![](/screenshots/eda4479c-032f-4a24-b1da-038fb52b238e.png)
sys-admin.in.ua
Open in
urlscan Pro
31.41.217.94
Public Scan
Submission: On August 12 via manual from FI
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on July 2nd 2019. Valid for: 3 months.
This is the only time sys-admin.in.ua was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
21 | 31.41.217.94 31.41.217.94 | 42655 (BESTHOSTI...) (BESTHOSTING-AS) | |
4 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 151.101.112.133 151.101.112.133 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 | 2a00:1450:400... 2a00:1450:4001:821::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
4 | 31.131.252.90 31.131.252.90 | 50340 (SELECTEL-MSK) (SELECTEL-MSK) | |
2 | 2a00:1450:400... 2a00:1450:4001:81c::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
3 | 2a00:1450:400... 2a00:1450:4001:81e::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 151.101.112.134 151.101.112.134 | 54113 (FASTLY) (FASTLY - Fastly) | |
2 6 | 2a02:6b8::1:119 2a02:6b8::1:119 | 13238 (YANDEX) (YANDEX) | |
3 | 31.131.252.94 31.131.252.94 | 50340 (SELECTEL-MSK) (SELECTEL-MSK) | |
1 2 | 185.59.220.24 185.59.220.24 | 60068 (CDN77) (CDN77) | |
1 1 | 2606:4700:30:... 2606:4700:30::681c:169a | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
52 | 12 |
ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com | |
adservice.google.com |
ASN54113 (FASTLY - Fastly, US)
camo.githubusercontent.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de | |
www.googletagservices.com |
ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net |
ASN54113 (FASTLY - Fastly, US)
http-sys-admin-in-ua.disqus.com |
ASN60068 (CDN77, GB)
PTR: frankfurt-20.cdn77.com
p1.ntvk1.ru |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
rsincter.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
sys-admin.in.ua
sys-admin.in.ua |
112 KB |
6 |
yandex.ru
2 redirects
mc.yandex.ru |
44 KB |
4 |
pluso.ru
share.pluso.ru |
68 KB |
3 |
kitbit.net
kitbit.net |
2 KB |
3 |
doubleclick.net
googleads.g.doubleclick.net |
|
3 |
googlesyndication.com
pagead2.googlesyndication.com |
194 KB |
2 |
ntvk1.ru
1 redirects
p1.ntvk1.ru |
732 B |
2 |
disqus.com
http-sys-admin-in-ua.disqus.com |
3 KB |
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
rsincter.com
1 redirects
rsincter.com |
376 B |
1 |
googletagservices.com
www.googletagservices.com |
28 KB |
1 |
google.de
adservice.google.de |
171 B |
1 |
google.com
maps.google.com Failed adservice.google.com |
171 B |
1 |
githubusercontent.com
camo.githubusercontent.com |
123 KB |
0 |
rktch.com
Failed
ut9.rktch.com Failed |
|
0 |
digitaltarget.ru
Failed
tag.digitaltarget.ru Failed |
|
0 |
yadro.ru
Failed
counter.yadro.ru Failed |
|
0 |
googleapis.com
Failed
fonts.googleapis.com Failed |
|
52 | 18 |
Domain | Requested by | |
---|---|---|
21 | sys-admin.in.ua |
sys-admin.in.ua
|
6 | mc.yandex.ru |
2 redirects
sys-admin.in.ua
|
4 | share.pluso.ru |
sys-admin.in.ua
share.pluso.ru |
3 | kitbit.net |
share.pluso.ru
kitbit.net |
3 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
|
3 | pagead2.googlesyndication.com |
sys-admin.in.ua
pagead2.googlesyndication.com |
2 | p1.ntvk1.ru | 1 redirects |
2 | http-sys-admin-in-ua.disqus.com |
sys-admin.in.ua
http-sys-admin-in-ua.disqus.com |
2 | www.google-analytics.com |
sys-admin.in.ua
|
1 | rsincter.com | 1 redirects |
1 | www.googletagservices.com |
pagead2.googlesyndication.com
|
1 | adservice.google.com |
pagead2.googlesyndication.com
|
1 | adservice.google.de |
pagead2.googlesyndication.com
|
1 | camo.githubusercontent.com |
sys-admin.in.ua
|
0 | ut9.rktch.com Failed | |
0 | tag.digitaltarget.ru Failed |
kitbit.net
|
0 | counter.yadro.ru Failed | |
0 | maps.google.com Failed |
sys-admin.in.ua
|
0 | fonts.googleapis.com Failed |
sys-admin.in.ua
|
52 | 19 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sys-admin.in.ua Let's Encrypt Authority X3 |
2019-07-02 - 2019-09-30 |
3 months | crt.sh |
*.g.doubleclick.net Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
www.github.com DigiCert SHA2 High Assurance Server CA |
2017-03-23 - 2020-05-13 |
3 years | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.pluso.ru Let's Encrypt Authority X3 |
2019-06-07 - 2019-09-05 |
3 months | crt.sh |
*.google.com Google Internet Authority G3 |
