seravo.com
Open in
urlscan Pro
2a01:4f9:4a:28a8::2
Public Scan
URL:
https://seravo.com/blog/0-day-vulnerability-in-wp-file-manager/
Submission: On September 12 via api from FR
Submission: On September 12 via api from FR
Summary
This website contacted 14 IPs
in 5 countries
across 12 domains to perform 47 HTTP transactions.
The main IP is 2a01:4f9:4a:28a8::2, located in
Germany and
belongs to HETZNER-AS, DE.
The main domain is seravo.com.
TLS certificate: Issued by Gandi Standard SSL CA 2 on August 31st 2020. Valid for: a year.
This is the only time seravo.com was scanned on urlscan.io!
TLS certificate: Issued by Gandi Standard SSL CA 2 on August 31st 2020. Valid for: a year.
This is the only time seravo.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 22 | 2a01:4f9:4a:2... 2a01:4f9:4a:28a8::2 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 2 | 23.111.9.35 23.111.9.35 | 33438 (HIGHWINDS2) (HIGHWINDS2) | |
| 1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81b::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2606:2800:234... 2606:2800:234:59:254c:406:2366:268c | 15133 (EDGECAST) (EDGECAST) | |
| 2 | 2a04:fa87:fff... 2a04:fa87:fffe::c000:4902 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:814::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81a::200e | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2a00:1450:400... 2a00:1450:4001:801::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 192.0.78.12 192.0.78.12 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
| 2 | 2a00:14c0:1:3... 2a00:14c0:1:307:aa51::151 | 35382 (CAPNOVA-AS) (CAPNOVA-AS) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:800::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 47 | 14 |
1
2a00:1450:4001:81b::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2a00:1450:4001:81a::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 22 |
seravo.com
seravo.com |
469 KB |
| 5 |
gstatic.com
fonts.gstatic.com www.gstatic.com |
189 KB |
| 4 |
twitter.com
platform.twitter.com |
31 KB |
| 3 |
google.com
www.google.com |
723 B |
| 2 |
seravo.fi
seravo-cspreports.seravo.fi |
912 B |
| 2 |
gravatar.com
secure.gravatar.com |
11 KB |
| 2 |
fontawesome.com
use.fontawesome.com |
74 KB |
| 1 |
wordpress.com
video.wordpress.com v0.wordpress.com Failed |
|
| 1 |
google-analytics.com
www.google-analytics.com |
18 KB |
| 1 |
googleapis.com
fonts.googleapis.com |
1 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com |
35 KB |
| 1 |
bootstrapcdn.com
netdna.bootstrapcdn.com |
3 KB |
| 47 | 12 |
| Domain | Requested by | |
|---|---|---|
| 22 | seravo.com |
seravo.com
|
| 4 | fonts.gstatic.com |
fonts.googleapis.com
|
| 4 | platform.twitter.com |
seravo.com
platform.twitter.com |
| 3 | www.google.com |
seravo.com
www.gstatic.com |
| 2 | seravo-cspreports.seravo.fi |
seravo.com
www.google-analytics.com |
| 2 | secure.gravatar.com |
seravo.com
|
| 2 | use.fontawesome.com |
seravo.com
use.fontawesome.com |
| 1 | www.gstatic.com |
www.google.com
|
| 1 | video.wordpress.com |
seravo.com
|
| 1 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 1 | fonts.googleapis.com |
seravo.com
|
| 1 | www.googletagmanager.com |
seravo.com
|
| 1 | netdna.bootstrapcdn.com |
seravo.com
|
| 0 | v0.wordpress.com Failed |
seravo.com
|
| 47 | 14 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.seravo.com Gandi Standard SSL CA 2 |
2020-08-31 - 2021-10-02 |
a year | crt.sh |
| *.fontawesome.com DigiCert SHA2 Secure Server CA |
2019-10-28 - 2020-12-23 |
a year | crt.sh |
| *.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
| *.twimg.com DigiCert SHA2 High Assurance Server CA |
2019-11-12 - 2020-11-18 |
a year | crt.sh |
| *.gravatar.com Sectigo RSA Domain Validation Secure Server CA |
2020-08-14 - 2022-11-16 |
2 years | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
| *.wordpress.com Sectigo RSA Domain Validation Secure Server CA |
2020-08-12 - 2022-11-14 |
2 years | crt.sh |
| *.seravo.fi Gandi Standard SSL CA 2 |
2019-02-22 - 2021-03-01 |
2 years | crt.sh |
| www.google.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
| *.google.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://seravo.com/blog/0-day-vulnerability-in-wp-file-manager/
Frame ID: 0546C2CBBB26775342A1724E2130EFB7
Requests: 42 HTTP requests in this frame
Frame:
https://video.wordpress.com/embed/riYXMp9Q?hd=1
Frame ID: 79B9C720C88A3BC31C13AE77C71F5AC8
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fseravo.com
