urlscan.io logo urlscan.io
SecurityTrails logo

owasp.org Open in urlscan Pro
2606:4700:10::6816:1b4d  Public Scan

Go To Rescan Add Verdict Report
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Submission: On May 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 31 HTTP transactions. The main IP is 2606:4700:10::6816:1b4d, located in United States and belongs to CLOUDFLARENET, US. The main domain is owasp.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on April 4th 2020. Valid for: 6 months.
This is the only time owasp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 185.199.110.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 140.82.118.6 36459 (GITHUB)
31 6
24    2606:4700:10::6816:1b4d (United States)

ASN13335 (CLOUDFLARENET, US)
owasp.org
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    185.199.110.153 (United States)

ASN54113 (FASTLY, US)
buttons.github.io
1    2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2606:4700:e0::ac40:6d07 (United States)

ASN13335 (CLOUDFLARENET, US)
browser-update.org
1    140.82.118.6 (United States)

ASN36459 (GITHUB, US)
PTR: lb-140-82-118-6-ams.github.com
api.github.com
Domain Requested by
24 owasp.org owasp.org
3 browser-update.org owasp.org
browser-update.org
2 www.google-analytics.com 1 redirects owasp.org
1 api.github.com buttons.github.io
1 stats.g.doubleclick.net owasp.org
1 buttons.github.io owasp.org
31 6
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-04-04 -
2020-10-09		 6 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-05-05 -
2020-07-28		 3 months crt.sh
*.github.com
DigiCert SHA2 High Assurance Server CA		 2019-07-08 -
2020-07-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Frame ID: D086B77B5AA1CEFAF35152474AF59642
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

100 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

437 kB
Transfer

692 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=699218058&t=pageview&_s=1&dl=https%3A%2F%2Fowasp.org%2Fwww-community%2Fattacks%2FCORS_OriginHeaderScrutiny&ul=en-us&de=UTF-8&dt=CORS%20OriginHeaderScrutiny%20%7C%20OWASP%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=369995477&gjid=1639252155&cid=924511928.1590351366&tid=UA-4531126-1&_gid=1536131602.1590351366&_r=1&z=448270332 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4531126-1&cid=924511928.1590351366&jid=369995477&_gid=1536131602.1590351366&gjid=1639252155&_v=j82&z=448270332

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request CORS_OriginHeaderScrutiny
owasp.org/www-community/attacks/ 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
d938b9b9773f147f1b82c35803fbdc32f5469bfc39e61836ebaa1edd528366ef

Request headers

:method
GET
:authority
owasp.org
:scheme
https
:path
/www-community/attacks/CORS_OriginHeaderScrutiny
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 24 May 2020 20:16:06 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d62cbbe8448572bb8bc06ca3d4ec2372e1590351365; expires=Tue, 23-Jun-20 20:16:05 GMT; path=/; domain=.owasp.org; HttpOnly; SameSite=Lax; Secure
cf-ray
5989b1439ba805d0-FRA
access-control-allow-origin
*
age
0
cache-control
max-age=600
expires
Sun, 24 May 2020 20:26:06 GMT
last-modified
Sat, 23 May 2020 01:09:57 GMT
vary
Accept-Encoding
via
1.1 varnish
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
0c3d0d33fbb7ca151a4ac00f0e9421cf52f59184
x-github-request-id
B866:0FDB:7C11E:A4448:5ECAD604
x-origin-processing-time
354.0000 ms
x-powered-by
RankSense/CW
x-proxy-cache
MISS
x-rs-cf-app-version
1.0.40
x-rs-changes-amount
1
x-rs-fixes-request-time
0.0000
x-served-by
cache-fra19140-FRA
x-timer
S1590351366.849276,VS0,VE273
x-total-processing-time
354.0000 ms
server
cloudflare
content-encoding
br
cf-request-id
02e9ed1e40000005d0e0a0b200000001
VysKc6u4esKUPSvHsQdElKxMW4A.js
owasp.org/cdn-cgi/apps/head/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owasp.org/cdn-cgi/apps/head/VysKc6u4esKUPSvHsQdElKxMW4A.js
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7644ce1e769736b30ff6f6db6b2687264da69fb8d2c6ee764c37a4d5deb9cc49