2019-07-29 - 2019-10-21 |
3 months | crt.sh |
*.disqus.com DigiCert SHA2 Secure Server CA |
2018-03-28 - 2020-04-27 |
2 years | crt.sh |
bs.yandex.ru Yandex CA |
2018-10-03 - 2019-10-03 |
a year | crt.sh |
*.kitbit.net Let's Encrypt Authority X3 |
2018-11-05 - 2019-02-03 |
3 months | crt.sh |
*.ntvk1.ru Sectigo RSA Domain Validation Secure Server CA |
2019-05-12 - 2020-05-11 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://sys-admin.in.ua/active-directory-kill-chain-attack-defense.html
Frame ID: 21E391C6B410B27C1FBEE0BBF76CFF7C
Requests: 48 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/js/r20190807/r20190131/show_ads_impl.js
Frame ID: B1067466275BC7E35F7C8D1B515DCA96
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20190807/r20190131/zrt_lookup.html
Frame ID: C6E83D267E09D8704A1C63CCC940B59F
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5408249958383259&output=html&h=90&slotname=7442732925&adk=3916171212&adf=1467919130&w=1200&fwrn=4&fwrnh=100&lmt=1565625380&rafmt=2&to=pso&guci=1.2.0.0.2.2.0.0&channel=WordPressSinglePost&format=1200x90&url=https%3A%2F%2Fsys-admin.in.ua%2Factive-directory-kill-chain-attack-defense.html&flash=0&fwr=0&resp_fmts=2&wgl=1&adsid=NT&dt=1565625380203&bpp=10&bdt=736&fdt=65&idt=65&shv=r20190807&cbv=r20190131&saldr=aa&abxe=1&correlator=1961834949038&frm=20&pv=2&ga_vid=1009781558.1565625380&ga_sid=1565625380&ga_hid=843123534&ga_fc=0&iag=0&icsg=16722495&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=193&ady=181&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199336%2C21064245%2C410075105&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=144&bc=31&osw_key=1231926076&ifi=1&uci=1.o0y42ok8hfl6&fsb=1&xpc=EKTlD3yCus&p=https%3A//sys-admin.in.ua&dtd=77
Frame ID: 4717D8820314143AFE3B6E1A797A81D1
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5408249958383259&output=html&adk=1812271804&adf=3025194257&lmt=1565625380&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fsys-admin.in.ua%2Factive-directory-kill-chain-attack-defense.html&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1565625380403&bpp=3&bdt=936&fdt=3&idt=3&shv=r20190807&cbv=r20190131&saldr=aa&abxe=1&prev_fmts=1200x90&nras=1&correlator=1961834949038&frm=20&pv=1&ga_vid=1009781558.1565625380&ga_sid=1565625380&ga_hid=843123534&ga_fc=0&iag=0&icsg=9660171263&dssz=26&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=20199336%2C21064245%2C410075105&oid=3&rx=0&eae=2&fc=912&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=3252043037&ifi=1&uci=1.5l1jqrhd6qzx&fsb=1&dtd=7
Frame ID: D1DF4409E10125B6E9723F2A99314252
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/eda4479c-032f-4a24-b1da-038fb52b238e.png)
Detected technologies
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
![](/vendor/wappa/icons/Yoast SEO.png)
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Detected patterns
- script /googlesyndication\.com\//i
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
![](/vendor/wappa/icons/Yandex.Metrika.png)
Detected patterns
- script /mc\.yandex\.ru\/metrika\/watch\.js/i
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
- html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
![](/vendor/wappa/icons/prettyPhoto.png)
Detected patterns
- html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i
Page Statistics
207 Outgoing links
These are links going to different origins than the main page.
Title: тут
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: SPN Scanning – Service Discovery without Network Port Scanning
Search URL Search Domain Scan URL
Title: A Data Hunting Overview
Search URL Search Domain Scan URL
Title: Push it, Push it Real Good
Search URL Search Domain Scan URL
Title: Hidden Administrative Accounts: BloodHound to the Rescue
Search URL Search Domain Scan URL
Title: Active Directory Recon Without Admin Rights
Search URL Search Domain Scan URL
Title: Gathering AD Data with the Active Directory PowerShell Module
Search URL Search Domain Scan URL
Title: Using ActiveDirectory module for Domain Enumeration from PowerShell Constrained Language Mode
Search URL Search Domain Scan URL
Title: PowerUpSQL Active Directory Recon Functions
Search URL Search Domain Scan URL
Title: Derivative Local Admin
Search URL Search Domain Scan URL
Title: Dumping Active Directory Domain Info – with PowerUpSQL!