Frame ID: 13F5552F28500284AE329AB83EAFE054
Requests: 1 HTTP requests in this frame
Frame:
https://platform.twitter.com/embed/index.html?creatorScreenName=Seravo&dnt=true&embedId=twitter-widget-0&frame=false&hideCard=false&hideThread=false&id=1300797170258505728&lang=en&origin=https%3A%2F%2Fseravo.com%2Fblog%2F0-day-vulnerability-in-wp-file-manager%2F&siteScreenName=Seravo&theme=light&widgetsVersion=219d021%3A1598982042171&width=500px
Frame ID: FE9BB48ABBDB9DF52F8D388A002F466A
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc-C3QUAAAAAH_R6XSL8oWMsI-uo-TdqqFzmM73&co=aHR0cHM6Ly9zZXJhdm8uY29tOjQ0Mw..&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=light&size=normal&cb=jw1ajggzp655
Frame ID: C85ADFE7A5E03B1D766CF0A02F62B662
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6Lc-C3QUAAAAAH_R6XSL8oWMsI-uo-TdqqFzmM73&cb=xko32m78sz9e
Frame ID: E54571052CA4C09610C1167E46157572
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Glyphicons
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
69 Outgoing links
These are links going to different origins than the main page.
URL: https://wp-palvelu.fi/
Title: FI
Title: FI
Search URL Search Domain Scan URL
URL: https://seravo.se/
Title: SV
Title: SV
Search URL Search Domain Scan URL
URL: https://en.wikipedia.org/wiki/Zero-day_(computing)
Title: 0-day
Title: 0-day
Search URL Search Domain Scan URL
URL: https://wordpress.org/plugins/wp-file-manager/
Title: WordPress plugin WP File Manager
Title: WordPress plugin WP File Manager
Search URL Search Domain Scan URL
URL: https://wpvulndb.com/
Title: WordPress security database wpvulndb.com
Title: WordPress security database wpvulndb.com
Search URL Search Domain Scan URL
URL: https://wpvulndb.com/vulnerabilities/10389
Title: security notice for WP File Manager < 6.9
Title: security notice for WP File Manager < 6.9
Search URL Search Domain Scan URL
URL: https://wordpress.org/plugins/wp-file-manager/advanced/
Title: this is the version distribution of WP File Manager active installations
Title: this is the version distribution of WP File Manager active installations
Search URL Search Domain Scan URL
URL: https://github.com/Studio-42/elFinder
Title: elFinder project
Title: elFinder project
Search URL Search Domain Scan URL
URL: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=2373068%40wp-file-manager%2Ftrunk&old=2372895%40wp-file-manager%2Ftrunk&sfp_email=&sfph_mail=
Title: version 6.9 of WP File Manager plugin fixes current issue by removing the endpoint which allowed unauthenticated access to file upload
Title: version 6.9 of WP File Manager plugin fixes current issue by removing the endpoint which allowed unauthenticated access to file upload
Search URL Search Domain Scan URL
URL: https://linuxnatives.net/2014/password-hygiene-every-mans-responsibility
Title: password hygiene
Title: password hygiene
Search URL Search Domain Scan URL
URL: http://fortiguard.com/threat-signal-report/3663/remote-code-execution-vulnerability-in-wordpress-file-manager-plugin
Title: Fortiguard
Title: Fortiguard
Search URL Search Domain Scan URL
URL: https://blog.nintechnet.com/critical-zero-day-vulnerability-fixed-in-wordpress-file-manager-700000-installations/
Title: Nintech: Critical zero-day vulnerability fixed in WordPress File Manager (700,000+ installations)
Title: Nintech: Critical zero-day vulnerability fixed in WordPress File Manager (700,000+ installations)
Search URL Search Domain Scan URL
URL: https://www.wordfence.com/blog/2020/09/700000-wordpress-users-affected-by-zero-day-vulnerability-in-file-manager-plugin/
Title: Wordfence: 700,000 WordPress Users Affected by Zero-Day Vulnerability in File Manager Plugin
Title: Wordfence: 700,000 WordPress Users Affected by Zero-Day Vulnerability in File Manager Plugin
Search URL Search Domain Scan URL
URL: https://www.jpcert.or.jp/newsflash/2020090301.html
Title: Japan
Title: Japan
Search URL Search Domain Scan URL
URL: https://cert.pa/2020/09/csirt-panama-aviso-3-09-2020-vulnerabilidad-dia-cero-para-wordpress-wp-file-manager/
Title: Panama
Title: Panama
Search URL Search Domain Scan URL
URL: https://csirt.cy/hackers-actively-exploiting-severe-bug-in-over-300k-wordpress-sites/
Title: Cyprys
Title: Cyprys
Search URL Search Domain Scan URL
URL: https://hotforsecurity.bitdefender.com/blog/wordpress-websites-attacked-via-file-manager-plugin-vulnerability-24048.html
Title: Graham Clueley Hot for Security blog
