=10419.SSaQM15sgoIIfMGgMoCKzXp_0Wb3y41dGBwpRB4jAwgYg-YrphHRw-AYHIlrez0p.pMlVfPjTdgVOrRGLTeXcS2Yqvcc%2C HTTP 302
- https://mc.webvisor.org/sync_cookie_image_decide?token=10419.4RJSBiTMml4VV1Inuc5yAhuzfM70mqVZ3esTFl5fUVTAsPEF_Rf9bHgOi626DqXhTTx3m-bhyWTP6sjpXUQ6HGUk8KHr5nEUE0_hnvnO973uz3yR08jBguwxnEeURr3Vw6_QGvdx3-Qnf6drh6iP7bQuRpTmkWP3CdiGeSxucZlYVjfwvtc7kl4THh7fY6z4OcAV3-bY7PAicK2zx3zR67hnpArPKksH7zlPsN7i0gE%2C.g5RXCz5Np1tfIxfYc22dlXyNHTk%2C
- https://mc.yandex.com/sync_cookie_image_check HTTP 302
- https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10419.MSD8JfbIPsXfqmiivZhkKheZhBDkaXww9d4uSOpVuGg6mor4p1Yts13r-o_BboQQ.scj6or2ASKNFZ-4V-VwuDwrYDc4%2C HTTP 302
- https://mc.yandex.com/sync_cookie_image_decide?token=10419.2-PMHmmCGsTrUHzQ18MQqK3pft_hvbX4wOk-y15vCzWz7HnM-7c72euVynPdQGRKxFv4EjjSfm-t-ud8FzuckLusyD1Ew5UudmDcbxYguA_XWDBw8tPlIyWvvPIVXhQQIRJBAKqtwOCnYWKrygh_tdnlDzkrLfr__x2XFTb660k-F7z0tgH7kgsqNw8sTgbxb9pwvzBToQuQMQWFQ8W4QTgrAQZ_tKZBLFHBfkur2SM%2C.TujwbfvInTzKUI-NFxHGq6J-nWo%2C
38 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
swarm.ptsecurity.com/inside-xerox-workcentre-two-unauthenticated-rces/ |
35 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
swarm.ptsecurity.com/wp-includes/css/dist/block-library/ |
111 KB 111 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
5a397f57-1108-47da-a086-f73fd3afbee0
https://swarm.ptsecurity.com/ |
1 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
swarm.ptsecurity.com/wp-content/themes/swarm-2/ |
100 KB 100 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
swarm.ptsecurity.com/wp-includes/js/jquery/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
swarm.ptsecurity.com/wp-includes/js/jquery/ |
13 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
209 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f43178ab-xerox-preview-3.png
swarm.ptsecurity.com/wp-content/uploads/2024/06/ |
299 KB 299 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foto_arseniy-150x150.jpg
swarm.ptsecurity.com/wp-content/uploads/2020/07/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8da0f7b2-Screenshot-from-2024-06-03-19-33-36.png
swarm.ptsecurity.com/wp-content/uploads/2024/06/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9dc7e123-WorkCentre_firmware.png
swarm.ptsecurity.com/wp-content/uploads/2024/06/ |
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2b48fd27-templates.png
swarm.ptsecurity.com/wp-content/uploads/2024/06/ |
45 KB 45 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.js
swarm.ptsecurity.com/wp-content/themes/swarm-2/js/ |
990 KB 992 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ |
215 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
822 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter.svg
swarm.ptsecurity.com/wp-content/themes/swarm-2/img/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tag.svg
swarm.ptsecurity.com/wp-content/themes/swarm-2/img/ |
281 B 509 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/3/ Redirect Chain
|
284 B 433 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1
mc.yandex.ru/watch/66262255/ Redirect Chain
|
490 B 654 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 662 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
swarm.ptsecurity.com/wp-includes/js/ |
18 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre-controls.svg
swarm.ptsecurity.com/wp-content/themes/swarm-2/img/ |
440 B 668 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
257 KB 90 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.webvisor.org/ Redirect Chain
|
43 B 506 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync_cookie_image_decide
mc.yandex.com/ Redirect Chain
|
43 B 492 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metrika_match.html
mc.yandex.ru/metrika/ Frame 6BF4 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 210 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 151 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.com/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ga-audiences
www.google.de/ads/ |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon-1.png
swarm.ptsecurity.com/wp-content/uploads/2020/06/ |
1 KB 1 KB |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
66262255
mc.yandex.ru/webvisor/ |
43 B 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer function| ym object| Ya object| yaCounter66262255 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| twemoji object| wp object| gaGlobal object| gaplugins object| gaData29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.ptsecurity.com/ | Name: _ym_uid Value: 1720059148887176552 |
