URL: https://karmainsecurity.com/KIS-2023-04
Submission: On January 25 via api from US — Scanned from NL

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is karmainsecurity.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 23rd 2022. Valid for: a year.
This is the only time karmainsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
15 5
Apex Domain
Subdomains
Transfer
9 karmainsecurity.com
karmainsecurity.com
62 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
region1.google-analytics.com — Cisco Umbrella Rank: 2439
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
120 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 943
6 KB
15 4
Domain Requested by
9 karmainsecurity.com karmainsecurity.com
static.cloudflareinsights.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com karmainsecurity.com
www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.cloudflareinsights.com karmainsecurity.com
15 5

This site contains links to these domains. Also see Links.

Domain
tiki.org
localhost
cve.mitre.org
analytics.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-03-23 -
2023-03-22
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-01-02 -
2023-03-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://karmainsecurity.com/KIS-2023-04
Frame ID: EBB1515DA097E404F7BF57627083185C
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

Tiki Wiki CMS Groupware <= 24.1 (tikiimporter_blog_wordpress.php) PHP Object Injection Vulnerability | Karma(In)Security

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <(?:script|link)[^>]*sh(?:Core|Brush|ThemeDefault)

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

208 kB
Transfer

554 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request KIS-2023-04
karmainsecurity.com/
18 KB
5 KB
Document
General
Full URL
https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
57f5b2fd7c9884dd3a6e31fee1cc6c0cf16c5585166c3463ceda1e2774941d27

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78ed262d3e091c9e-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 25 Jan 2023 01:13:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj71YHpoPHTCJk%2F0ZnIextxG12FhlLBvwowak1%2FBmIbpPwPjGvceUdr1lP6FaJ4WGAR2mzZXWd%2Fy66afSamxKQK7gzvmpOoKmvLweYgNYrZe692elTlte147XIIHu0hA94WWbGzIKLrHYeYDgzCEbPeI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/5.6.40
js
www.googletagmanager.com/gtag/
113 KB
44 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-150426388-1
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
91f5de9e3fec1c67000c237f062a271bc17a92e52c789a725fffe738e35d754e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 25 Jan 2023 01:13:56 GMT
style.css
karmainsecurity.com/data/theme/
18 KB
5 KB
Stylesheet
General
Full URL
https://karmainsecurity.com/data/theme/style.css
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e120bf3a96e00dc90e373cc6c7bf714ed0f79fe80e268d7d833be3ee27f8055

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/KIS-2023-04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 08 Apr 2022 13:54:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3VdS7Z04okv9G%2B%2B6EkdsPLxSncfKPS0Vg20HWMU6d1RtwKbGOfkIBzs2kKWCzmu2HR5tXSvVxUZdo%2BNI4Tld%2F0iNG2h7vZLA3%2BxeEKMk70cyNRd84Ljer50qa4r2yxLdoTV0oUAq6cAVd9valwVeIq7f"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
78ed262e8f601c9e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
favicon.png
karmainsecurity.com/
3 KB
4 KB
Image
General
Full URL
https://karmainsecurity.com/favicon.png
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e934172b90491b721b981eecc8a8e50d84803726888372a9db77410d9ec2cf59

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/KIS-2023-04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Jan 2013 00:08:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z81uAaJe3vChIk3%2BYDgcBq79DC91DbAsfKnphPn4L3qH9ojbKMpXCm0s%2BZNSArxcXPBtrMiiOAEPEGmWlkChs%2BjvKDlWqiQ%2FKPeWrEO%2FUfjx6ZnzUadxizvdaO1QZU3%2BtKYUUvhAJsYYbYwjxgvW2pTo"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
78ed262eaf851c9e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3402
shCore.js
karmainsecurity.com/data/syntaxhighlighter/scripts/
16 KB
9 KB
Script
General
Full URL
https://karmainsecurity.com/data/syntaxhighlighter/scripts/shCore.js
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
584a26f39cef2db245f41d4f6b8e3d0f7dfac5c06f0f454a49dfb94f6fb1517b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/KIS-2023-04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 29 Jan 2013 19:31:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYcN0JQddVr%2FItDUsyxsLDafa%2B%2FLsnVzJ0JdG%2BZJdIh%2FUaNA0NBO5M%2Bx9AoahtZD5xRnBDf0ZiZVeDxUoIpa0Xex15wOjgOXmWdCMV%2FlbcIY7XtYYKEcPE4dFuiIr4REeDS2oJNCDsDWRxS4HBlhG%2BI0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
78ed262eaf811c9e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
shBrushPhp.js
karmainsecurity.com/data/syntaxhighlighter/scripts/
5 KB
2 KB
Script
General
Full URL
https://karmainsecurity.com/data/syntaxhighlighter/scripts/shBrushPhp.js
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1367c64192484f57712d8021cf4a1cb6e946a3cc21025d5aa5fb317259ec5768

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/KIS-2023-04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 04 Mar 2016 02:55:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YN%2BjN91%2FGIGl13CkeMjnd11hEj9SI%2FTwrYsHpeLxN5s0dMCnMYorhtLGQx2FDfL9Woy718DTZcYEniD%2BQ5TRjWfvmi%2F3lV4xO4Kt2n5eHGyKhUprfTGo%2FbfzScBZpdaddk2ExYUUDbnTpKR2M3Zl157o"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
78ed262eaf821c9e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.js
karmainsecurity.com/data/js/
92 KB
33 KB
Script
General
Full URL
https://karmainsecurity.com/data/js/jquery.js
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60edc37b0c692b655c6d228cca8f51fc3ab5d107cb920c0f614089018bcc35e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/KIS-2023-04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 05 Feb 2013 23:13:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNbKyamUupIbvq747l9nnWxw88%2BvRAH8%2FfMvKlhIC3c2md65Au8TQNG5XrxmmPjgxYZEh2Q%2F1f2y2wxsF3GAyP6Hf5i3B6ehmJTmE%2FBCiiBtdh5yyedYbQOgK4jama7EQgQtaUZtCI2XfkMH78Cx8KTN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
78ed262eaf841c9e-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/
17 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://karmainsecurity.com/
Origin
https://karmainsecurity.com
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
78ed262ecf69b72e-AMS
shCore.css
karmainsecurity.com/data/syntaxhighlighter/styles/
6 KB
2 KB
Stylesheet
General
Full URL
https://karmainsecurity.com/data/syntaxhighlighter/styles/shCore.css
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a94f2af81ce063468dc78beb1888caf7c0f4cae01b4d599c45fee265658d9de

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/KIS-2023-04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jan 2013 01:10:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1425
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgaX4%2FgCSXWVqCuqx0sLkF%2BOPzq0b8%2FAkSmHk4F3QXof5nk43hIskvLCAs6%2FA93tM7wwocWTk%2BeJgwD4c99pwg6a9zGNbR0XmXOfGFUzz7LI6mg5I%2BgR4eiGRKKlAvu58IpQUw7clw8H%2Fgm1TVfJXr%2Fj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
78ed262f6a8b0e08-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0,i=?0
shThemeDefault.css
karmainsecurity.com/data/syntaxhighlighter/styles/
3 KB
1 KB
Stylesheet
General
Full URL
https://karmainsecurity.com/data/syntaxhighlighter/styles/shThemeDefault.css
Requested by
Host: karmainsecurity.com
URL: https://karmainsecurity.com/KIS-2023-04
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9718c68f663cfdcef66e2b91917e46e3b83e31c9691a2ff658f9bd55c73bc649

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/KIS-2023-04
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Jan 2013 19:32:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1425
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYiZ2fJQ%2FRx8Q6NtfQVBShOMv50%2BD83D9mOKl4kNssane5DlUQmvlCB7IJU7yq4ZbmYp6WsuS81uvLAQ%2Fn9LLgaxuuvMOIpfdY0ahYDSQEo5hwr4gZWyle5rd6NNY6fcr4msS50yInB02JnFCKyJcG7%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
78ed262f6a8e0e08-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0,i=?0
js
www.googletagmanager.com/gtag/
214 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S7B1YGEG1E&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150426388-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c360f714d01d5a9cb1c06d6266bc138b431177d8947681253fd7faa5879d8ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 25 Jan 2023 01:13:56 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-150426388-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 25 Jan 2023 00:36:45 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
2231
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 25 Jan 2023 02:36:45 GMT
collect
region1.google-analytics.com/g/
0
349 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S7B1YGEG1E&gtm=2oe1n0&_p=1601829484&cid=1315221954.1674609237&ul=en-us&sr=1600x1200&_s=1&sid=1674609236&sct=1&seg=0&dl=https%3A%2F%2Fkarmainsecurity.com%2FKIS-2023-04&dt=Tiki%20Wiki%20CMS%20Groupware%20%3C%3D%2024.1%20(tikiimporter_blog_wordpress.php)%20PHP%20Object%20Injection%20Vulnerability%20%7C%20Karma(In)Security&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S7B1YGEG1E&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://karmainsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Jan 2023 01:13:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://karmainsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1601829484&t=pageview&_s=1&dl=https%3A%2F%2Fkarmainsecurity.com%2FKIS-2023-04&ul=en-us&de=UTF-8&dt=Tiki%20Wiki%20CMS%20Groupware%20%3C%3D%2024.1%20(tikiimporter_blog_wordpress.php)%20PHP%20Object%20Injection%20Vulnerability%20%7C%20Karma(In)Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1847297295&gjid=1070699473&cid=1315221954.1674609237&tid=UA-150426388-1&_gid=928523245.1674609237&_r=1&_slc=1&gtm=2ou1n0&z=2067002442
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://karmainsecurity.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 25 Jan 2023 01:13:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://karmainsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
karmainsecurity.com/cdn-cgi/
0
143 B
XHR
General
Full URL
https://karmainsecurity.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://karmainsecurity.com/KIS-2023-04
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type
application/json

Response headers

date
Wed, 25 Jan 2023 01:13:56 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://karmainsecurity.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
78ed2630ec7c0e08-AMS

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| gtag object| dataLayer function| XRegExp object| SyntaxHighlighter function| mD function| $ function| jQuery object| __cfBeacon object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData string| className boolean| gutter

4 Cookies

Domain/Path Name / Value
.karmainsecurity.com/ Name: _ga_S7B1YGEG1E
Value: GS1.1.1674609236.1.0.1674609236.0.0.0
.karmainsecurity.com/ Name: _ga
Value: GA1.2.1315221954.1674609237
.karmainsecurity.com/ Name: _gid
Value: GA1.2.928523245.1674609237
.karmainsecurity.com/ Name: _gat_gtag_UA_150426388_1
Value: 1