Search URL Search Domain Scan URL
Title: Local Group Enumeration
Search URL Search Domain Scan URL
Title: Attack Mapping With Bloodhound
Search URL Search Domain Scan URL
Title: Situational Awareness
Search URL Search Domain Scan URL
Title: Commands for Domain Network Compromise
Search URL Search Domain Scan URL
Title: Microsoft LAPS Security & Active Directory LAPS Configuration Recon
Search URL Search Domain Scan URL
Title: Running LAPS with PowerView
Search URL Search Domain Scan URL
Title: RastaMouse LAPS Part 1 & 2
Search URL Search Domain Scan URL
Title: Finding Passwords in SYSVOL & Exploiting Group Policy Preferences
Search URL Search Domain Scan URL
Title: Pentesting in the Real World: Group Policy Pwnage
Search URL Search Domain Scan URL
Title: MS14-068: Vulnerability in (Active Directory) Kerberos Could Allow Elevation of Privilege
Search URL Search Domain Scan URL
Title: Digging into MS14-068, Exploitation and Defence
Search URL Search Domain Scan URL
Title: From MS14-068 to Full Compromise – Step by Step
Search URL Search Domain Scan URL
Title: Abusing DNSAdmins privilege for escalation in Active Directory
Search URL Search Domain Scan URL
Title: From DNSAdmins to Domain Admin, When DNSAdmins is More than Just DNS Administration
Search URL Search Domain Scan URL
Title: Domain Controller Print Server + Unconstrained Kerberos Delegation = Pwned Active Directory Forest
Search URL Search Domain Scan URL
Title: Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain)
Search URL Search Domain Scan URL
Title: Unconstrained Delegation Permissions
Search URL Search Domain Scan URL
Title: Trust? Years to earn, seconds to break
Search URL Search Domain Scan URL
Title: Hunting in Active Directory: Unconstrained Delegation & Forests Trusts
Search URL Search Domain Scan URL
Title: Another Word on Delegation
Search URL Search Domain Scan URL
Title: From Kekeo to Rubeus
Search URL Search Domain Scan URL
Title: S4U2Pwnage
Search URL Search Domain Scan URL
Title: Kerberos Delegation, Spns And More…
Search URL Search Domain Scan URL
Title: Abusing GPO Permissions
Search URL Search Domain Scan URL
Title: A Red Teamer’s Guide to GPOs and OUs
Search URL Search Domain Scan URL
Title: File templates for GPO Abuse
Search URL Search Domain Scan URL
Title: Exploiting Weak Active Directory Permissions With Powersploit
Search URL Search Domain Scan URL
Title: Escalating privileges with ACLs in Active Directory
Search URL Search Domain Scan URL
Title: Abusing Active Directory Permissions with PowerView
Search URL Search Domain Scan URL
Title: BloodHound 1.3 – The ACL Attack Path Update
Search URL Search Domain Scan URL
Title: Scanning for Active Directory Privileges & Privileged Accounts
Search URL Search Domain Scan URL
Title: Active Directory Access Control List – Attacks and Defense
Search URL Search Domain Scan URL
Title: aclpwn — Active Directory ACL exploitation with BloodHound
Search URL Search Domain Scan URL
Title: A Guide to Attacking Domain Trusts
Search URL Search Domain Scan URL
Title: It’s All About Trust – Forging Kerberos Trust Tickets to Spoof Access across Active Directory Trusts
Search URL Search Domain Scan URL
Title: Active Directory forest trusts part 1 — How does SID filtering work?
Search URL Search Domain Scan URL
Title: The Forest Is Under Control. Taking over the entire Active Directory forest
Search URL Search Domain Scan URL
Title: Not A Security Boundary: Breaking Forest Trusts
Search URL Search Domain Scan URL
Title: Privilege Escalation With DCShadow
Search URL Search Domain Scan URL
Title: DCShadow
Search URL Search Domain Scan URL
Title: DCShadow explained: A technical deep dive into the latest AD attack technique
Search URL Search Domain Scan URL
Title: DCShadow — Silently turn off Active Directory Auditing
Search URL Search Domain Scan URL
Title: DCShadow — Minimal permissions, Active Directory Deception, Shadowception and more
Search URL Search Domain Scan URL
Title: Rid Hijacking: When Guests Become Admins
Search URL Search Domain Scan URL
Title: How to get SQL Server Sysadmin Privileges as a Local Admin with PowerUpSQL
Search URL Search Domain Scan URL
Title: Compromise With Powerupsql – Sql Attacks
Search URL Search Domain Scan URL
Title: Attack and defend Microsoft Enhanced Security Administrative
Search URL Search Domain Scan URL
Title: SQL Server – Link… Link… Link… and Shell: How to Hack Database Links in SQL Server!
Search URL Search Domain Scan URL
Title: SQL Server Link Crawling with PowerUpSQL
Search URL Search Domain Scan URL
Title: Performing Pass-the-hash Attacks With Mimikatz
Search URL Search Domain Scan URL
Title: How to Pass-the-Hash with Mimikatz
Search URL Search Domain Scan URL
Title: Pass-the-Hash Is Dead: Long Live LocalAccountTokenFilterPolicy
Search URL Search Domain Scan URL
Title: Targeted Workstation Compromise With Sccm
Search URL Search Domain Scan URL
Title: PowerSCCM — PowerShell module to interact with SCCM deployments
Search URL Search Domain Scan URL
Title: Remote Weaponization of WSUS MITM
Search URL Search Domain Scan URL
Title: WSUSpendu
Search URL Search Domain Scan URL
Title: Leveraging WSUS – Part One
Search URL Search Domain Scan URL
Title: Password Spraying Windows Active Directory Accounts — Tradecraft Security Weekly #5
Search URL Search Domain Scan URL
Title: Attacking Exchange with MailSniper
Search URL Search Domain Scan URL
Title: A Password Spraying tool for Active Directory Credentials by Jacob Wilkin
Search URL Search Domain Scan URL
Title: GoFetch is a tool to automatically exercise an attack plan generated by the BloodHound application
Search URL Search Domain Scan URL
Title: DeathStar — Automate getting Domain Admin using Empire
Search URL Search Domain Scan URL
Title: ANGRYPUPPY — Bloodhound Attack Path Automation in CobaltStrike
Search URL Search Domain Scan URL
Title: Bypassing Memory Scanners with Cobalt Strike and Gargoyle
Search URL Search Domain Scan URL
Title: In-Memory Evasions Course
Search URL Search Domain Scan URL
Title: Bring Your Own Land (BYOL) – A Novel Red Teaming Technique
Search URL Search Domain Scan URL
Title: Red Teaming in the EDR age
Search URL Search Domain Scan URL
Title: Modern Defenses and YOU!