|
.ptsecurity.com/ | Name: _ym_d Value: 1720059148 |
|
.yandex.ru/ | Name: ymex Value: 1751595148.yrts.1720059148#1751595148.yrtsi.1720059148 |
|
.yandex.ru/ | Name: receive-cookie-deprecation Value: 1 |
|
mc.yandex.ru/ | Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg== |
|
.yandex.ru/ | Name: yashr Value: 171263971720059148 |
|
mc.yandex.ru/ | Name: yabs-sid Value: 2519431961720059148 |
|
.yandex.ru/ | Name: i Value: 31Z07KJR53in1GbtBU9NNL6mlMAXE2gCkol6BcHz3F5SOJjNThoC0RQqFmadOpv+Ux1ZPCK+WM9O87I7BqJ/2CDFZTU= |
|
.yandex.ru/ | Name: yandexuid Value: 427163521720059148 |
|
.yandex.ru/ | Name: yuidss Value: 427163521720059148 |
|
.yandex.ru/ | Name: bh Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI2IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI2IhoFIng4NiIiECIxMjYuMC42NDc4LjEyNiIqAj8wOgciV2luMzIiQggiMTAuMC4wIkoEIjY0IlJbIk5vdC9BKUJyYW5kIjt2PSI4LjAuMC4wIiwiQ2hyb21pdW0iO3Y9IjEyNi4wLjY0NzguMTI2IiwiR29vZ2xlIENocm9tZSI7dj0iMTI2LjAuNjQ3OC4xMjYiIg== |
|
.ptsecurity.com/ | Name: _ym_isad Value: 2 |
|
.ptsecurity.com/ | Name: _ga_H7H949MN0Q Value: GS1.1.1720059149.1.0.1720059149.60.0.0 |
|
.mc.yandex.com/ | Name: sync_cookie_csrf Value: 3600027358fake |
|
mc.yandex.com/ | Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg== |
|
.mc.webvisor.org/ | Name: sync_cookie_csrf Value: 2731291115fake |
|
mc.webvisor.org/ | Name: bh Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI2IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjYiKgI/MDoHIldpbjMyIg== |
|
.ptsecurity.com/ | Name: _ga Value: GA1.2.359188219.1720059150 |
|
.ptsecurity.com/ | Name: _gid Value: GA1.2.944047195.1720059150 |
|
.yandex.com/ | Name: yandexuid Value: 427163521720059148 |
|
.yandex.com/ | Name: yuidss Value: 427163521720059148 |
|
.yandex.com/ | Name: i Value: 31Z07KJR53in1GbtBU9NNL6mlMAXE2gCkol6BcHz3F5SOJjNThoC0RQqFmadOpv+Ux1ZPCK+WM9O87I7BqJ/2CDFZTU= |
|
.mc.yandex.com/ | Name: sync_cookie_ok Value: synced |
|
.ptsecurity.com/ | Name: _gat_gtag_UA_171997764_1 Value: 1 |
|
.mc.yandex.ru/ | Name: sync_cookie_csrf Value: 3600196905fake |
|
.webvisor.org/ | Name: yandexuid Value: 427163521720059148 |
|
.webvisor.org/ | Name: yuidss Value: 427163521720059148 |
|
.webvisor.org/ | Name: i Value: 31Z07KJR53in1GbtBU9NNL6mlMAXE2gCkol6BcHz3F5SOJjNThoC0RQqFmadOpv+Ux1ZPCK+WM9O87I7BqJ/2CDFZTU= |
|
.mc.webvisor.org/ | Name: sync_cookie_ok Value: synced |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=16070400 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
region1.analytics.google.com
stats.g.doubleclick.net
swarm.ptsecurity.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
172.217.16.196
172.217.18.3
2001:4860:4802:34::36
217.73.60.13
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c1d::9b
2a02:6b8::1:119
2a04:4e42::485
1400b2705331900795667d53d327c350dc18e339a04a808da6995b20cd9ad71a
1986eea8c70fca3e226fd3ba66762f1a6e56963175e78bb1cc25db98fff981e4
1b5d23f8cd6911531563fd1a27ee1b1e7c4bdc48fa0e08088dde732af1869a86
206fd6179c8a9cbfa45b8d275a96f67a428f8a2daa8af932ae686a3723757b62
315609eb744d7d7361c4576e8063bc63cef82585ad44ab25b2dd65d30e6b320a
3c491d42e9259fe282de149d60c4f1759a539622f2a7858dd25b73500cb76de7
3f492ec442241496bc55c2fa825db19ccb2a8e95e8fbe3b264c0122d027515a9
482aa087c533b802dc4e339f32221f6fb8d582038e9e632331d9964c567494c0
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
510d47804f2b24f1117280edfd4b5f36a5ebe64fbacb989a9ff4b60fb91f91f3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59d8ccaeb23d40e8dfc8f23c0465636a4cdaa394b31c00572dcad36158a6a2d2
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6a426b458cb0f29708ef76f88254b9b5cb28de999520e1342bd6410ed391cbdd
7496131a4690cdb91535798ada8dd5192f3c95b2fdee10917d69718e07a8d506
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
aa556ee36150dc881f08bfeb968a28e808209c6c9e11225ba6bb333a33cf82f9
bbb0d6c6710e55231df85ed671570f3fd2ce4e1fe6d53b65ae0c5abc038b86bb
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c24adeeb65775dbe72f7b05ea47f34d5d2eafdf90da11e370b8dd9257875c20f
c55252431f1f2d5dd74eb91318963c34e1570b0769ba4ea969dfa9bb99e4baf1
c883ab65a574df3139ff612466987141d975e68b3a40dbf0b7ce21a12e689210
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87e162fb126c1a250f1f50d224ba299f5ac5a17a731b99664ee6e07e5e5ab37
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615