Title: Graham Clueley Hot for Security blog
Search URL Search Domain Scan URL
URL: https://arstechnica.com/information-technology/2020/09/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites/
Title: Ars Technica Hackers are exploiting a critical flaw affecting >350,000 WordPress sites
Title: Ars Technica Hackers are exploiting a critical flaw affecting >350,000 WordPress sites
Search URL Search Domain Scan URL
URL: https://www.bleepingcomputer.com/news/security/hackers-actively-exploiting-severe-bug-in-over-300k-wordpress-sites/
Title: Bleeping Computer.com: Hackers actively exploiting severe bug in over 300K WordPress sites
Title: Bleeping Computer.com: Hackers actively exploiting severe bug in over 300K WordPress sites
Search URL Search Domain Scan URL
URL: https://portswigger.net/daily-swig/wordpress-security-zero-day-flaw-in-file-manager-plugin-actively-exploited
Title: The Daily Swig: WordPress security: Zero-day flaw in File Manager plugin actively exploited
Title: The Daily Swig: WordPress security: Zero-day flaw in File Manager plugin actively exploited
Search URL Search Domain Scan URL
URL: https://www.zdnet.com/article/millions-of-wordpress-sites-are-being-probed-attacked-with-recent-plugin-bug/
Title: ZDnet: Millions of WordPress sites are being probed and attacked with recent plugin bug
Title: ZDnet: Millions of WordPress sites are being probed and attacked with recent plugin bug
Search URL Search Domain Scan URL
URL: https://www.toolbox.com/security/vulnerability-management/news/zero-day-flaw-in-wordpress-plugin-leaves-1-7m-users-at-risk/
Title: Toolbox.com: Zero-Day Flaw in WordPress Plugin Leaves 1.7M Users at Risk
Title: Toolbox.com: Zero-Day Flaw in WordPress Plugin Leaves 1.7M Users at Risk
Search URL Search Domain Scan URL
URL: https://www.heise.de/security/meldung/Sicherheitsluecke-im-WordPress-Plugin-File-Manager-oeffnen-Websites-fuer-Angreifer-4884937.html
Title: Heise.de: Sicherheitslücke im WordPress-Plugin File Manager öffnet Websites für Angreifer
Title: Heise.de: Sicherheitslücke im WordPress-Plugin File Manager öffnet Websites für Angreifer
Search URL Search Domain Scan URL
URL: https://www.facebook.com/sharer.php?u=https://seravo.com/blog/0-day-vulnerability-in-wp-file-manager/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://twitter.com/share?url=https://seravo.com/blog/0-day-vulnerability-in-wp-file-manager/&text=Severe+0-day+security+vulnerability+found+by+Seravo+in+WP+File+Manager&via=Seravo
Title:
Title:
Search URL Search Domain Scan URL
URL: https://cygdatatechnology.com/blog/esta-es-una-entrada-nueva/
Title: Falla en plugin File Manager de Wordpress | CYGdatatechnology
Title: Falla en plugin File Manager de Wordpress | CYGdatatechnology
Search URL Search Domain Scan URL
URL: https://infinitytechie.com/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites/
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites | Infinity Techie
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites | Infinity Techie
Search URL Search Domain Scan URL
URL: https://www.businesstelegraph.co.uk/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites-ars-technica/
Title: Hackers are exploiting a critical flaw affecting >350000 WordPress sites - Ars Technica - Business Telegraph
Title: Hackers are exploiting a critical flaw affecting >350000 WordPress sites - Ars Technica - Business Telegraph
Search URL Search Domain Scan URL
URL: https://www.privacy.com.sg/leaks/hackers-actively-exploiting-severe-bug-in-over-300k-wordpress-sites/
Title: Hackers Actively Exploiting Severe Bug In Over 300K WordPress Sites - Privacy Ninja
Title: Hackers Actively Exploiting Severe Bug In Over 300K WordPress Sites - Privacy Ninja
Search URL Search Domain Scan URL
URL: https://cloud10infotech.com/hackers-actively-exploiting-severe-bug-in-over-300k-wordpress-sites/
Title: Hackers actively exploiting severe bug in over 300K WordPress sites - Cloud 10 Infotech, LLC
Title: Hackers actively exploiting severe bug in over 300K WordPress sites - Cloud 10 Infotech, LLC
Search URL Search Domain Scan URL
URL: https://it-bezbednost.mk/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites/
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites - ИТ Безбедност
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites - ИТ Безбедност
Search URL Search Domain Scan URL
URL: https://netzbasti.de/2020/09/03/wordpress-schwerwiegende-sicherheitsluecke-im-file-manager-plugin/
