vrls.ws Open in urlscan Pro
185.199.108.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Submission: On February 03 via manual (February 3rd 2021, 9:04:14 am UTC) from IN

Summary HTTP 10 Redirects Links 5 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 185.199.108.153, located in United States and belongs to FASTLY, US. The main domain is vrls.ws.
TLS certificate: Issued by R3 on January 9th 2021. Valid for: 3 months.

This is the only time vrls.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
7	185.199.108.153 185.199.108.153		54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:824::2008		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e		15169 (GOOGLE) (GOOGLE)
10	3

7 185.199.108.153 (United States)

ASN54113 (FASTLY, US)

vrls.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	vrls.ws vrls.ws	102 KB
2	google-analytics.com www.google-analytics.com	19 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
10	3

	Domain	Requested by
7	vrls.ws	vrls.ws
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.googletagmanager.com	vrls.ws
10	3

This site contains links to these domains. Also see Links.

Domain
play.google.com
testes-codigo.pt
apps.apple.com
andreasviklund.com

Subject Issuer	Validity	Valid
vrls.ws R3	`2021-01-09` - `2021-04-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Frame ID: 03BB1B7FE266D09535359A975BE1F028
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^GitHub\.com$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prism (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /prism\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

10
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

159 kB
Transfer

465 kB
Size

3
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=tdc.testesdecodigo
Title: tdc.testesdecodigo

Search URL Search Domain Scan URL

URL: https://testes-codigo.pt/
Title: https://testes-codigo.pt/

Search URL Search Domain Scan URL

URL: https://testes-codigo.pt/testemunhos/
Title: https://testes-codigo.pt/testemunhos/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/pt/app/testes-de-c%C3%B3digo-imt-2020/id1451809836
Title: https://apps.apple.com/pt/app/testes-de-c%C3%B3digo-imt-2020/id1451809836

Search URL Search Domain Scan URL

URL: https://andreasviklund.com/
Title: Andreas Viklund

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/ 6 KB
2 KB 167ms
99ms Document
text/html 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 26a8ff4160d2a03012b1ca5f93e7e111c5beb9423f50e9a2cbfda8a48709ea70

Request headers

:method: GET
:authority: vrls.ws
:scheme: https
:path: /posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: GitHub.com
last-modified: Wed, 27 Jan 2021 15:29:41 GMT
access-control-allow-origin: *
etag: W/"601186e5-1960"
expires: Wed, 03 Feb 2021 09:13:56 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 65F8:EDCC:DC4162:E96A4D:601A66FB
accept-ranges: bytes
date: Wed, 03 Feb 2021 09:03:56 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-hhn4052-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1612343036.238548,VS0,VE89
vary: Accept-Encoding
x-fastly-request-id: 1824d7e5e48aaf68589649332bee87cbe46d32dc
content-length: 1906

GET
H2 200 RobotoCondensed.css
vrls.ws/css/ 3 KB
709 B 102ms
101ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vrls.ws/css/RobotoCondensed.css
Requested by: Host: vrls.ws
URL: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: ade509d4ea93e2755569837ea972e04251679ac10ba99d64e9800a3e2edec6f5

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: e894944ca563ceabc8a819e2432aa4bf9588dfc9
date: Wed, 03 Feb 2021 09:03:56 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 550
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Wed, 27 Jan 2021 15:29:41 GMT
server: GitHub.com
x-github-request-id: 36D4:6B28:190EC72:1A75E55:601A66FC
x-timer: S1612343036.344814,VS0,VE93
etag: W/"601186e5-a4e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Wed, 03 Feb 2021 09:13:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 style.css
vrls.ws/css/ 8 KB
2 KB 115ms
114ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vrls.ws/css/style.css
Requested by: Host: vrls.ws
URL: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: a9cc266677d595d712c730d8bbe4a403ca6e4c18e921e6da4357775385973869

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 65664c05d221c5be7d33b63629c325dfcb73c33a
date: Wed, 03 Feb 2021 09:03:56 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 2277
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Wed, 27 Jan 2021 15:29:41 GMT
server: GitHub.com
x-github-request-id: 6C00:6B28:190EC72:1A75E61:601A66FC
x-timer: S1612343036.344977,VS0,VE102
etag: W/"601186e5-21ef"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Wed, 03 Feb 2021 09:13:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 prism.css
vrls.ws/css/ 2 KB
1015 B 102ms
101ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vrls.ws/css/prism.css
Requested by: Host: vrls.ws
URL: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 80c4c32e0825bca6651f7151be538f7b5491a8af3ffff3801deab7bbef93b08a