Search URL Search Domain Scan URL
Title: OPSEC Considerations for Beacon Commands
Search URL Search Domain Scan URL
Title: Red Team Tradecraft and TTP Guidance
Search URL Search Domain Scan URL
Title: Fighting the Toolset
Search URL Search Domain Scan URL
Title: Red Team Techniques for Evading, Bypassing, and Disabling MS Advanced Threat Protection and Advanced Threat Analytics
Search URL Search Domain Scan URL
Title: Red Team Revenge — Attacking Microsoft ATA
Search URL Search Domain Scan URL
Title: Evading Microsoft ATA for Active Directory Domination
Search URL Search Domain Scan URL
Title: PowerShell ScriptBlock Logging Bypass
Search URL Search Domain Scan URL
Title: How to bypass AMSI and execute ANY malicious Powershell code
Search URL Search Domain Scan URL
Title: AMSI: How Windows 10 Plans to Stop Script-Based Attacks
Search URL Search Domain Scan URL
Title: AMSI Bypass: Patching Technique
Search URL Search Domain Scan URL
Title: Invisi-Shell — Hide your Powershell script in plain sight. Bypass all Powershell security features
Search URL Search Domain Scan URL
Title: A PoC function to corrupt the g_amsiContext global variable in clr.dll in .NET Framework Early Access build 3694
Search URL Search Domain Scan URL
Title: Living Off The Land Binaries And Scripts — (LOLBins and LOLScripts)
Search URL Search Domain Scan URL
Title: Subverting Sysmon: Application of a Formalized Security Product Evasion Methodology
Search URL Search Domain Scan URL
Title: Forging Trusts for Deception in Active Directory
Search URL Search Domain Scan URL
Title: Honeypot Buster: A Unique Red-Team Tool
Search URL Search Domain Scan URL
Title: Invoke-Phant0m — Windows Event Log Killer
Search URL Search Domain Scan URL
Title: How Attackers Pull the Active Directory Database (NTDS.dit) from a Domain Controller
Search URL Search Domain Scan URL
Title: Extracting Password Hashes From The Ntds.dit File
Search URL Search Domain Scan URL
Title: Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS
Search URL Search Domain Scan URL
Title: Kerberoasting Without Mimikatz
Search URL Search Domain Scan URL
Title: Cracking Kerberos TGS Tickets Using Kerberoast – Exploiting Kerberos to Compromise the Active Directory Domain
Search URL Search Domain Scan URL
Title: Extracting Service Account Passwords With Kerberoasting
Search URL Search Domain Scan URL
Title: Cracking Service Account Passwords with Kerberoasting
Search URL Search Domain Scan URL
Title: Kerberoast PW list for cracking passwords with complexity requirements
Search URL Search Domain Scan URL
Title: Roasting AS-REPs
Search URL Search Domain Scan URL
Title: Operational Guidance for Offensive User DPAPI Abuse
Search URL Search Domain Scan URL
Title: Mimikatz and DCSync and ExtraSids, Oh My
Search URL Search Domain Scan URL
Title: Mimikatz DCSync Usage, Exploitation, and Detection
Search URL Search Domain Scan URL
Title: Dump Clear-Text Passwords for All Admins in the Domain Using Mimikatz DCSync
Search URL Search Domain Scan URL
Title: Pwning with Responder – A Pentester’s Guide
Search URL Search Domain Scan URL
Title: LLMNR/NBT-NS Poisoning Using Responder
Search URL Search Domain Scan URL
Title: Compromising Plain Text Passwords In Active Directory
Search URL Search Domain Scan URL
Title: Golden Ticket
Search URL Search Domain Scan URL
Title: Kerberos Golden Tickets are Now More Golden
Search URL Search Domain Scan URL
Title: Sneaky Active Directory Persistence #14: SID History
Search URL Search Domain Scan URL
Title: How Attackers Use Kerberos Silver Tickets to Exploit Systems
Search URL Search Domain Scan URL
Title: Sneaky Active Directory Persistence #16: Computer Accounts & Domain Controller Silver Tickets
Search URL Search Domain Scan URL
Title: Creating Persistence With Dcshadow
Search URL Search Domain Scan URL
Title: Sneaky Active Directory Persistence #15: Leverage AdminSDHolder & SDProp to (Re)Gain Domain Admin Rights
Search URL Search Domain Scan URL
Title: Persistence Using Adminsdholder And Sdprop
Search URL Search Domain Scan URL
Title: Sneaky Active Directory Persistence #17: Group Policy
Search URL Search Domain Scan URL
Title: Unlocking All The Doors To Active Directory With The Skeleton Key Attack
Search URL Search Domain Scan URL
Title: Skeleton Key
Search URL Search Domain Scan URL
Title: Attackers Can Now Use Mimikatz to Implant Skeleton Key on Domain Controllers & BackDoor Your Active Directory Forest
Search URL Search Domain Scan URL
Title: The Most Dangerous User Right You (Probably) Have Never Heard Of
Search URL Search Domain Scan URL
Title: SeEnableDelegationPrivilege Active Directory Backdoor
Search URL Search Domain Scan URL
Title: Sneaky Active Directory Persistence #12: Malicious Security Support Provider (SSP)
Search URL Search Domain Scan URL
Title: Sneaky Active Directory Persistence #11: Directory Service Restore Mode (DSRM)