Title: WordPress: Schwerwiegende Sicherheitslücke im File Manager-Plugin | NetzBasti
Title: WordPress: Schwerwiegende Sicherheitslücke im File Manager-Plugin | NetzBasti
Search URL Search Domain Scan URL
URL: https://www.threatshub.org/blog/hackers-exploit-wp-file-manager-flaw-affecting-over-350000-sites/
Title: Hackers Exploit WP File Manager Flaw Affecting Over 350,000 Sites - ThreatsHub Cybersecurity News
Title: Hackers Exploit WP File Manager Flaw Affecting Over 350,000 Sites - ThreatsHub Cybersecurity News
Search URL Search Domain Scan URL
URL: https://itechblog.co/a-essential-flaw-is-affecting-1000s-of-wordpress-websites/
Title: A Essential Flaw Is Affecting 1000's of WordPress Websites - iTechBlog
Title: A Essential Flaw Is Affecting 1000's of WordPress Websites - iTechBlog
Search URL Search Domain Scan URL
URL: https://rootdaemon.com/2020/09/03/wordpress-file-manager-plugin-patches-critical-zero-day-exploited-in-attacks/
Title: WordPress ‘File Manager’ Plugin Patches Critical Zero-Day Exploited in Attacks
Title: WordPress ‘File Manager’ Plugin Patches Critical Zero-Day Exploited in Attacks
Search URL Search Domain Scan URL
URL: https://www.haktechs.com/wordpress-plugin-file-manager-patch-to-address-an-actively-exploited-zero-day-vulnerability/
Title: WordPress Plugin File Manager Patch to Address an Actively Exploited Zero-Day Vulnerability- HakTechs
Title: WordPress Plugin File Manager Patch to Address an Actively Exploited Zero-Day Vulnerability- HakTechs
Search URL Search Domain Scan URL
URL: https://shortnews.site/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites/
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites
Search URL Search Domain Scan URL
URL: http://www.palada.net/index.php/2020/09/03/news-13017/
Title: A Critical Flaw Is Affecting Thousands of WordPress Sites – Computer Security Articles
Title: A Critical Flaw Is Affecting Thousands of WordPress Sites – Computer Security Articles
Search URL Search Domain Scan URL
URL: https://www.themodernlogicgroup.com/2020/09/03/wordpress-file-manager-plugin-patches-critical-zero-day-exploited-in-attacks/
Title: WordPress 'File Manager' Plugin Patches Critical Zero-Day Exploited in Attacks | Cyber Security and Consulting
Title: WordPress 'File Manager' Plugin Patches Critical Zero-Day Exploited in Attacks | Cyber Security and Consulting
Search URL Search Domain Scan URL
URL: https://bigtstore.com/2020/09/02/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites-ars-technica/
Title: Hackers are exploiting a critical flaw affecting >350000 WordPress sites - Ars Technica - bigtstore
Title: Hackers are exploiting a critical flaw affecting >350000 WordPress sites - Ars Technica - bigtstore
Search URL Search Domain Scan URL
URL: https://itsecurity.org/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin/
Title: Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin - ITSecurity.Org
Title: Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin - ITSecurity.Org
Search URL Search Domain Scan URL
URL: https://drdonysnews.com/hackers-hijack-indian-pm-narendra-modi-twitter-account/
Title: Hackers hijack Indian PM Narendra Modi Twitter account - Dr Don's ICFO News Safety and Security
Title: Hackers hijack Indian PM Narendra Modi Twitter account - Dr Don's ICFO News Safety and Security
Search URL Search Domain Scan URL
URL: https://bigtstore.com/2020/09/02/wordpress-security-zero-day-flaw-in-file-manager-plugin-actively-exploited-the-daily-swig/
Title: WordPress security: Zero-day flaw in File Manager plugin actively exploited - The Daily Swig - bigtstore
Title: WordPress security: Zero-day flaw in File Manager plugin actively exploited - The Daily Swig - bigtstore
Search URL Search Domain Scan URL
URL: https://mag.drdonysnews.com/wordpress-websites-attacked-via-file-manager-plugin-vulnerability/
Title: WordPress websites attacked via File Manager plugin vulnerability - Dr Don's ICFO News Magazine
Title: WordPress websites attacked via File Manager plugin vulnerability - Dr Don's ICFO News Magazine
Search URL Search Domain Scan URL
URL: https://www.pcsecurity-99.com/2020/09/03/hackers-hijack-indian-pm-narendra-modi-twitter-account/
Title: Hackers hijack Indian PM Narendra Modi Twitter account – pcsecurity-99.com
Title: Hackers hijack Indian PM Narendra Modi Twitter account – pcsecurity-99.com
Search URL Search Domain Scan URL