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 20:16:06 GMT
content-encoding
br
cf-cache-status
HIT
age
2092138
status
200
x-amz-request-id
E7CD6BF28AAA32EC
x-amz-id-2
dyr6eCGgDzce5SV5fuA/zhZx4bZ+qzVgz4qkwKOKWt8xdNMbJGy3BAQPLULis1NjJoR1qoxxKos=
last-modified
Thu, 30 Apr 2020 15:06:54 GMT
server
cloudflare
etag
W/"889f4784c64e6aa246a6ed32c9db601c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
x-amz-version-id
FvkcZ5Wf0TmBIfENBZEHSmz6mTKfHsbT
cf-request-id
02e9ed1ffa000005d0e0a3f200000001
cf-ray
5989b1465d6d05d0-FRA
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 30 Apr 2020 21:54:13 GMT
server
Golfe2
age
5851
date
Sun, 24 May 2020 18:38:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18433
expires
Sun, 24 May 2020 20:38:35 GMT
styles.css
owasp.org/www--site-theme/assets/css/ 		117 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://owasp.org/www--site-theme/assets/css/styles.css
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
5c3a8a374a99fcaf17f62475ef3bddb3ef766b010a3014edb24a6055a0bea867

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
0ecae2ac5489ff5e9a58b0828753469b69829332
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
11
cf-polished
origSize=120924
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
status
200
x-rs-changes-amount
url_is_excluded
content-encoding
br
cf-request-id
02e9ed1ffa000005d0e0a3e200000001
x-served-by
cache-fra19161-FRA
last-modified
Wed, 20 May 2020 14:15:32 GMT
server
cloudflare
x-github-request-id
9094:4F88:67AC5:8574D:5EC91B95
x-timer
S1590241885.287571,VS0,VE1
x-powered-by
RankSense/CW
etag
W/"5ec53b84-1d85c"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cf-bgj
minify
expires
Sun, 24 May 2020 03:45:17 GMT
cache-control
max-age=14400
cf-ray
5989b1465d6305d0-FRA
x-proxy-cache
REVALIDATED
x-origin-processing-time
11.0000
x-cache-hits
1
jquery-3.4.1.min.js
owasp.org/www--site-theme/assets/js/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owasp.org/www--site-theme/assets/js/jquery-3.4.1.min.js
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
5f9cfe07fd25f2db86762ca915cc1abb99e8fba4
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
11
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
status
200
x-cache-hits
1
x-rs-changes-amount
url_is_excluded
content-encoding
br
cf-request-id
02e9ed1ffa000005d0e0a40200000001
x-served-by
cache-fra19139-FRA
cf-ray
5989b1465d7005d0-FRA
last-modified
Wed, 20 May 2020 14:15:24 GMT
server
cloudflare
x-github-request-id
2B64:6E91:149327:1A2EA9:5EC9B99F
x-timer
S1590284476.715325,VS0,VE90
etag
W/"5ec53b7c-15851"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
1
x-proxy-cache
HIT
x-origin-processing-time
9.0000
expires
Sun, 24 May 2020 19:23:21 GMT
util.js
owasp.org/www--site-theme/assets/js/ 		1 KB
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://owasp.org/www--site-theme/assets/js/util.js
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
3c262a2b4318d90adc79a9eb208b015a5e9458c94f11e74894cba4af63aa9224

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
82fb250a0bb49d22f813ed3f14b15f64b1ba2cec
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
11
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
status
200
x-cache-hits
1
x-rs-changes-amount
url_is_excluded
content-encoding
br
cf-request-id
02e9ed1ffa000005d0e0a41200000001
x-served-by
cache-fra19137-FRA
last-modified
Wed, 20 May 2020 14:15:24 GMT
server
cloudflare
x-github-request-id
CF28:4F89:E4620:121963:5EC91B94
x-timer
S1590241885.289565,VS0,VE1
etag
W/"5ec53b7c-501"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5989b1465d7105d0-FRA
x-proxy-cache
MISS
x-origin-processing-time
7.0000
expires
Sun, 24 May 2020 17:35:58 GMT
js.cookie.js
owasp.org/www--site-theme/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owasp.org/www--site-theme/assets/js/js.cookie.js
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
088bfbdd4a9de1675989a23eec734b4c416760c6a2be754d19bb86fe26a04055