Search URL Search Domain Scan URL
Title: Sneaky Active Directory Persistence #13: DSRM Persistence v2
Search URL Search Domain Scan URL
Title: An ACE Up the Sleeve: Designing Active Directory DACL Backdoors
Search URL Search Domain Scan URL
Title: Shadow Admins – The Stealthy Accounts That You Should Fear The Most
Search URL Search Domain Scan URL
Title: The Unintended Risks of Trusting Active Directory
Search URL Search Domain Scan URL
Title: PowerView
Search URL Search Domain Scan URL
Title: BloodHound
Search URL Search Domain Scan URL
Title: Impacket
Search URL Search Domain Scan URL
Title: aclpwn.py
Search URL Search Domain Scan URL
Title: CrackMapExec
Search URL Search Domain Scan URL
Title: ADACLScanner
Search URL Search Domain Scan URL
Title: zBang
Search URL Search Domain Scan URL
Title: PowerUpSQL
Search URL Search Domain Scan URL
Title: Rubeus
Search URL Search Domain Scan URL
Title: ADRecon
Search URL Search Domain Scan URL
Title: Mimikatz
Search URL Search Domain Scan URL
Title: Grouper
Search URL Search Domain Scan URL
Title: The Dog Whisperer’s Handbook – A Hacker’s Guide to the BloodHound Galaxy
Search URL Search Domain Scan URL
Title: Varonis eBook: Pen Testing Active Directory Environments
Search URL Search Domain Scan URL
Title: Tools Cheat Sheets
Search URL Search Domain Scan URL
Title: DogWhisperer — BloodHound Cypher Cheat Sheet (v2)
Search URL Search Domain Scan URL
Title: PowerView-3.0 tips and tricks
Search URL Search Domain Scan URL
Title: PowerView-2.0 tips and tricks
Search URL Search Domain Scan URL
Title: SAMRi10
Search URL Search Domain Scan URL
Title: Net Cease
Search URL Search Domain Scan URL
Title: PingCastle
Search URL Search Domain Scan URL
Title: Aorato Skeleton Key Malware Remote DC Scanner
Search URL Search Domain Scan URL
Title: Reset the krbtgt account password/keys
Search URL Search Domain Scan URL
Title: Deploy-Deception
Search URL Search Domain Scan URL
Title: dcept
Search URL Search Domain Scan URL
Title: LogonTracer
Search URL Search Domain Scan URL
Title: DCSYNCMonitor
Search URL Search Domain Scan URL
Title: Reducing the Active Directory Attack Surface
Search URL Search Domain Scan URL
Title: Securing Domain Controllers to Improve Active Directory Security
Search URL Search Domain Scan URL
Title: Securing Windows Workstations: Developing a Secure Baseline
Search URL Search Domain Scan URL
Title: Implementing Secure Administrative Hosts
Search URL Search Domain Scan URL
Title: Privileged Access Management for Active Directory Domain Services
Search URL Search Domain Scan URL
Title: Awesome Windows Domain Hardening
Search URL Search Domain Scan URL
Title: Best Practices for Securing Active Directory
Search URL Search Domain Scan URL
Title: Introducing the Adversary Resilience Methodology — Part One
Search URL Search Domain Scan URL
Title: Introducing the Adversary Resilience Methodology — Part Two
Search URL Search Domain Scan URL
Title: Mitigating Pass-the-Hash and Other Credential Theft, version 2
Search URL Search Domain Scan URL
Title: Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings
Search URL Search Domain Scan URL
Title: Monitoring Active Directory for Signs of Compromise
Search URL Search Domain Scan URL
Title: Detecting Lateral Movement through Tracking Event Logs
Search URL Search Domain Scan URL
Title: Kerberos Golden Ticket Protection Mitigating Pass-the-Ticket on Active Directory
Search URL Search Domain Scan URL
Title: Overview of Microsoft’s «Best Practices for Securing Active Directory»
Search URL Search Domain Scan URL
Title: The Keys to the Kingdom: Limiting Active Directory Administrators
Search URL Search Domain Scan URL
Title: Protect Privileged AD Accounts With Five Free Controls
Search URL Search Domain Scan URL
Title: The Most Common Active Directory Security Issues and What You Can Do to Fix Them
Search URL Search Domain Scan URL
Title: Event Forwarding Guidance
Search URL Search Domain Scan URL
Title: Planting the Red Forest: Improving AD on the Road to ESAE
Search URL Search Domain Scan URL
Title: Detecting Kerberoasting Activity
Search URL Search Domain Scan URL
Title: Security Considerations for Trusts
Search URL Search Domain Scan URL
Title: Advanced Threat Analytics suspicious activity guide
Search URL Search Domain Scan URL
Title: Windows 10 Credential Theft Mitigation Guide
Search URL Search Domain Scan URL
Title: Detecting Pass-The- Ticket and Pass-The- Hash Attack Using Simple WMI Commands
Search URL Search Domain Scan URL
Title: Step by Step Deploy Microsoft Local Administrator Password Solution
Search URL Search Domain Scan URL
Title: Active Directory Security Best Practices
Search URL Search Domain Scan URL
Title: Finally Deploy and Audit LAPS with Project VAST, Part 1 of 2
Search URL Search Domain Scan URL
Title: Windows Security Log Events
Search URL Search Domain Scan URL