URL: https://marijuanapy.com/vulnerability-in-the-wordpress-file-manager-plugin-opens-websites-for-attackers/
Title: Vulnerability in the WordPress File Manager plugin opens websites for attackers | | Marijuanapy The World News
Title: Vulnerability in the WordPress File Manager plugin opens websites for attackers | | Marijuanapy The World News
Search URL Search Domain Scan URL
URL: https://cyber4.dental/2020/09/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin/
Title: Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin - Cyber4Dental
Title: Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin - Cyber4Dental
Search URL Search Domain Scan URL
URL: https://www.crime-99.com/2020/09/03/hackers-hijack-indian-pm-narendra-modi-twitter-account/
Title: Hackers hijack Indian PM Narendra Modi Twitter account – crime-99.com
Title: Hackers hijack Indian PM Narendra Modi Twitter account – crime-99.com
Search URL Search Domain Scan URL
URL: http://technogurug.com/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites/
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites - Techno Guru G
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites - Techno Guru G
Search URL Search Domain Scan URL
URL: https://seothreesixty.com/hackers-are-exploiting-a-critical-flaw-affecting-350000-wordpress-sites/
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites -
Title: Hackers are exploiting a critical flaw affecting >350,000 WordPress sites -
Search URL Search Domain Scan URL
URL: https://cheatsforepisode.com/episode-hack-how-to-get-free-passes-and-gems-on-episode-app-2020-2/
Title: EPISODE HACK - how to get free PASSES AND GEMS ON EPISODE APP 2020 - Episode Cheats
Title: EPISODE HACK - how to get free PASSES AND GEMS ON EPISODE APP 2020 - Episode Cheats
Search URL Search Domain Scan URL
URL: https://www.threatshub.org/blog/sigh-another-day-another-reason-for-wordpress-users-to-get-patching-hackers-abuse-bug-in-popular-plugin/
Title: Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin - ThreatsHub Cybersecurity News
Title: Sigh. Another day, another reason for WordPress users to get patching: Hackers abuse bug in popular plugin - ThreatsHub Cybersecurity News
Search URL Search Domain Scan URL
URL: https://www.itewiki.fi/blog/2020/09/suomalainen-yritys-loysi-wordpressista-vakavan-tietoturva-aukon-hyokkaysten-aalto-miljoonille-sivustoille/
Title: Suomalainen yritys löysi WordPressistä vakavan tietoturva-aukon - hyökkäysten aalto miljoonille sivustoille | Ite wiki
Title: Suomalainen yritys löysi WordPressistä vakavan tietoturva-aukon - hyökkäysten aalto miljoonille sivustoille | Ite wiki
Search URL Search Domain Scan URL
URL: https://www.archyde.com/wordpress-significant-growth-in-attacks-on-sites-that-use-the-file-manager-plugin/
Title: WordPress: significant growth in attacks on sites that use the File Manager plugin – Archyde
Title: WordPress: significant growth in attacks on sites that use the File Manager plugin – Archyde
Search URL Search Domain Scan URL
URL: https://www.nachedeu.com/wordpress-%d0%b7%d0%bd%d0%b0%d1%87%d0%b8%d1%82%d0%b5%d0%bb%d1%8c%d0%bd%d1%8b%d0%b9-%d1%80%d0%be%d1%81%d1%82-%d0%b0%d1%82%d0%b0%d0%ba-%d0%bd%d0%b0-%d1%81%d0%b0%d0%b9%d1%82%d1%8
Title: WordPress: значительный рост атак на сайты, использующие плагин File Manager – Nachedeu
Title: WordPress: значительный рост атак на сайты, использующие плагин File Manager – Nachedeu
Search URL Search Domain Scan URL
URL: https://bigtstore.com/2020/09/07/zero-day-flaw-in-wordpress-plugin-leaves-1-7m-users-at-risk-toolbox/
Title: Zero-Day Flaw in WordPress Plugin Leaves 1.7M Users at Risk - Toolbox - bigtstore
Title: Zero-Day Flaw in WordPress Plugin Leaves 1.7M Users at Risk - Toolbox - bigtstore
Search URL Search Domain Scan URL
URL: https://hwcol.com/2020/09/08/los-piratas-informaticos-estan-explotando-una-falla-critica-que-afecta-a-mas-de-350000-sitios-de-wordpress/
Title: Los piratas informáticos están explotando una falla crítica que afecta a más de 350,000 sitios de WordPress - HWCol.com
Title: Los piratas informáticos están explotando una falla crítica que afecta a más de 350,000 sitios de WordPress - HWCol.com
Search URL Search Domain Scan URL
URL: https://jajodesign.wordpress.com/2020/09/08/wordpress-importante-crecimiento-de-ataques-a-sitios-que-utilizan-el-plugin-file-manager/
Title: WordPress: importante crecimiento de ataques a sitios que utilizan el plugin File Manager – Blog de jajoDesign