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 6ac8d209827e052d8ad2e70848e110a683dae0dd
date: Wed, 03 Feb 2021 09:03:56 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 875
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Wed, 27 Jan 2021 15:29:41 GMT
server: GitHub.com
x-github-request-id: 8400:13E3C:D3BB16:E065F8:601A66FB
x-timer: S1612343036.344982,VS0,VE94
etag: W/"601186e5-7a3"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Wed, 03 Feb 2021 09:13:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 jquery-1.js Show response
vrls.ws/js/ 262 KB
80 KB 105ms
104ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vrls.ws/js/jquery-1.js
Requested by: Host: vrls.ws
URL: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 1160a6e47d8cf3938e9e85c94468f30c5cf5cf3a
date: Wed, 03 Feb 2021 09:03:56 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 81118
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Wed, 27 Jan 2021 15:29:41 GMT
server: GitHub.com
x-github-request-id: 921C:4518:15EA80:177D6E:601A66FC
x-timer: S1612343036.344963,VS0,VE97
etag: W/"601186e5-4185d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 03 Feb 2021 09:13:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 prism.js Show response
vrls.ws/js/ 41 KB
16 KB 99ms
98ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vrls.ws/js/prism.js
Requested by: Host: vrls.ws
URL: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 1cfc18c5a3f05b5a5ebcc9851e862f4312457da4487ad43c8ddd469a80698895

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: 12b8f0e314730612b458428fe668acc64e1a0b3a
date: Wed, 03 Feb 2021 09:03:56 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 15897
x-served-by: cache-hhn4052-HHN
access-control-allow-origin: *
last-modified: Wed, 27 Jan 2021 15:29:41 GMT
server: GitHub.com
x-github-request-id: 2F48:6B25:316EAB:3574B4:601A66FC
x-timer: S1612343036.345166,VS0,VE91
etag: W/"601186e5-a3d5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Wed, 03 Feb 2021 09:13:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 56ms
36ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-156800674-1

Requested by

Host: vrls.ws
URL: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

43266b49e30151ee7898508813e60dbe4984d0ffb9bf7afd3fb73bd15a77a856

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 09:03:56 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38916
x-xss-protection: 0
expires: Wed, 03 Feb 2021 09:03:56 GMT

GET
H2 200 dots.png
vrls.ws/img/ 82 B
241 B 95ms
95ms Image
image/png 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vrls.ws/img/dots.png
Requested by: Host: vrls.ws
URL: https://vrls.ws/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 532d9ab6bd0c56dd768ec80a67aa52a65d480c5368ba3f9c0a9201d8ed8034a8

Request headers

Referer: https://vrls.ws/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: e502ef4a47c0aa02e453480bd88086b1c38aa5fd
date: Wed, 03 Feb 2021 09:03:56 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
content-length: 82
x-served-by: cache-hhn4052-HHN
last-modified: Wed, 27 Jan 2021 15:29:41 GMT
server: GitHub.com
x-github-request-id: 5484:B52A:6AC4C0:71E762:601A66FC
x-timer: S1612343036.475584,VS0,VE88
etag: "601186e5-52"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Wed, 03 Feb 2021 09:13:56 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156800674-1

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 6593
date: Wed, 03 Feb 2021 07:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 03 Feb 2021 09:14:03 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
381 B 45ms
12ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1359522528&t=pageview&_s=1&dl=https%3A%2F%2Fvrls.ws%2Fposts%2F2021%2F01%2Fcve-2021-25647-mobile-application-testes-de-codigo-stored-xss%2F&ul=en-us&de=UTF-8&dt=CVE-2021-25647%20-%20Stored%20XSS%20on%20Mobile%20Application%20%22Testes%20de%20C%C3%B3digo%22&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=338986021&gjid=2044152185&cid=2025294948.1612343037&tid=UA-156800674-1&_gid=1509900009.1612343037&_r=1&gtm=2ou1k0&z=670036980

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://vrls.ws/posts/2021/01/cve-2021-25647-mobile-application-testes-de-codigo-stored-xss/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 09:03:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vrls.ws
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| _self object| Prism function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vrls.ws/	1970-01-19 15:52:23	Name: _gat_gtag_UA_156800674_1 Value: 1
			.vrls.ws/	1970-01-19 15:53:49	Name: _gid Value: GA1.2.1509900009.1612343037
			.vrls.ws/	1970-01-20 09:23:35	Name: _ga Value: GA1.2.2025294948.1612343037

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

vrls.ws
www.google-analytics.com
www.googletagmanager.com
185.199.108.153
2a00:1450:4001:821::200e
2a00:1450:4001:824::2008
1cfc18c5a3f05b5a5ebcc9851e862f4312457da4487ad43c8ddd469a80698895
26a8ff4160d2a03012b1ca5f93e7e111c5beb9423f50e9a2cbfda8a48709ea70
43266b49e30151ee7898508813e60dbe4984d0ffb9bf7afd3fb73bd15a77a856
532d9ab6bd0c56dd768ec80a67aa52a65d480c5368ba3f9c0a9201d8ed8034a8
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
80c4c32e0825bca6651f7151be538f7b5491a8af3ffff3801deab7bbef93b08a
a9cc266677d595d712c730d8bbe4a403ca6e4c18e921e6da4357775385973869
ade509d4ea93e2755569837ea972e04251679ac10ba99d64e9800a3e2edec6f5
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b