Title: Talk Transcript BSidesCharm Detecting the Elusive: Active Directory Threat Hunting
Search URL Search Domain Scan URL
Title: Preventing Mimikatz Attacks
Search URL Search Domain Scan URL
Title: Understanding «Red Forest» — The 3-Tier ESAE and Alternative Ways to Protect Privileged Credentials
Search URL Search Domain Scan URL
Title: AD Reading: Active Directory Backup and Disaster Recovery
Search URL Search Domain Scan URL
Title: Ten Process Injection Techniques: A Technical Survey Of Common And Trending Process Injection Techniques
Search URL Search Domain Scan URL
Title: Hunting For In-Memory .NET Attacks
Search URL Search Domain Scan URL
Title: Mimikatz Overview, Defenses and Detection
Search URL Search Domain Scan URL
Title: Trimarc Research: Detecting Password Spraying with Security Event Auditing
Search URL Search Domain Scan URL
Title: Hunting for Gargoyle Memory Scanning Evasion
Search URL Search Domain Scan URL
Title: Planning and getting started on the Windows Defender Application Control deployment process
Search URL Search Domain Scan URL
Title: Preventing Lateral Movement Using Network Access Groups
Search URL Search Domain Scan URL
Title: How to Go from Responding to Hunting with Sysinternals Sysmon
Search URL Search Domain Scan URL
Title: Windows Event Forwarding Guidance
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Ирина
Search URL Search Domain Scan URL
Title: Refilwe
Search URL Search Domain Scan URL
Title: WMI Code Creator — волшебная палочка для системного администратора | Subreaderco
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 37- https://mc.yandex.ru/watch/26520969?wmode=7&page-url=https%3A%2F%2Fsys-admin.in.ua%2Factive-directory-kill-chain-attack-defense.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1565625378501%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190812175620%3Aet%3A1565625381%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A122697118%3Ahid%3A456583636%3Ads%3A51%2C186%2C726%2C84%2C0%2C0%2C0%2C932%2C14%2C%2C%2C%2C1898%3Afp%3A1699%3Awn%3A61618%3Ahl%3A2%3Agdpr%3A14%3Av%3A1697%3Ast%3A1565625381%3Au%3A1565625381645536593%3At%3AActive%20Directory%20Kill%20Chain%20Attack%20%26%20Defense%20-%20%D0%97%D0%B0%D0%BC%D0%B5%D1%82%D0%BA%D0%B8%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B0 HTTP 302
- https://mc.yandex.ru/watch/26520969/1?wmode=7&page-url=https%3A%2F%2Fsys-admin.in.ua%2Factive-directory-kill-chain-attack-defense.html&charset=utf-8&browser-info=ti%3A10%3Ans%3A1565625378501%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190812175620%3Aet%3A1565625381%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A122697118%3Ahid%3A456583636%3Ads%3A51%2C186%2C726%2C84%2C0%2C0%2C0%2C932%2C14%2C%2C%2C%2C1898%3Afp%3A1699%3Awn%3A61618%3Ahl%3A2%3Agdpr%3A14%3Av%3A1697%3Ast%3A1565625381%3Au%3A1565625381645536593%3At%3AActive%20Directory%20Kill%20Chain%20Attack%20%26%20Defense%20-%20%D0%97%D0%B0%D0%BC%D0%B5%D1%82%D0%BA%D0%B8%20%D1%81%D0%B8%D1%81%D1%82%D0%B5%D0%BC%D0%BD%D0%BE%D0%B3%D0%BE%20%D0%B0%D0%B4%D0%BC%D0%B8%D0%BD%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%82%D0%BE%D1%80%D0%B0
- https://p1.ntvk1.ru/nps HTTP 302
- https://rsincter.com/cro HTTP 302
- https://p1.ntvk1.ru/scn?sid=1565625393840
- https://mc.yandex.ru/watch/26520969?page-url=https%3A%2F%2Fsys-admin.in.ua%2Factive-directory-kill-chain-attack-defense.html&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1565625378501%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190812175635%3Aet%3A1565625396%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A139%3Arn%3A852795639%3Ahid%3A456583636%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12519%2C12519%2C6%2C%3Agdpr%3A14%3Av%3A1697%3Ast%3A1565625396%3Au%3A1565625381645536593%3App%3A823294630 HTTP 302
- https://mc.yandex.ru/watch/26520969/1?page-url=https%3A%2F%2Fsys-admin.in.ua%2Factive-directory-kill-chain-attack-defense.html&charset=utf-8&force-urlencoded=1&browser-info=ti%3A1%3Adp%3A1%3Ans%3A1565625378501%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aadb%3A2%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1200%3Az%3A120%3Ai%3A20190812175635%3Aet%3A1565625396%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Aar%3A1%3Anb%3A1%3Acl%3A139%3Arn%3A852795639%3Ahid%3A456583636%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C12519%2C12519%2C6%2C%3Agdpr%3A14%3Av%3A1697%3Ast%3A1565625396%3Au%3A1565625381645536593%3App%3A823294630
52 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
active-directory-kill-chain-attack-defense.html
sys-admin.in.ua/ |
99 KB 32 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-list.css
sys-admin.in.ua/wp-content/plugins/page-list/css/ |
2 KB 897 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shortcodes.css
sys-admin.in.ua/wp-content/themes/basic/themify/css/ |
29 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
sys-admin.in.ua/wp-content/themes/basic/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
media-queries.css
sys-admin.in.ua/wp-content/themes/basic/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
prettyPhoto.css
sys-admin.in.ua/wp-content/themes/basic/ |
19 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
sys-admin.in.ua/wp-includes/js/jquery/ |
91 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-migrate.min.js
sys-admin.in.ua/wp-includes/js/jquery/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
comment-reply.min.js
sys-admin.in.ua/wp-includes/js/ |
757 B 768 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
flowplayer-3.2.4.min.js
sys-admin.in.ua/wp-content/themes/basic/themify/js/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
93 KB 34 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
68747470733a2f2f646f63732e6d6963726f736f66742e636f6d2f656e2d75732f616476616e6365642d7468726561742d616e616c79746963732f6d656469612f61747461636b2d6b696c6c2d636861696e2d736d616c6c2e6a7067
camo.githubusercontent.com/9547d8152e3490a6e5e3da0279faab64340885be/ |
123 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
css
fonts.googleapis.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jcarousel.js
sys-admin.in.ua/wp-content/themes/basic/themify/js/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
themify.shortcodes.js
sys-admin.in.ua/wp-content/themes/basic/themify/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.prettyPhoto.js
sys-admin.in.ua/wp-content/themes/basic/js/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
themify.script.js
sys-admin.in.ua/wp-content/themes/basic/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count.js
sys-admin.in.ua/wp-content/plugins/disqus-comment-system/media/js/ |
879 B 797 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
js
maps.google.com/maps/api/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
search.png
sys-admin.in.ua/wp-content/themes/basic/images/ |
398 B 701 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rss.png
sys-admin.in.ua/wp-content/themes/basic/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-author.png
sys-admin.in.ua/wp-content/themes/basic/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-category.png
sys-admin.in.ua/wp-content/themes/basic/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
post-comment.png
sys-admin.in.ua/wp-content/themes/basic/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pluso-like.js
share.pluso.ru/ |
41 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow-up.png
sys-admin.in.ua/wp-content/themes/basic/images/ |
231 B 533 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190807/r20190131/ |
216 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190807/r20190131/ Frame B106 |
216 KB 80 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190807/r20190131/ Frame C6E8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 101 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame 4717 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
75 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count.js
http-sys-admin-in-ua.disqus.com/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
watch.js
mc.yandex.ru/metrika/ |
133 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads
googleads.g.doubleclick.net/pagead/ Frame D1DF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/26520969/ Redirect Chain
|
114 B 665 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
advert.gif
mc.yandex.ru/metrika/ |
43 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
count-data.js
http-sys-admin-in-ua.disqus.com/ |
214 B 737 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
process
share.pluso.ru/ |
163 B 620 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
hit;PLUSO
counter.yadro.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
07.png
share.pluso.ru/img/pluso-like/square/big/ |
50 KB 50 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
plus.png
share.pluso.ru/img/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
kb.js
kitbit.net/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
adcm.js
tag.digitaltarget.ru/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s.js
kitbit.net/ |
1 B 303 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
h.gif
kitbit.net/ |
43 B 537 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scn
p1.ntvk1.ru/ Redirect Chain
|
68 B 385 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sud
ut9.rktch.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1
mc.yandex.ru/watch/26520969/ Redirect Chain
|
43 B 444 B |
Other
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fonts.googleapis.com
- URL
- http://fonts.googleapis.com/css?family=Old+Standard+TT%3A400%2C400italic%2C700&ver=3.8.3
- Domain
- maps.google.com
- URL
- http://maps.google.com/maps/api/js?sensor=false
- Domain