Title: WordPress: importante crecimiento de ataques a sitios que utilizan el plugin File Manager – Blog de jajoDesign
Search URL Search Domain Scan URL
URL: https://ithemes.com/wordpress-vulnerability-roundup-september-2020-part-1/
Title: WordPress Vulnerability Roundup: September 2020, Part 1
Title: WordPress Vulnerability Roundup: September 2020, Part 1
Search URL Search Domain Scan URL
URL: http://technews300.com/hackers-are-exploiting-a-crucial-flaw-affecting-350000-wordpress-websites/
Title: Hackers are exploiting a crucial flaw affecting >350,000 WordPress websites - Tech News300
Title: Hackers are exploiting a crucial flaw affecting >350,000 WordPress websites - Tech News300
Search URL Search Domain Scan URL
URL: https://skywaywebsolutions.com/wordpress-vulnerability-roundup-september-2020-part-1/
Title: WordPress Vulnerability Roundup: September 2020, Part 1 | Premier Florida WordPress Developer | Skyway Web Solutions
Title: WordPress Vulnerability Roundup: September 2020, Part 1 | Premier Florida WordPress Developer | Skyway Web Solutions
Search URL Search Domain Scan URL
URL: https://twitter.com/SeravoStatus
Title: Service Status
Title: Service Status
Search URL Search Domain Scan URL
URL: https://github.com/seravo
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.facebook.com/Seravo/
Title:
Title:
Search URL Search Domain Scan URL
URL: https://twitter.com/Seravo
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.youtube.com/seravo
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/seravo
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.instagram.com/seravo
Title:
Title:
Search URL Search Domain Scan URL
URL: https://seravo.se/?utm_source=Seravo&utm_medium=Banner&utm_campaign=SE
Title: Seravo.se
Title: Seravo.se
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
47 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
seravo.com/blog/0-day-vulnerability-in-wp-file-manager/ |
73 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
all.css
use.fontawesome.com/releases/v5.1.0/css/ |
45 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style.min.css
seravo.com/wp-includes/css/dist/block-library/ |
52 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
seravo-orders.css
seravo.com/wp-content/plugins/seravo-orders/assets/css/ |
10 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap-glyphicons.css
netdna.bootstrapcdn.com/bootstrap/3.0.0/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
layout.min.css
seravo.com/wp-content/themes/seravo/dist/ |
126 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
affiliates.js
seravo.com/wp-content/plugins/seravo-orders/assets/js/ |
4 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.js
seravo.com/wp-includes/js/jquery/ |
95 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate.min.js
seravo.com/wp-includes/js/jquery/ |
10 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
seravo_logo.svg
seravo.com/wp-content/themes/seravo/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5379576495_b9898e406b_o-2840x634.jpg
seravo.com/wp-content/uploads/2020/09/ |
182 KB 184 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image-300x248.png
seravo.com/wp-content/uploads/2020/09/ |
46 KB 47 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Screenshot-from-2020-09-02-08-51-47.png
seravo.com/wp-content/uploads/2020/09/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widgets.js
platform.twitter.com/ |
95 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f3e251ebaaed1f22ac292ffa41c3c55a
secure.gravatar.com/avatar/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6e6d706fbb9a6cb9eda1c7c68d483286
secure.gravatar.com/avatar/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wordpress-computer-screen-230x230.jpg
seravo.com/wp-content/uploads/2020/05/ |
9 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
peter-pryharski-fZFW4Rbgq2E-unsplash-230x230.jpg
seravo.com/wp-content/uploads/2019/11/ |
12 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gareth-davies-1CrN-IbvtH0-unsplash-scaled-e1597051068363-230x230.jpg
seravo.com/wp-content/uploads/2020/08/ |
6 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bundo-kim-Z6cCzLrAAeY-unsplash-230x230.jpg
seravo.com/wp-content/uploads/2020/05/ |
14 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Ranua-Location-Header-230x230.jpg