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
dbec6eddb308d3c3d22a20ccdfe226b533b6f9a8
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
11
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
status
200
x-cache-hits
1
x-rs-changes-amount
url_is_excluded
content-encoding
br
cf-request-id
02e9ed1ffa000005d0e0a42200000001
x-served-by
cache-fra19122-FRA
last-modified
Wed, 20 May 2020 14:15:24 GMT
server
cloudflare
x-github-request-id
CB34:09A7:1C2D22:2386A9:5EC91B95
x-timer
S1590241885.287230,VS0,VE1
etag
W/"5ec53b7c-f2b"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
5989b1465d7205d0-FRA
x-proxy-cache
MISS
x-origin-processing-time
12.0000
expires
Sun, 24 May 2020 19:34:31 GMT
yaml.min.js
owasp.org/www--site-theme/assets/js/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://owasp.org/www--site-theme/assets/js/yaml.min.js
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
b8ccdf0e45f181fc04f0d202779fff71aa76f27f0428a792e0e6f13fe1d0b085

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
db4e797f3d8219992f9effd212e8770ebf3678fc
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
11
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
HIT
status
200
x-cache-hits
1
x-rs-changes-amount
url_is_excluded
content-encoding
br
cf-request-id
02e9ed1ffc000005d0e0a43200000001
x-served-by
cache-fra19129-FRA
cf-ray
5989b1466d7305d0-FRA
last-modified
Wed, 20 May 2020 14:15:24 GMT
server
cloudflare
x-github-request-id
821A:1288:2BF7C:3AF51:5EC91B94
x-timer
S1590241885.289767,VS0,VE1
etag
W/"5ec53b7c-a944"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
10.0000
expires
Sun, 24 May 2020 03:45:17 GMT
buttons.js
buttons.github.io/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons.github.io/buttons.js
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
d7173bfd073e661ac1782586c3e596c772d4cb4cbb83667a4d55505a28ba6322

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
7f09bec2c94c974d68245761d72ba63fb7c6dc96
date
Sun, 24 May 2020 20:16:06 GMT
content-encoding
gzip
age
399
x-cache
HIT
status
200
content-length
5199
x-served-by
cache-hhn4067-HHN
access-control-allow-origin
*
last-modified
Fri, 22 May 2020 02:21:17 GMT
server
GitHub.com
x-github-request-id
7928:01AE:977A:C9C3:5EC73741
x-timer
S1590351366.240739,VS0,VE0
etag
W/"5ec7371d-341e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 22 May 2020 02:31:35 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
HIT
x-cache-hits
6
logo.png
owasp.org/assets/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/logo.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
0f0ef489e63f8c0f3391a73281f41e35aa271d13912f27ac2bc25184ecdb8ddb

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
ffc5d9606743afb85be38bb830557d55aec95773
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
45
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
7779
cf-request-id
02e9ed2027000005d0e0a4e200000001
x-served-by
cache-fra19129-FRA
cf-ray
5989b146ae8005d0-FRA
last-modified
Sun, 24 May 2020 02:26:26 GMT
server
cloudflare
x-github-request-id
2538:7DCC:16CEBF:1CEC78:5EC9DBE5
x-timer
S1590287335.023018,VS0,VE94
etag
"5ec9db52-1e63"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 20:13:48 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
9.0000
x-cache-hits
0
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j82&a=699218058&t=pageview&_s=1&dl=https%3A%2F%2Fowasp.org%2Fwww-community%2Fattacks%2FCORS_OriginHeaderScrutiny&ul=en-us&de=UTF-8&dt=CORS%20Origin...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4531126-1&cid=924511928.1590351366&jid=369995477&_gid=1536131602.1590351366&gjid=1639252155&_v=j82&z=448270332
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4531126-1&cid=924511928.1590351366&jid=369995477&_gid=1536131602.1590351366&gjid=1639252155&_v=j82&z=448270332
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 24 May 2020 20:16:06 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 24 May 2020 20:16:06 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-4531126-1&cid=924511928.1590351366&jid=369995477&_gid=1536131602.1590351366&gjid=1639252155&_v=j82&z=448270332
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
416
expires
Fri, 01 Jan 1990 00:00:00 GMT
fa-solid-900.woff2
owasp.org/assets/fontawesome/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://owasp.org/assets/fontawesome/fa-solid-900.woff2
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://owasp.org/www--site-theme/assets/css/styles.css
Origin
https://owasp.org