- counter.yadro.ru
- URL
- https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//sys-admin.in.ua/active-directory-kill-chain-attack-defense.html;hActive%20Directory%20Kill%20Chain%20Attack%20%26%20Defense%20-%20%u0417%u0430%u043C%u0435%u0442%u043A%u0438%20%u0441%u0438%u0441%u0442%u0435%u043C%u043D%u043E%u0433%u043E%20%u0430%u0434%u043C%u0438%u043D%u0438%u0441%u0442%u0440%u0430%u0442%u043E%u0440%u0430;1
- Domain
- tag.digitaltarget.ru
- URL
- https://tag.digitaltarget.ru/adcm.js
- Domain
- ut9.rktch.com
- URL
- https://ut9.rktch.com/sud
Verdicts & Comments Add Verdict or Comment
79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| advanced_ads_ready undefined| $ function| jQuery object| addComment function| $f function| flowplayer function| flashembed function| initialize object| dynamicgoogletags object| google_js_reporting_queue object| adsbygoogle string| GoogleAnalyticsObject function| ga number| ifpluso object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad number| _gfp_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars boolean| advanced_ads_ga_UID boolean| advanced_ads_ga_anonymIP function| advanced_ads_check_adblocker object| jQuery110206060140709079982 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| getNthIndex function| isNthOf object| pseudos function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired boolean| pp_alreadyInitialized function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| countVars string| disqus_shortname boolean| doresize object| scroll_pos string| url boolean| hashtag object| Ya object| yaCounter26520969 object| DISQUSWIDGETS undefined| disqus_domain object| pluso object| k string| pt object| s object| adcm_config object| a object| m0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
camo.githubusercontent.com
counter.yadro.ru
fonts.googleapis.com
googleads.g.doubleclick.net
http-sys-admin-in-ua.disqus.com
kitbit.net
maps.google.com
mc.yandex.ru
p1.ntvk1.ru
pagead2.googlesyndication.com
rsincter.com
share.pluso.ru
sys-admin.in.ua
tag.digitaltarget.ru
ut9.rktch.com
www.google-analytics.com
www.googletagservices.com
counter.yadro.ru
fonts.googleapis.com
maps.google.com
tag.digitaltarget.ru
ut9.rktch.com
151.101.112.133
151.101.112.134
185.59.220.24
2606:4700:30::681c:169a
2a00:1450:4001:806::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:821::200e
2a02:6b8::1:119
31.131.252.90
31.131.252.94
31.41.217.94
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
18a17910691549daeb647c3477f094433b2420188277e45d7d3fe1a2dfa68da3
1e832ae4a28dad7bc15ea2b107cb68a75c6a1396d20d0990a942b915c99fe42c
1f1cd1fc223af3315d9754dc7fd8c78c4d578d2c66b5259b29b5c9560d056703
234390b1151b7a4020f265ec0bb2b501958276c862d5693a638dc88f493f8e24
340277869a89746ff06a46d7a773d8b87708a32da1669635ddafec18aaea1ed3
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
54424cc31f6e07589ed1921e45f17b9f4eccf7e580b08c791e85116c6ebf78ff
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5aa090666860bfb6aea6fd75dc1fad91145ed250dd67d1df5c38359458a6691e
625c130e911de56b5aec5c0546c295bc88fc700bc70b46de893a79e8f446f683
63468f1e32dcbeb9a63da8960216870accd593a2e5f2bc0c006105955bc72c97
6c2131236f233fd81b7ffeb077c6135623bf82212edce074cd28e45a64a48c11
7387d98f03b399259c2cfaf88e3de4b35eaddf25ea95076968158e59b1fe18b6
75e393fb394b7d13facc1c35054dbc7d90ad5a3dfff1bb32ebea9e54196211ed
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
80138276c9678dcc4941a8a53b7da3dfbee2fbc8add2a96cfab231b4af210b9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86c5a7b4847bd22df5fa295a939ef94fab1cd40ebd11e1f7fdff7e84b827e176
8980da6dfd13d83642782f293232ea245a5f3632388b03032307140d44161a53
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
a4e96ec53af818260d2087162c1abc8ebdf57f487aa35d39e3c3775ac007e318
ac8e31ca027b7b2aca9fae073010b75af86df534c88fa3a6783b1c30c96e6caa
b02ab5446d4dd91bc73183089db613f7cd4c954bc79a21dff4785c9280af45a0
b1319cb2fb4ebd9a71a33b8af20efe7c64fd888bb9ed00058e9e34da5e61e868
b3fd2bd251945091f3e856b2d244d662e7980d715b6d7f1722fde67e6dd321ef
b712f92e64794e2d05b20c046f7b6dbf1051ce509fc6e537435ec4bab7613618
c30f2868a2464309da799012df1e368f29ac38fd68a814bdf539f6e283eb2852
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
cbccc1e9f8625ae00b3aaeb41fdce4e2dae8fd654935f7cc85df833cb68e72a6
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d6e3d85886e160a9d118d0255735968f7ba6c34ca1ee43e79f27d4214381050a
db751de58d33e028b82720bd4ec2e48426babbd8f0c4c6d36d07ee223590ce22
e15a95e9097578c8a3e2100a876757b098fda01dec68069b248f5408d28dc1c7
e8bae307cfe946214afda7f62e1860ef8e0a49b4e51eca9ff6ce8126bee6e0ea
eb96b6c24b66009a1eba18c3a6ad123a8201daef7b620d5e026f4d9b30a83496
f49a32b011cab136846fac09db31468eaebe394f2e64cc78cdb1e91f4285c58d
f6950bd995674741c600d0465a333f5491d5713e8ac2e3fc57d61cccadba522d
fbf5f8b8399f8e946499b965da2869345f34282b6ded90ca8cabc8ba9474da45