seravo.com/wp-content/uploads/2020/07/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Real_Customer_Support_2560x571-230x230.jpg
seravo.com/wp-content/uploads/2020/06/ |
4 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.min.js
seravo.com/wp-content/themes/seravo/dist/ |
100 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-embed.min.js
seravo.com/wp-includes/js/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wp-recaptcha.min.js
seravo.com/wp-content/plugins/wp-recaptcha-integration/js/ |
7 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
quote.png
seravo.com/wp-content/themes/seravo/images/ |
963 B 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jizAREVItHgc8qDIbSTKq4XkRi2c_CI0q1vjitOh.woff2
fonts.gstatic.com/s/librefranklin/v5/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jizAREVItHgc8qDIbSTKq4XkRi3s-CI0q1vjitOh.woff2
fonts.gstatic.com/s/librefranklin/v5/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jizAREVItHgc8qDIbSTKq4XkRi20-SI0q1vjitOh.woff2
fonts.gstatic.com/s/librefranklin/v5/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jizGREVItHgc8qDIbSTKq4XkRiUa454xm1npjfGj7oY.woff2
fonts.gstatic.com/s/librefranklin/v5/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
riYXMp9Q
video.wordpress.com/embed/ Frame 79B9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
receive.php
seravo-cspreports.seravo.fi/ |
0 456 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
videopress-iframe.js
v0.wordpress.com/js/next/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
api.js
www.google.com/recaptcha/ |
800 B 723 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-arrow-down.svg
seravo.com/wp-content/themes/seravo/images/ |
303 B 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ |
62 KB 62 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
receive.php
seravo-cspreports.seravo.fi/ |
0 456 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
collect
www.google-analytics.com/j/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 13F5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ |
336 KB 132 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
horizon_tweet.890a062bcacdb49527deac08bf9879da.js
platform.twitter.com/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.html
platform.twitter.com/embed/ Frame FE9B |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
anchor
www.google.com/recaptcha/api2/ Frame C85A |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
bframe
www.google.com/recaptcha/api2/ Frame E545 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- v0.wordpress.com
- URL
- https://v0.wordpress.com/js/next/videopress-iframe.js?m=1435166243
- Domain
- www.google-analytics.com
- URL
- https://www.google-analytics.com/j/collect?v=1&_v=j85&aip=1&a=1300962888&t=pageview&_s=1&dl=https%3A%2F%2Fseravo.com%2Fblog%2F0-day-vulnerability-in-wp-file-manager%2F&ul=en-us&de=UTF-8&dt=Severe%200-day%20security%20vulnerability%20found%20by%20Seravo%20in%20WP%20File%20Manager%20%7C%20Seravo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1457865654&gjid=62066226&cid=664873217.1599925126&tid=UA-53086901-13&_gid=1311038335.1599925126&_r=1>m=2ou920&z=569661253
Verdicts & Comments Add Verdict or Comment
40 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| seravo_orders_get_affiliate_config object| seravo_orders_get_affiliate_id function| seravo_orders_check_affiliate_id_from_url object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga undefined| $ function| jQuery object| seravo function| drags object| seravoApp function| slickInit function| scrollToSection function| handleFixNav function| mobileNav function| getUrlParameter object| jQuery1124007456509296427005 function| EventEmitter object| eventie function| imagesLoaded object| Placeholders object| wp object| wp_recaptcha function| wp_recaptcha_loaded object| gaplugins object| gaGlobal object| gaData object| __twttrll object| twttr object| __twttr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_4384383 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .seravo.com/ | Name: _gid Value: GA1.2.1311038335.1599925126 |
|
| .seravo.com/ | Name: _gat_gtag_UA_53086901_13 Value: 1 |
|
