research.jfrog.com Open in urlscan Pro
185.199.109.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Effective URL:
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Submission: On February 28 via api (February 28th 2024, 1:09:44 am UTC) from IL — Scanned from IL

Summary HTTP 33 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 33 HTTP transactions. The main IP is 185.199.109.153, located in San Francisco, United States and belongs to FASTLY, US. The main domain is research.jfrog.com.
TLS certificate: Issued by R3 on January 2nd 2024. Valid for: 3 months.

This is the only time research.jfrog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	185.199.109.153 185.199.109.153	54113 (FASTLY) (FASTLY)
2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
5	23.37.63.218 23.37.63.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.239.38.21 216.239.38.21	15169 (GOOGLE) (GOOGLE)
5	162.13.202.201 162.13.202.201	15395 (RACKSPACE...) (RACKSPACE-LON)
33	6

19 185.199.109.153 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com

research.jfrog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.63.218 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-218.deploy.static.akamaitechnologies.com

lonrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net

gtm.jfrog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.13.202.201 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

lonrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	jfrog.com 1 redirects research.jfrog.com speedmedia.jfrog.com Failed gtm.jfrog.com — Cisco Umbrella Rank: 303572	405 KB
10	marketo.com lonrtp1-cdn.marketo.com — Cisco Umbrella Rank: 81756 rtp-static.marketo.com — Cisco Umbrella Rank: 18986 lonrtp1.marketo.com — Cisco Umbrella Rank: 72931	124 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	196 KB
33	3

	Domain	Requested by
19	research.jfrog.com	1 redirects research.jfrog.com
5	lonrtp1.marketo.com	research.jfrog.com rtp-static.marketo.com
4	rtp-static.marketo.com	research.jfrog.com
2	www.googletagmanager.com	research.jfrog.com
1	gtm.jfrog.com	www.googletagmanager.com
1	lonrtp1-cdn.marketo.com	research.jfrog.com
0	speedmedia.jfrog.com Failed	research.jfrog.com
33	7

This site contains links to these domains. Also see Links.

Domain
twitter.com
github.com
jfrog.com

Subject Issuer	Validity	Valid
research.jfrog.com R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.marketo.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
gtm.jfrog.com GTS CA 1D4	`2024-01-13` - `2024-04-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Frame ID: AB9BD466B4C6466850C4BFBC14FAAAD7
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MLflow untrusted recipe XSS | JFSA-2024-000631930 - JFrog Security Research

Page URL History Show full URLs

http://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/ HTTP 301
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-
vue[.-]([\d.]*\d)[^/]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

94 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

6
IPs

3
Countries

725 kB
Transfer

1457 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/JFrogSecurity
Title: Follow JFrog Security

Search URL Search Domain Scan URL

URL: https://github.com/mlflow/mlflow/pull/10873
Title: Fix PR

Search URL Search Domain Scan URL

URL: https://jfrog.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://jfrog.com/jfrog-cookies-policy/
Title: Cookies Policy

Search URL Search Domain Scan URL

URL: https://jfrog.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/ HTTP 301
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Redirect Chain

http://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/

17 KB
7 KB

431ms
231ms

Document
text/html

185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 1184151016943a9c42089a907613ccefa3b614e8ee9b17a1d9dc9aeecd7fbc02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 6807
content-type: text/html; charset=utf-8
date: Wed, 28 Feb 2024 01:09:37 GMT
etag: W/"65de7b69-45a0"
expires: Wed, 28 Feb 2024 01:19:37 GMT
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: f20bee40eb320ed1fb45725bf9d20428ebf55e71
x-github-request-id: FDF0:0E77:34329EB:351FADC:65DE87D0
x-proxy-cache: MISS
x-served-by: cache-mrs10538-MRS
x-timer: S1709082577.363435,VS0,VE135

Redirect headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 28 Feb 2024 01:09:37 GMT
Location: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Server: GitHub.com
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Fastly-Request-ID: 78aaae68ba56c21ba1ce400777aece07b3a08b51
X-GitHub-Request-Id: 4758:0E10:164023B:16A2948:65DE87D0
X-Served-By: cache-mrs1050105-MRS
X-Timer: S1709082577.958349,VS0,VE98

GET
H2 200 0.styles.ee79b767.css
research.jfrog.com/assets/css/ 92 KB
59 KB 356ms
355ms Stylesheet
text/css 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 60ff7a3beaced3f2346c7c3b676aece09bfbebeb06d4cdcf8dfbdca943fa407d

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: f5882ddafa26fd24c38f6f886204ae5c881476a2
date: Wed, 28 Feb 2024 01:09:37 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 60047
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: E4E6:0E33:16D22FB:173DD0A:65DE87D0
x-timer: S1709082578.599686,VS0,VE128
etag: W/"65de7b69-16eb5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:37 GMT

GET
H2 200 app.9563b172.js Show response
research.jfrog.com/assets/js/ 229 KB
90 KB 217ms
217ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/app.9563b172.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 7a38546fbf31ef47fd0278b4dd508547a8138939534fe3e81b946a74aa48a51f

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 92cdc155232cfe4a92515bbdb9aeffc1b1c457f1
date: Wed, 28 Feb 2024 01:09:37 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 91706
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: CCE0:0DF4:1CAC88D:1D2ACEF:65DE87C7
x-timer: S1709082578.599671,VS0,VE121
etag: W/"65de7b69-393fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 28 Feb 2024 01:19:37 GMT

GET
H2 200 page--src--templates--post-vue.a6f69f84.js Show response
research.jfrog.com/assets/js/ 10 KB
4 KB 211ms
210ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--templates--post-vue.a6f69f84.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: ad139faddadf76bbfb0385518f28c1d8b601ae70ce188dc7381b2ebee9b4af1b

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: abe93133380b5c02daa3b69395a24b2dc2af2b2f
date: Wed, 28 Feb 2024 01:09:37 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 3928
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: FEFC:2FC7B5:888ABDE:8B12571:65DE87CF
x-timer: S1709082578.599654,VS0,VE114
etag: W/"65de7b69-2608"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 28 Feb 2024 01:19:37 GMT

GET
H2 200 page--src--pages--404-vue.77816cba.js
research.jfrog.com/assets/js/ 0
6 KB 213ms
213ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--404-vue.77816cba.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: f7fc2bdd5ac20c495b17206a903683337593a952
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 5538
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 8C9E:0E65:196A704:19DF7DA:65DE87D1
x-timer: S1709082578.983346,VS0,VE117
etag: W/"65de7b69-1e20"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 page--src--pages--index-vue.459f3137.js
research.jfrog.com/assets/js/ 0
49 KB 251ms
250ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--index-vue.459f3137.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: ca940e291a7022eabe84d81ffa4b6667e978fe9a
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 49748
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: FA2A:2FC7B5:888AC45:8B125E3:65DE87C5
x-timer: S1709082578.992480,VS0,VE125
etag: W/"65de7b69-19da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 page--src--pages--index-vue~page--src--pages--malicious-packages-vue.5e25d45d.js
research.jfrog.com/assets/js/ 0
31 KB 212ms
211ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--index-vue~page--src--pages--malicious-packages-vue.5e25d45d.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: a229e2367374963795f8cab2de6d031424a46ab1
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 31654
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 28E0:2FC7B5:888AC45:8B125E5:65DE87CF
x-timer: S1709082578.995615,VS0,VE111
etag: W/"65de7b69-5903f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 page--src--pages--malicious-packages-vue.9848d295.js
research.jfrog.com/assets/js/ 0
4 KB 218ms
216ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--malicious-packages-vue.9848d295.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 3e7876539dce636f53b9184067982018c030c46f
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 4278
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 6A86:1307D:74BF57B:76F32FB:65DE87CF
x-timer: S1709082578.997486,VS0,VE112
etag: W/"65de7b69-277a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 page--src--pages--oss-vue.18b64a67.js
research.jfrog.com/assets/js/ 0
18 KB 218ms
217ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--oss-vue.18b64a67.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 282badb8897ad14c5f2d1bd94ddd5e73897744b9
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 17743
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: A27E:0E6C:7739FC:79543D:65DE87D1
x-timer: S1709082578.997465,VS0,VE114
etag: W/"65de7b69-a5a3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 page--src--pages--vulnerabilities-vue.d726b7b6.js
research.jfrog.com/assets/js/ 0
15 KB 225ms
224ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--vulnerabilities-vue.d726b7b6.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 2e469b960574f155fa4ef5b5d867cb4e9bcd5585
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 14986
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: FEFC:2FC7B5:888AC47:8B125E6:65DE87D1
x-timer: S1709082578.997445,VS0,VE116
etag: W/"65de7b69-f4e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 vendors~page--src--pages--index-vue.c7ec8625.js
research.jfrog.com/assets/js/ 0
79 KB 228ms
227ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/vendors~page--src--pages--index-vue.c7ec8625.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: bd6b84ae6e5838a24f95f57f978f80c29a7f031f
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 80417
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: C6F6:90270:6FD5B36:71F3A01:65DE87D0
x-timer: S1709082578.997392,VS0,VE120
etag: W/"65de7b69-4a12b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 speedsize-local.js Show response
research.jfrog.com/ 22 KB
7 KB 371ms
370ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/speedsize-local.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: ac5027e4fd9c4d3ebf93e310d2d1e766b6260ed27ca487312bf4134c0f88fed9

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: e361a941146cc1fe60265956e017b45ba356888a
date: Wed, 28 Feb 2024 01:09:37 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 6622
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 0D14:2FC7B5:888ABE4:8B12576:65DE87CF
x-timer: S1709082578.617109,VS0,VE120
etag: W/"65de7b69-578c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Wed, 28 Feb 2024 01:19:37 GMT

GET
H2 200 roboto-latin-400-normal.aa23b7b4.woff2
research.jfrog.com/assets/fonts/ 15 KB
15 KB 262ms
261ms Font
font/woff2 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/fonts/roboto-latin-400-normal.aa23b7b4.woff2
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Origin: https://research.jfrog.com
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 3f0bc5eb696e01e2caeaaf201eeee16f0306a0cf
date: Wed, 28 Feb 2024 01:09:38 GMT
via: 1.1 varnish
expires: Wed, 28 Feb 2024 01:19:38 GMT
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 15688
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 98F6:0E72:2ECB27E:2FA5968:65DE87D1
x-timer: S1709082578.002771,VS0,VE120
etag: "65de7b69-3d48"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 roboto-latin-700-normal.bf28241e.woff2
research.jfrog.com/assets/fonts/ 15 KB
16 KB 215ms
214ms Font
font/woff2 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/fonts/roboto-latin-700-normal.bf28241e.woff2
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Origin: https://research.jfrog.com
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 049a731129e2b17e2f6000b8bc52533feb061eca
date: Wed, 28 Feb 2024 01:09:38 GMT
via: 1.1 varnish
expires: Wed, 28 Feb 2024 01:19:38 GMT
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 15828
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: E9C0:981E4:7189F16:73AF4BF:65DE87D1
x-timer: S1709082578.002752,VS0,VE109
etag: "65de7b69-3dd4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-cache-hits: 0

GET mxw_64,f_auto
speedmedia.jfrog.com/08612fe1-9391-4cf3-ac1a-6dd49c36b276/https://research.jfrog.com/assets/static/jfrog-logo-svg.5788598.74a3bea875bf053c65a0663c9ec9a0fd.svg/ 0
0

GET mxw_64,f_auto
speedmedia.jfrog.com/08612fe1-9391-4cf3-ac1a-6dd49c36b276/https://research.jfrog.com/assets/static/twitter.e0519be.9769aec62433fd58c76ad32c2d613842.svg/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 369 KB
109 KB 388ms
148ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6MF8M

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

8c7b956338d2d7d5bb83f2bf73980faafeb57000001df62019a225c4d865b1a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110961
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:10:11 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Feb 2024 01:09:38 GMT

GET
H2 200 jfrog-logo-svg.5788598.74a3bea875bf053c65a0663c9ec9a0fd.svg
research.jfrog.com/assets/static/ 7 KB
3 KB 210ms
208ms Image
image/svg+xml 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.jfrog.com/assets/static/jfrog-logo-svg.5788598.74a3bea875bf053c65a0663c9ec9a0fd.svg
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 55b4a50612be7be04e3666639848b92dd23e6b07138f6bcb0e9d5c0b6bb2dd8d

Request headers

width: 40
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 2a2f7f983c8a478736540da6fa1b086583008aff
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 3185
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 2F10:0DF4:1CAC921:1D2AD87:65DE87CD
x-timer: S1709082578.128696,VS0,VE112
etag: W/"65de7b69-1add"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 twitter.e0519be.9769aec62433fd58c76ad32c2d613842.svg
research.jfrog.com/assets/static/ 2 KB
1 KB 207ms
205ms Image
image/svg+xml 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.jfrog.com/assets/static/twitter.e0519be.9769aec62433fd58c76ad32c2d613842.svg
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: fe8231bb10228e33951b2fa88d60bc4daccaddaba86a9819ec37810b2714f12f

Request headers

width: 14
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: ffd78dbf3e401b6df97661d1fb1b89498dfcb12a
date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 1162
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 75C6:0E9D:4607620:47515ED:65DE87D0
x-timer: S1709082578.128936,VS0,VE109
etag: W/"65de7b69-8bb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 index.json
research.jfrog.com/assets/data/ 0
201 B 218ms
217ms Other
application/json 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/data/index.json
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 2f395afd4859f5a8cc6ee5ea1b6b63972d162c00
date: Wed, 28 Feb 2024 01:09:38 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 76
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 0916:0EAC:1C8C2D2:1D13943:65DE87D1
x-timer: S1709082578.383181,VS0,VE117
etag: "65de7b69-4c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 index.json
research.jfrog.com/assets/data/vulnerabilities/ 0
284 B 212ms
211ms Other
application/json 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/data/vulnerabilities/index.json
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-recipe-xss-jfsa-2024-000631930/
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 73599dbd2da34658f81de4af7e3e3c49e571e347
date: Wed, 28 Feb 2024 01:09:38 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 76
x-served-by: cache-mrs10538-MRS
last-modified: Wed, 28 Feb 2024 00:16:41 GMT
server: GitHub.com
x-github-request-id: 5734:0E65:196A781:19DF852:65DE87D0
x-timer: S1709082578.383548,VS0,VE115
etag: "65de7b69-4c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Wed, 28 Feb 2024 01:19:38 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
87 KB 139ms
138ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SQ1NR9VTFJ&l=dataLayer&cx=c

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a2f2118c18087bbb33776b13b205d2424f3356e0c930a03b60726e0e2a387937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:09:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 28 Feb 2024 01:09:38 GMT

GET
H/1.1 200
OK rtp.js Show response
lonrtp1-cdn.marketo.com/rtp-api/v1/ 155 KB
42 KB 415ms
171ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=jfrog

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-63-218.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

d6c503df73be4c3a093c3cd889641fab52b6c62a62bcb5d05ba5fb9c65cca6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Date: Wed, 28 Feb 2024 01:09:38 GMT
Last-Modified: Tue, 09 Jan 2024 23:25:17 GMT
Server: Jetty(9.4.45.v20220203)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=15
Connection: keep-alive
Content-Length: 42855

GET
H2 200 collect Show response
gtm.jfrog.com/g/ 65 B
691 B 774ms
576ms XHR
text/plain 216.239.38.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.jfrog.com/g/collect?v=2&tid=G-SQ1NR9VTFJ&gtm=45je42q1v870433402z86251793za220&_p=1709082577995&gcd=13l3l3l3l1&npa=0&dma=0&cid=876824052.1709082579&ul=en-us&sr=1600x1200&_fplc=0&ur=IL-TA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=IL&sst.etld=google.co.il&sst.gcd=13l3l3l3l1&sst.tft=1709082577995&_s=1&sid=1709082578&sct=1&seg=0&dl=https%3A%2F%2Fresearch.jfrog.com%2Fvulnerabilities%2Fmlflow-untrusted-recipe-xss-jfsa-2024-000631930%2F&dt=MLflow%20untrusted%20recipe%20XSS%20%7C%20JFSA-2024-000631930%20-%20JFrog%20Security%20Research&en=page_view&_fv=1&_nsi=1&_ss=1&ep.tracking_environment=production&tfd=2016&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SQ1NR9VTFJ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.38.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2615.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 01:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://research.jfrog.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 485ms
167ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:39 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 430ms
113ms Stylesheet
text/css 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
lonrtp1.marketo.com/gw1/ 0
436 B 475ms
118ms Script
application/x-javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/trw?aid=jfrog&trwv.uid=jfrog-1709082579054-8f12f199&trwv.vc=1&trwsa.sid=jfrog-1709082579055-3c9b7837&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fresearch.jfrog.com%2Fvulnerabilities%2Fmlflow-untrusted-recipe-xss-jfsa-2024-000631930%2F&pm=&viewedTypes=&rts=1709082579057

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:39 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK ga-integration-2.0.5.js Show response
rtp-static.marketo.com/rtp/libs/ 18 KB
6 KB 428ms
116ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2023 08:00:53 GMT
Server: AkamaiNetStorage
ETag: "18a7b0f60655900c0010a35d07b9da0f:1686816053.163727"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5654

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
427 B 495ms
150ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=jfrog-1709082579055-3c9b7837&aid=jfrog&viewedTypes=&0.8954121673822757&rts=1709082579109

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:39 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
427 B 348ms
118ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=jfrog-1709082579055-3c9b7837&aid=jfrog&viewedTypes=&0.28641627621241517&rts=1709082579537

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:39 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 129ms
128ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H/1.1 200
OK visitor Show response
lonrtp1.marketo.com/gw1/rtp/api/v1_1/ 904 B
2 KB 459ms
117ms XHR
application/json 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/rtp/api/v1_1/visitor?sid=jfrog-1709082579055-3c9b7837&aid=jfrog&1709082579735

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

9689d74633d735076b2f422d134f514cdc3eff667be9e121ed678754b147dc32

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: No-cache
Date: Wed, 28 Feb 2024 01:09:40 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Tue Feb 27 19:09:40 CST 2024
Server: Jetty(9.4.45.v20220203)
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://research.jfrog.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
lonrtp1.marketo.com/gw1/ga/ 48 B
502 B 470ms
125ms XHR
text/json 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/ga/sgm?sid=jfrog-1709082579055-3c9b7837&1709082579736

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Wed, 28 Feb 2024 01:09:40 GMT
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: speedmedia.jfrog.com
URL: https://speedmedia.jfrog.com/08612fe1-9391-4cf3-ac1a-6dd49c36b276/https://research.jfrog.com/assets/static/jfrog-logo-svg.5788598.74a3bea875bf053c65a0663c9ec9a0fd.svg/mxw_64,f_auto

Domain: speedmedia.jfrog.com
URL: https://speedmedia.jfrog.com/08612fe1-9391-4cf3-ac1a-6dd49c36b276/https://research.jfrog.com/assets/static/twitter.e0519be.9769aec62433fd58c76ad32c2d613842.svg/mxw_64,f_auto

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jfrog.com/	1970-01-21 04:20:42	Name: _ga_SQ1NR9VTFJ Value: GS1.1.1709082578.1.0.1709082578.0.0.0
.jfrog.com/	1970-01-21 04:20:42	Name: _ga Value: GA1.1.876824052.1709082579
.jfrog.com/	1970-01-21 04:20:42	Name: trwv.uid Value: jfrog-1709082579054-8f12f199%3A1
.jfrog.com/	1970-01-20 18:44:44	Name: trwsa.sid Value: jfrog-1709082579055-3c9b7837%3A1
.jfrog.com/	1970-01-21 04:20:42	Name: FPID Value: FPID2.2.tiLNPm6kkgDgXFn5ukOvACBooXgD12e25gQXvEt8uao%3D.1709082579
.jfrog.com/	1970-01-20 18:45:54	Name: FPLC Value: Toc%2BGhGMN9FYcJlpyut1GGcoxmkgv7kIZ7Kq8v9PTdli7fkcVhzShh1DIFEzygUKZx6IAQltTcu9Yc3EYDVJmbokUgPYGANJNmYUbdNGOaQXFIgFSoHC%2B6EeNdMPzQ%3D%3D
.jfrog.com/	1969-12-31 23:59:59	Name: gtmIdnts Value: %7B%22ga_cid%22%3A%22876824052.1709082579%22%2C%22ga_fpid%22%3A%22tiLNPm6kkgDgXFn5ukOvACBooXgD12e25gQXvEt8uao%3D.1709082579%22%2C%22ga_session_id%22%3A%221709082578%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gtm.jfrog.com
lonrtp1-cdn.marketo.com
lonrtp1.marketo.com
research.jfrog.com
rtp-static.marketo.com
speedmedia.jfrog.com
www.googletagmanager.com
speedmedia.jfrog.com
142.250.186.40
162.13.202.201
185.199.109.153
216.239.38.21
23.37.63.218
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1184151016943a9c42089a907613ccefa3b614e8ee9b17a1d9dc9aeecd7fbc02
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
55b4a50612be7be04e3666639848b92dd23e6b07138f6bcb0e9d5c0b6bb2dd8d
60ff7a3beaced3f2346c7c3b676aece09bfbebeb06d4cdcf8dfbdca943fa407d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
7a38546fbf31ef47fd0278b4dd508547a8138939534fe3e81b946a74aa48a51f
8c7b956338d2d7d5bb83f2bf73980faafeb57000001df62019a225c4d865b1a4
9689d74633d735076b2f422d134f514cdc3eff667be9e121ed678754b147dc32
a2f2118c18087bbb33776b13b205d2424f3356e0c930a03b60726e0e2a387937
ac5027e4fd9c4d3ebf93e310d2d1e766b6260ed27ca487312bf4134c0f88fed9
ad139faddadf76bbfb0385518f28c1d8b601ae70ce188dc7381b2ebee9b4af1b
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d6c503df73be4c3a093c3cd889641fab52b6c62a62bcb5d05ba5fb9c65cca6b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
fe8231bb10228e33951b2fa88d60bc4daccaddaba86a9819ec37810b2714f12f

research.jfrog.com Open in urlscan Pro 185.199.109.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

0 %IPv6

3 Domains

7 Subdomains

6 IPs

3 Countries

725 kBTransfer

1457 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

research.jfrog.com Open in urlscan Pro
185.199.109.153 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

0 %
IPv6

3
Domains

7
Subdomains

6
IPs

3
Countries

725 kB
Transfer

1457 kB
Size

7
Cookies

33 HTTP transactions
0 data transactions