Response headers

x-fastly-request-id
4564e221048370eb4df4238bbceb4b2857513599
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
64
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
75440
cf-request-id
02e9ed2038000005d0e0a50200000001
x-served-by
cache-fra19134-FRA
cf-ray
5989b146cef505d0-FRA
last-modified
Sun, 24 May 2020 02:26:26 GMT
server
cloudflare
x-github-request-id
247E:6CC0:2DE781:39C928:5EC9DBC7
x-timer
S1590287335.021009,VS0,VE90
etag
"5ec9db52-126b0"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:39:01 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
26.0000
x-cache-hits
0
ubuntu-regular.woff2
owasp.org/assets/font/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://owasp.org/assets/font/ubuntu-regular.woff2
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
44beeee5122983409ccd274c152f020a953c769cfaf3bd13a31eb276abf5ec55

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://owasp.org/www--site-theme/assets/css/styles.css
Origin
https://owasp.org

Response headers

x-fastly-request-id
79fbd3f3c2903e54f9fb879c6e6546610f5b4ca4
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
64
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
29476
cf-request-id
02e9ed2038000005d0e0a51200000001
x-served-by
cache-fra19152-FRA
cf-ray
5989b146cef705d0-FRA
last-modified
Sun, 24 May 2020 02:26:26 GMT
server
cloudflare
x-github-request-id
739A:128A:1693CB:1C9367:5EC9DBC7
x-timer
S1590287335.016102,VS0,VE90
etag
"5ec9db52-7324"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:45:17 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
11.0000
x-cache-hits
0
update.min.js
browser-update.org/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.min.js
Requested by
Host: owasp.org
URL: https://owasp.org/www--site-theme/assets/js/util.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d6579b9de4a13ee5f1b057a0e91b959f1299f2d995663599018893d0c2ad6b4

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 20:16:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Apr 2020 08:06:01 GMT
server
cloudflare
age
2203800
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=86400
cf-ray
5989b14718dcdfc3-FRA
cf-request-id
02e9ed206b0000dfc31db54200000001
expires
Thu, 30 Apr 2020 08:06:06 GMT
ubuntu-medium.woff2
owasp.org/assets/font/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://owasp.org/assets/font/ubuntu-medium.woff2
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
8565a2bb056746aea663c4d9a0a4a85e431f07bb9d70533c6f025e44948fa458

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://owasp.org/www--site-theme/assets/css/styles.css
Origin
https://owasp.org

Response headers

x-fastly-request-id
d78000f11efaff26157fa8a075cbd81badaa5cd2
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
64
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
28576
cf-request-id
02e9ed2058000005d0e0a54200000001
x-served-by
cache-fra19169-FRA
cf-ray
5989b146ffe605d0-FRA
last-modified
Sun, 24 May 2020 02:26:26 GMT
server
cloudflare
x-github-request-id
C8DE:2D2E:2F1759:3B54DA:5EC9DBC7
x-timer
S1590287335.119998,VS0,VE95
etag
"5ec9db52-6fa0"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Sun, 24 May 2020 08:02:44 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
53.0000
x-cache-hits
0
fa-brands-400.woff2
owasp.org/assets/fontawesome/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://owasp.org/assets/fontawesome/fa-brands-400.woff2
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://owasp.org/www--site-theme/assets/css/styles.css
Origin
https://owasp.org

Response headers

x-fastly-request-id
6a6b1ca7b3b86c8e0ff202e58859f6787e329c13
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
64
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
74508
cf-request-id
02e9ed2059000005d0e0a55200000001
x-served-by
cache-fra19176-FRA
cf-ray
5989b146ffeb05d0-FRA
last-modified
Sun, 24 May 2020 02:26:26 GMT
server
cloudflare
x-github-request-id
F776:6265:2D1096:38DBB5:5EC9DBC7
x-timer
S1590287335.120917,VS0,VE98
etag
"5ec9db52-1230c"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:43:03 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
22.0000
x-cache-hits
0
menus.json
owasp.org/www--site-theme/assets/sitedata/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://owasp.org/www--site-theme/assets/sitedata/menus.json
Requested by
Host: owasp.org
URL: https://owasp.org/www--site-theme/assets/js/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a3bac1c5db6d5d3b81ccda64b05605813c8d1a6b6bdfef5a0a1aa8595fac6ba

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
5e5383a6c68b4b73bbf08874ed15a867087831c8
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
DYNAMIC
age
526
cf-ray
5989b146f80f05d0-FRA
x-cache
HIT
status
200
x-cache-hits
1
content-encoding
br
cf-request-id
02e9ed205e000005d0e0a56200000001
x-served-by
cache-fra19167-FRA
last-modified
Wed, 20 May 2020 14:15:24 GMT
server
cloudflare
x-github-request-id
E0D8:6F7F:A9889:DB335:5EC9EB74
x-timer
S1590351366.312518,VS0,VE1
etag
W/"5ec53b7c-1032"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
x-origin-cache
1
x-proxy-cache
HIT
expires
Sun, 24 May 2020 03:41:59 GMT
corp_members.yml
owasp.org/assets/sitedata/ 		47 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://owasp.org/assets/sitedata/corp_members.yml
Requested by
Host: owasp.org
URL: https://owasp.org/www--site-theme/assets/js/yaml.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a70117bf0ba012eae8c4dc6bc319775270c8adbf1532486ec0a5d1ff70b0385f

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
93df1c1cac61da4468169c3ef689eadf3dad02ce
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
DYNAMIC
age
375
cf-ray
5989b146f81405d0-FRA
x-cache
HIT
status
200
content-length
48483
cf-request-id
02e9ed205f000005d0e0a57200000001
x-served-by
cache-fra19131-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
390A:308F:2BC009:372184:5EC9EB75
x-timer
S1590351366.332585,VS0,VE5
etag
"5ec9db4e-bd63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/yaml
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:45:17 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-cache-hits
1
acunetix.png
owasp.org/assets/images/corp-member-logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/acunetix.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
9d3c2fe849bf063a7bed62e807904610f68fc9a9c5013b8ebf37ba1549ec2ab0

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
839a01893442873a1868445dadb2a489bfb8612b
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
514
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
3038
cf-request-id
02e9ed20e2000005d0e0a6b200000001
x-served-by
cache-fra19170-FRA
cf-ray
5989b147dc4305d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
0B38:2D2E:2F1751:3B54C9:5EC9DBC7
x-timer
S1590287304.701071,VS0,VE93
etag
"5ec9db4e-bde"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:56:50 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
11.0000
x-cache-hits
0
hcl.png
owasp.org/assets/images/corp-member-logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/hcl.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
ee212f69428cdabfc535c64077a9fa01bc8bd2406d342b0bc353960cd363a48d

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
4423787bf008af9c4ce18102a34473a0c5cb5fb9
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
368
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
4933
cf-request-id
02e9ed20e2000005d0e0a6c200000001
x-served-by
cache-fra19157-FRA
cf-ray
5989b147dc4605d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
B3E6:12D6:2A2491:3541DF:5EC9DD92
x-timer
S1590287764.713382,VS0,VE91
etag
"5ec9db4e-1345"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 13:37:17 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
6.0000
x-cache-hits
0
blackhat.png
owasp.org/assets/images/corp-member-logo/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/blackhat.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
1cf74fe38b602addfa6f04a257194aec3d9deebc558688f05c15c8f32af590aa

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
511ace72dd505711e1dbca084cff88b3a9a64a5e
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
514
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
9452
cf-request-id
02e9ed20e2000005d0e0a6d200000001
x-served-by
cache-fra19123-FRA
cf-ray
5989b147dc4705d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
19E2:3A79:2C485E:37DA70:5EC9DE43
x-timer
S1590288057.794100,VS0,VE371
etag
"5ec9db4e-24ec"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 04:01:54 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
8.0000
x-cache-hits
0
sig.png
owasp.org/assets/images/corp-member-logo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/sig.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
1d0b22836717e8c5c13bc3c81fef015e3428e9f7aba5698db29bab4ec45a8f09

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
f15d09c9cfe10e64f34170eb83797cbe758ea39c
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
67
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
6806
cf-request-id
02e9ed20e2000005d0e0a6e200000001
x-served-by
cache-fra19138-FRA
cf-ray
5989b147dc4905d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
9DD4:7DCD:2EDAA0:3AF801:5EC9DBE5
x-timer
S1590287335.397562,VS0,VE91
etag
"5ec9db4e-1a96"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 11:22:11 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
26.0000
x-cache-hits
0
security-journey.png
owasp.org/assets/images/corp-member-logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/security-journey.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
9375e80aafc2a67204d00cd002eb7817676568a2a2887d5bc2628d2ef459d013

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
5f8a4c81f383c1922cc62238a5824e5659cd2d93
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
514
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
4757
cf-request-id
02e9ed20e2000005d0e0a6f200000001
x-served-by
cache-fra19145-FRA
cf-ray
5989b147dc4c05d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
87AE:37EF:2B18A6:365E74:5EC9DDA4
x-timer
S1590287781.758561,VS0,VE95
etag
"5ec9db4e-1295"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:56:57 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
13.0000
x-cache-hits
0
ub-secure.png
owasp.org/assets/images/corp-member-logo/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/ub-secure.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
0e9fa8a99754184ca80fd32d5220a592f1f82092b8ffc46015f598cc1b7058ee

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
75d82af13e97019efb4c6198f5133a9341d33a7a
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
265
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
6819
cf-request-id
02e9ed20e2000005d0e0a70200000001
x-served-by
cache-fra19160-FRA
cf-ray
5989b147dc4f05d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
DDF0:4B90:15B2D9:1B8E9E:5EC9E021
x-timer
S1590288418.479430,VS0,VE97
etag
"5ec9db4e-1aa3"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:53:40 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
HIT
x-origin-processing-time
14.0000
x-cache-hits
0
immuniweb.png
owasp.org/assets/images/corp-member-logo/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/immuniweb.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
63b465731d10bbb4fdd81311c1efb8b486c67f20e9af015c47ea07b85a98fd90

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
f68b8bcc618c8022badce8973d9a2043ee3273aa
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
514
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
8735
cf-request-id
02e9ed20e2000005d0e0a71200000001
x-served-by
cache-fra19153-FRA
cf-ray
5989b147dc5405d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
BE28:5010:A2C16:D129F:5EC9DD89
x-timer
S1590287755.030547,VS0,VE89
etag
"5ec9db4e-221f"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 19:36:56 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
61.0000
x-cache-hits
0
sqreen.png
owasp.org/assets/images/corp-member-logo/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/sqreen.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
5c1f4155a0b1bb89562a5f064e21114e750034417993fbd5bfff4fb478ace38d

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
be67eea16a5cc979d2ad9b009872df814efeac06
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
375
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
5082
cf-request-id
02e9ed20e2000005d0e0a72200000001
x-served-by
cache-fra19152-FRA
cf-ray
5989b147dc5a05d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
794A:038B:B2393:E676F:5EC9DFB5
x-timer
S1590288311.426415,VS0,VE99
etag
"5ec9db4e-13da"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:53:36 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
9.0000
x-cache-hits
0
nowsecure.png
owasp.org/assets/images/corp-member-logo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/nowsecure.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
cfdd753abe86451e7f7e3ab162d810b64fc5cbb64aa61622f80c5672dea5bf93

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
ce2c5da37e2bbf6a16e2f249224031c1dc49d189
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
461
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
6307
cf-request-id
02e9ed20e2000005d0e0a73200000001
x-served-by
cache-fra19153-FRA
cf-ray
5989b147dc5c05d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
F8D4:223A:29A33E:34B497:5EC9DD28
x-timer
S1590287657.605341,VS0,VE97
etag
"5ec9db4e-18a3"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 03:45:01 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
8.0000
x-cache-hits
0
hi-solutions.png
owasp.org/assets/images/corp-member-logo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://owasp.org/assets/images/corp-member-logo/hi-solutions.png
Requested by
Host: owasp.org
URL: https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1b4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / RankSense/CW
Resource Hash
03dbf63d39ef188eae3e589009f24129d9877d800de6c001898936dfb8e5c71b

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-fastly-request-id
e3ebb8b1b4bd00d88d3f0b3cdb20898deaee09bc
date
Sun, 24 May 2020 20:16:06 GMT
via
1.1 varnish
cf-cache-status
HIT
age
467
x-powered-by
RankSense/CW
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-cache
MISS
status
200
x-rs-changes-amount
url_is_excluded
content-length
3919
cf-request-id
02e9ed20e2000005d0e0a74200000001
x-served-by
cache-fra19140-FRA
cf-ray
5989b147dc6005d0-FRA
last-modified
Sun, 24 May 2020 02:26:22 GMT
server
cloudflare
x-github-request-id
7FA6:4669:B5562:E8D6D:5EC9E1D3
x-timer
S1590288852.541195,VS0,VE89
etag
"5ec9db4e-f4f"
x-rs-cf-app-version
1.0.40
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
expires
Sun, 24 May 2020 04:34:12 GMT
cache-control
max-age=14400
accept-ranges
bytes
x-origin-cache
1
x-proxy-cache
MISS
x-origin-processing-time
7.0000
x-cache-hits
0
update.show.min.js
browser-update.org/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser-update.org/update.show.min.js
Requested by
Host: browser-update.org
URL: https://browser-update.org/update.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58a109a11741d70c099c8c6107ffd0ffcf14d3654eb0262354cccfb8a8a16cd

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 20:16:06 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Apr 2020 08:06:02 GMT
server
cloudflare
age
2203795
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=86400
cf-ray
5989b1487c61dfc3-FRA
cf-request-id
02e9ed214b0000dfc31db62200000001
expires
Thu, 30 Apr 2020 08:06:11 GMT
www-community
api.github.com/repos/owasp/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.github.com/repos/owasp/www-community
Requested by
Host: buttons.github.io
URL: https://buttons.github.io/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
140.82.118.6 , United States, ASN36459 (GITHUB, US),
Reverse DNS
lb-140-82-118-6-ams.github.com
Software
GitHub.com /
Resource Hash
46a93c10a7187083838e302812adaee587582785b8d90ac96d3b7dd7ad186e9b
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 20:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-github-media-type
github.v3; format=json
status
200 OK
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept, Accept-Encoding, Accept, X-Requested-With, Accept-Encoding
Content-Length
1376
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Sat, 23 May 2020 05:52:38 GMT
server
GitHub.com
X-GitHub-Request-Id
852A:734A:1BE32F3:20B32C7:5ECAD606
x-frame-options
deny
etag
W/"f9deb01868982dc84003fcd8c5854f34"
content-security-policy
default-src 'none'
X-Ratelimit-Remaining
59
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, Deprecation, Sunset
cache-control
public, max-age=60, s-maxage=60
X-Ratelimit-Reset
1590354966
X-Ratelimit-Limit
60
Accept-Ranges
bytes
c.png
browser-update.org/static/img/small/ 		787 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://browser-update.org/static/img/small/c.png
Requested by
Host: browser-update.org
URL: https://browser-update.org/update.show.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6d07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f979bb91eaf11b4a8f292cf49bab2250eb755cff8f6a10169977db44acabd3e

Request headers

Referer
https://owasp.org/www-community/attacks/CORS_OriginHeaderScrutiny
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 24 May 2020 20:16:06 GMT
cf-cache-status
HIT
last-modified
Thu, 26 Jul 2018 12:18:24 GMT
server
cloudflare
age
8
etag
"313-571e5fddcaa54"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
5989b148ace2dfc3-FRA
content-length
787
cf-request-id
02e9ed216b0000dfc31db64200000001

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| CloudflareApps function| handleOutboundLinkClicks function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| $buoop function| $buo_f function| Cookies function| YAML object| members string| url object| corp_members object| $bu_ function| $buo function| $bu_getBrowser object| _buorgres function| $buo_show

4 Cookies

Domain/Path Name / Value
.owasp.org/ Name: _gat
Value: 1
.owasp.org/ Name: _gid
Value: GA1.2.1536131602.1590351366
.owasp.org/ Name: _ga
Value: GA1.2.924511928.1590351366
.owasp.org/ Name: __cfduid
Value: d62cbbe8448572bb8bc06ca3d4ec2372e1590351365

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.github.com
browser-update.org
buttons.github.io
owasp.org
stats.g.doubleclick.net
www.google-analytics.com
140.82.118.6
185.199.110.153
2606:4700:10::6816:1b4d
2606:4700:e0::ac40:6d07
2a00:1450:4001:801::200e
2a00:1450:400c:c03::9d
03dbf63d39ef188eae3e589009f24129d9877d800de6c001898936dfb8e5c71b
088bfbdd4a9de1675989a23eec734b4c416760c6a2be754d19bb86fe26a04055
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a3bac1c5db6d5d3b81ccda64b05605813c8d1a6b6bdfef5a0a1aa8595fac6ba
0e9fa8a99754184ca80fd32d5220a592f1f82092b8ffc46015f598cc1b7058ee
0f0ef489e63f8c0f3391a73281f41e35aa271d13912f27ac2bc25184ecdb8ddb
1cf74fe38b602addfa6f04a257194aec3d9deebc558688f05c15c8f32af590aa
1d0b22836717e8c5c13bc3c81fef015e3428e9f7aba5698db29bab4ec45a8f09
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3c262a2b4318d90adc79a9eb208b015a5e9458c94f11e74894cba4af63aa9224
44beeee5122983409ccd274c152f020a953c769cfaf3bd13a31eb276abf5ec55
46a93c10a7187083838e302812adaee587582785b8d90ac96d3b7dd7ad186e9b
5c1f4155a0b1bb89562a5f064e21114e750034417993fbd5bfff4fb478ace38d
5c3a8a374a99fcaf17f62475ef3bddb3ef766b010a3014edb24a6055a0bea867
5f979bb91eaf11b4a8f292cf49bab2250eb755cff8f6a10169977db44acabd3e
63b465731d10bbb4fdd81311c1efb8b486c67f20e9af015c47ea07b85a98fd90
7644ce1e769736b30ff6f6db6b2687264da69fb8d2c6ee764c37a4d5deb9cc49
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8565a2bb056746aea663c4d9a0a4a85e431f07bb9d70533c6f025e44948fa458
8d6579b9de4a13ee5f1b057a0e91b959f1299f2d995663599018893d0c2ad6b4
9375e80aafc2a67204d00cd002eb7817676568a2a2887d5bc2628d2ef459d013
9d3c2fe849bf063a7bed62e807904610f68fc9a9c5013b8ebf37ba1549ec2ab0
a70117bf0ba012eae8c4dc6bc319775270c8adbf1532486ec0a5d1ff70b0385f
b8ccdf0e45f181fc04f0d202779fff71aa76f27f0428a792e0e6f13fe1d0b085
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cfdd753abe86451e7f7e3ab162d810b64fc5cbb64aa61622f80c5672dea5bf93
d7173bfd073e661ac1782586c3e596c772d4cb4cbb83667a4d55505a28ba6322
d938b9b9773f147f1b82c35803fbdc32f5469bfc39e61836ebaa1edd528366ef
ee212f69428cdabfc535c64077a9fa01bc8bd2406d342b0bc353960cd363a48d
f58a109a11741d70c099c8c6107ffd0ffcf14d3654eb0262354cccfb8a8a16cd