| .seravo.com/ | Name: _ga Value: GA1.2.664873217.1599925126 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Content-Security-Policy | default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.google-analytics.com https://code.jquery.com https://www.gstatic.com https://www.google.com/recaptcha/api.js https://beacon-v2.helpscout.net https://d12wqas9hcki3z.cloudfront.net https://d33v4339jhl8k0.cloudfront.net https://platform.twitter.com https://cdn.syndication.twimg.com https://www.googletagmanager.com https://cdn.jsdelivr.net/npm/apexcharts https://static.hotjar.com https://script.hotjar.com https://connect.facebook.net https://www.google.com/jsapi; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://beacon-v2.helpscout.net https://djtflbt20bdde.cloudfront.net https:; img-src 'self' data: https://script.hotjar.com https://d33v4339jhl8k0.cloudfront.net https:; font-src 'self' data: https://fonts.gstatic.com https://use.fontawesome.com https://*.bootstrapcdn.com https://script.hotjar.com; base-uri https://docs.helpscout.com; frame-src 'self' https://www.slideshare.net https://www.google.com https://twitter.com https://platform.twitter.com https://syndication.twitter.com https://www.youtube.com https://www.facebook.com https://m.facebook.com https://vars.hotjar.com https://beacon-v2.helpscout.net https://make.wordpress.org https://video.wordpress.com/; object-src https://beacon-v2.helpscout.net; connect-src 'self' https://beaconapi.helpscout.net https://chatapi.helpscout.net https://d3hb14vkzrxvla.cloudfront.net wss://*.pusher.com *.sumologic.com sentry.io https://*.hotjar.com:* https://vc.hotjar.io:* wss://*.hotjar.com https://www.facebook.com/tr/; child-src 'self' https://vars.hotjar.com; upgrade-insecure-requests; report-uri https://seravo-cspreports.seravo.fi/receive.php; |
| Strict-Transport-Security | max-age=63072000; |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
netdna.bootstrapcdn.com
platform.twitter.com
secure.gravatar.com
seravo-cspreports.seravo.fi
seravo.com
use.fontawesome.com
v0.wordpress.com
video.wordpress.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
v0.wordpress.com
www.google-analytics.com
192.0.78.12
2001:4de0:ac19::1:b:2a
23.111.9.35
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:800::2004
2a00:1450:4001:801::2003
2a00:1450:4001:802::2003
2a00:1450:4001:814::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2008
2a00:14c0:1:307:aa51::151
2a01:4f9:4a:28a8::2
2a04:fa87:fffe::c000:4902
08600bd90d0342cebb9ec4505a8a84c995bf8acdb5d8667fcc68221959e20f44
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
23b775e4e3b5b93742dad8a1bbfacb2ffc3271a15dbfc6d3ded21d713f2c3489
29d0d17f7e4b22b78ea3f9e06d76a51127b07be8a07bc4604a2a9ab46ffacdb8
2c9122f6ffbaf41f4f129414cfdd54ad6cf51c7a2f013bc7854ad44565ab90f2
31caec27d43d23d2df20e9d72b720df0095434c9b8399758c5bf42ab709738cc
3c5447c0c512a1f01163377ef8dd2b0462b21b6c51aff481a284f89c3743b6b7
3cc76df54f615c3587a81d902f9fa907799083cac5f2a4cff34a6d880dcafe51
43f239e21700744b35d1cb3a1ff9313917ed4f42bc69a93da76286fa0c2a24b8
4486d910a315d084f48e2225f3e96248e6bb752fadae42cf7745dc194f774d0a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
5af145186e623128a6cd915dfe3a53dd2f98c3af60492d8daa7a14bf68c0c38a
5e134525c2d37deff0860ad8ad8c80e02fd1320d73d7c0f31333b7367945da4b
5e280876b753e3c7e335e23b45b07efa594c9c0436448c3a8d563d4102e98c16
62ac51f133153f6fea269a9c0f520bcb7415317c54e2272feb3ba7e01b0fb1df
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
65e9dacfc912edb3c96c6571413d6c889cd109e778b6457cad2d029c00a6c9b4
661d964b08d61d52766510383951bf46cba399a95076a7f726b6da31d6684e0f
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
9614a886ea525a31431616db58d45a04f750c4941415a3e14aac1bc89c61a6fe
9755d633755e1a3112ff05a449d1de2beab5bc81f62d8768247bd9c10b728a79
99fb12d4d59de5b0f6c8ace65de3f39e339686bef83bc60c065bc36bb43c84e7
9bff8073f1116989b73d48d65d3047f74dc38f4ef12bbadda593e7cfdbca4801
9d772932745d97ec8b67d76227808179bbb8866bb09f6ff75e504724ef507865
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
b8f755c6bb05dc5ffc4cf54e4665e44ab3d339154cfb6c3c1c47605645659b0d
bb8beb55bf1684db11b43988587e04fc3b056a96c5efa69a4bba4d50ed78063a
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
c482ab466a0700259007153aade62e0beed9e72cb8bbffc0c7e131986c4aef7f
ca2800839cfdbf2760f12320fb592e421753eec0adc9b667c62aeb52640e9781
ca64645c22680035acdd8149902fda928c381cafbeab0b628b5542a7323ee0e4
cb95ff541016641f802367ec5c702054833f968f53d5e66e9d10b30ea64e0521
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
ded56bc9bd7e0bd13cbbbad86164d34c60d884199a77118920bff4d2c0c93ed7
e0390c26b695bfa5251606cacaa0bb97a72f57574a3ab113e330142bfc825b11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc