snyk.io Open in urlscan Pro
2a02:26f0:41:69b::ecd  Public Scan

22 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

• https://widget.intercom.io/widget/ksrvzmf2 HTTP 302
• https://js.intercomcdn.com/shim.latest.js

Request Chain 49

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1604343475629&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D970508%26time%3D1604343475629%26url%3Dhttps%253A%252F%252Fsnyk.io%252Fblog%252Fremote-code-execution-rce-sourmint%252F%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1604343475629&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&liSync=true

Request Chain 54

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://snyk.io/blog/remote-code-execution-rce-sourmint/&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=s1agX_XoLZjK7_UPmY6I8Ao&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-conversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://snyk.io/blog/remote-code-execution-rce-sourmint/&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1agX_XoLZjK7_UPmY6I8Ao&cid=CAQSKQCNIrLMiJdoUWQzazLpQXkLZ9pFcGgFZsDk4uR7st49HEcXovvffsvw&random=2680405857&resp=GooglemKTybQhCsO HTTP 302
• https://www.google.de/pagead/1p-conversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://snyk.io/blog/remote-code-execution-rce-sourmint/&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1agX_XoLZjK7_UPmY6I8Ao&cid=CAQSKQCNIrLMiJdoUWQzazLpQXkLZ9pFcGgFZsDk4uR7st49HEcXovvffsvw&random=2680405857&resp=GooglemKTybQhCsO&ipr=y

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response snyk.io/blog/remote-code-execution-rce-sourmint/	69 KB 17 KB	671ms 551ms	Document text/html	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / WP Engine Resource Hash 8ab6d9a1564b206c3f00c35bc7f4e5c064afddef4e62c6a126e76e82f564483e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers :method GET :authority snyk.io :scheme https :path /blog/remote-code-execution-rce-sourmint/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 server nginx content-type text/html; charset=UTF-8 pragma no-cache x-powered-by WP Engine x-cacheable SHORT x-cache-group normal x-orig-cache-control no-store, no-cache, must-revalidate content-encoding gzip content-length 16967 x-edgeconnect-midmile-rtt 0 x-edgeconnect-origin-mex-latency 503 cache-control must-revalidate, max-age=600 expires Mon, 02 Nov 2020 19:07:54 GMT date Mon, 02 Nov 2020 18:57:54 GMT vary Accept-Encoding x-frame-options deny x-content-type-options nosniff x-xss-protection 1; mode=block strict-transport-security max-age=31536000; preload
GET H2	200	css2 fonts.googleapis.com/	2 KB 588 B	14ms 13ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=PT+Serif:wght@700&display=swap Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c66cd00f192c51b34255385a22e7599f7dc483141050f408a123a18211bbf34f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 02 Nov 2020 18:57:54 GMT server ESF date Mon, 02 Nov 2020 18:57:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 02 Nov 2020 18:57:54 GMT
GET H2	200	css2 fonts.googleapis.com/	5 KB 771 B	19ms 18ms	Stylesheet text/css	2a00:1450:4001:800::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cad79925f0b25757434e3cb87771fa58e90b354651a11862472cd7cff22a3b45 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 02 Nov 2020 18:26:35 GMT server ESF date Mon, 02 Nov 2020 18:57:54 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 02 Nov 2020 18:57:54 GMT
GET H2	200	style.min.css snyk.io/wp-includes/css/dist/block-library/	52 KB 8 KB	47ms 46ms	Stylesheet text/css	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-includes/css/dist/block-library/style.min.css?ver=5.4.2 Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 24 Apr 2020 15:32:14 GMT server nginx status 200 etag W/"5ea3067e-d159" x-frame-options deny content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 strict-transport-security max-age=31536000; preload vary Accept-Encoding content-length 7855 x-xss-protection 1; mode=block
GET H2	200	main-0211-2.css snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/	1 MB 172 KB	50ms 50ms	Stylesheet text/css	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash b8796e1985f60326111c310ac294697881d07eab84b54e92215393e790e6739e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 02 Nov 2020 17:40:13 GMT server nginx status 200 etag W/"5fa0447d-101047" x-frame-options deny content-type text/css access-control-allow-origin * cache-control public, max-age=31536000 strict-transport-security max-age=31536000; preload vary Accept-Encoding content-length 175762 x-xss-protection 1; mode=block
GET H2	200	jquery3.4.1.min.js Show response snyk.io/wp-content/themes/snyk_v2_etyhadar/resources/assets/scripts/	86 KB 31 KB	35ms 34ms	Script application/javascript	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/resources/assets/scripts/jquery3.4.1.min.js?ver=5.4.2 Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 031031f55ba20314364979f7e38c94081eadc50bfe250b290055e5ac3bc35b03 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:54 GMT content-encoding gzip x-content-type-options nosniff last-modified Sun, 25 Aug 2019 08:27:50 GMT server nginx status 200 etag W/"5d624686-15866" x-frame-options deny content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 strict-transport-security max-age=31536000; preload vary Accept-Encoding content-length 30920 x-xss-protection 1; mode=block
GET H2	200	lux.js Show response cdn.speedcurve.com/js/	22 KB 7 KB	136ms 45ms	Script application/javascript	151.101.114.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.speedcurve.com/js/lux.js?id=80837559 Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash 409e15e44f869fe67d0fb0615264896d9b59d582e7bbb34a07088c5b72ced2af Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Origin https://snyk.io Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=15768000 content-encoding gzip age 1331 x-cache HIT status 200 content-length 6908 x-served-by cache-hhn4066-HHN access-control-allow-origin * last-modified Mon, 02 Nov 2020 18:35:43 GMT server Apache x-timer S1604343475.215623,VS0,VE1 date Mon, 02 Nov 2020 18:57:55 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Mon, 09 Nov 2020 18:35:43 GMT cache-control max-age=604800 x-ua-compatible IE=edge accept-ranges bytes timing-allow-origin * x-cache-hits 1
GET H2	200	5698.js Show response script.crazyegg.com/pages/scripts/0082/	3 KB 2 KB	256ms 91ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0082/5698.js Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 695c34a34675a1f968071494a8659ee6e1b71d5159c775634c3013b28796cf4d Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip cf-cache-status HIT ce-version 11.1.143 age 12670 cf-polished origSize=2833 status 200 cf-request-id 062bebc48f0000c2d18e03c000000001 last-modified Mon, 02 Nov 2020 15:26:45 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 cf-ray 5ec01580e8e1c2d1-FRA cf-bgj minify
GET H2	200	snyk-wordmark.svg snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/svg/	1 KB 945 B	40ms 37ms	Image image/svg+xml	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/svg/snyk-wordmark.svg Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash e92a3b8acbb1c63765361e86bbd651315782091aa8d792fe4a9768d3605b6282 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 126 date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff x-edgeconnect-midmile-rtt 19 status 200 strict-transport-security max-age=31536000; preload content-length 613 x-xss-protection 1; mode=block last-modified Tue, 14 May 2019 08:26:40 GMT server nginx x-frame-options deny etag W/"5cda7bc0-420" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=27468932 expires Thu, 16 Sep 2021 17:13:27 GMT
GET H2	200	single-snyk-blog-logo.svg snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/	4 KB 2 KB	41ms 37ms	Image image/svg+xml	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/single-snyk-blog-logo.svg Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 46109e8a88cbe8d028c4c4e4af77cb177ab1057b0bce869a3e5e31fc3a2e560c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 152 date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff x-edgeconnect-midmile-rtt 74 status 200 strict-transport-security max-age=31536000; preload content-length 1937 x-xss-protection 1; mode=block last-modified Wed, 30 Sep 2020 07:54:39 GMT server nginx x-frame-options deny etag W/"5f7439bf-1189" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=30149797 expires Sun, 17 Oct 2021 17:54:32 GMT
GET H2	200	blog-main-1-2048x521.png snyk.io/wp-content/uploads/	385 KB 387 KB	567ms 564ms	Image image/png	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://snyk.io/wp-content/uploads/blog-main-1-2048x521.png Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 7cc18abdb44f648d8667a181f2a6b88b8bf1289eaeee1b12435396ca70d9c042 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 498 date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 3 status 200 content-length 394453 x-xss-protection 1; mode=block last-modified Thu, 15 Oct 2020 11:36:30 GMT server nginx x-frame-options deny etag "5f88343e-604d5" strict-transport-security max-age=31536000; preload content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 02 Nov 2021 18:57:55 GMT
GET H2	200	20200228_201942-150x147.jpg snyk.io/wp-content/uploads/	8 KB 8 KB	50ms 47ms	Image image/jpeg	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://snyk.io/wp-content/uploads/20200228_201942-150x147.jpg Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash b94b9e07eb6366e2cf410f364d874e51931c3e9a45951689183d730849c7b34c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 161 date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 2 status 200 content-length 8178 x-xss-protection 1; mode=block last-modified Wed, 25 Mar 2020 17:38:22 GMT server nginx x-frame-options deny etag "5e7b970e-1ff2" strict-transport-security max-age=31536000; preload content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31535811 accept-ranges bytes x-akamai-path-stats [3:128435:32565:0] expires Tue, 02 Nov 2021 18:54:46 GMT
GET H2	200	danny-grander_l5capz.jpg res.cloudinary.com/snyk/image/upload/v1530707798/	5 KB 5 KB	104ms 87ms	Image image/jpeg	2a04:4e42:1b::393 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://res.cloudinary.com/snyk/image/upload/v1530707798/danny-grander_l5capz.jpg Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1b::393 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software Cloudinary / Resource Hash 91c84490e54b28b304082c65288221cee7d10b2e1112e91135c32702cd78f56e Security Headers Name Value Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff last-modified Wed, 04 Jul 2018 12:36:39 GMT server Cloudinary status 200 etag "9bc3e650b4cc11789bca39460f855486" strict-transport-security max-age=604800 content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length,ETag,Server-Timing,X-Content-Type-Options cache-control public, no-transform, immutable, max-age=2592000 server-timing fastly;dur=80;cpu=1;start=2020-11-02T18:57:55.124Z;desc=hit,rtt;dur=5 accept-ranges bytes timing-allow-origin * content-length 5103
GET H2	200	blIvap4nsapsBoRDIaBbe6p_aFEbrLgiuTGVGl8qi7vVmMJZRkYkj95uIAE4AJ2s8zgMmgpfXCd03y3cb6aiwtC_ktp0uDT1xpGh_lI7trfgnyZO1nh4K4Y_Jgpv42qJKcxi7MZn lh6.googleusercontent.com/	62 KB 62 KB	256ms 232ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh6.googleusercontent.com/blIvap4nsapsBoRDIaBbe6p_aFEbrLgiuTGVGl8qi7vVmMJZRkYkj95uIAE4AJ2s8zgMmgpfXCd03y3cb6aiwtC_ktp0uDT1xpGh_lI7trfgnyZO1nh4K4Y_Jgpv42qJKcxi7MZn Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 68eb036f77fa26c679c47d7439686742cf52381ed1cbb607729c573513c7dd93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff age 0 status 200 content-disposition inline;filename="pasted image 0.png" alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63447 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 03 Nov 2020 09:46:59 GMT
GET H2	200	op7ERt_k6O12kLmAQCj4s80Nj_d6WC0uRLplAz7HZhHugcwjADLT8kIqOpoqypeyEWor0ymfl_cNfxASZ42CQuGKYB1toOKSUHTGcTPKk1GXTsvDSyktnp0ToZT6IsQsjqFIecJa lh3.googleusercontent.com/	43 KB 44 KB	254ms 230ms	Image image/png	2a00:1450:4001:825::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/op7ERt_k6O12kLmAQCj4s80Nj_d6WC0uRLplAz7HZhHugcwjADLT8kIqOpoqypeyEWor0ymfl_cNfxASZ42CQuGKYB1toOKSUHTGcTPKk1GXTsvDSyktnp0ToZT6IsQsjqFIecJa Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 51e71f58989fff663210d4b0fb4624168974fb325015a87ad9b6ebec910a8a4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff age 0 status 200 content-disposition inline;filename="pasted image 0.png" alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44279 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 03 Nov 2020 09:46:59 GMT
GET H2	200	uMIsX_iShCpsQp2kxtU5hZLeLXpjy5HlYTHt9AgjKNTWLkZiF_XkmHPujXYI4-HCerJCTLxcKxrwpWtKLqY0_QSrs_1H8STnbsuvwbew-KqIvk5aXYKLFnSU95TshyV7Mp-x8lbH lh6.googleusercontent.com/	69 KB 69 KB	203ms 179ms	Image image/png	2a00:1450:4001:821::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh6.googleusercontent.com/uMIsX_iShCpsQp2kxtU5hZLeLXpjy5HlYTHt9AgjKNTWLkZiF_XkmHPujXYI4-HCerJCTLxcKxrwpWtKLqY0_QSrs_1H8STnbsuvwbew-KqIvk5aXYKLFnSU95TshyV7Mp-x8lbH Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 24d053ac0365bfc2c4c8f961910a74de046f62d0b881cccc44112ede83f4b0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff age 0 status 200 content-disposition inline;filename="pasted image 0.png" alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70457 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Tue, 03 Nov 2020 09:46:59 GMT
GET H2	200	v2.js Show response js.hsforms.net/forms/	513 KB 126 KB	281ms 116ms	Script application/javascript	2606:4700::6811:ba49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsforms.net/forms/v2.js Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ba49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7013b0ba030c8e20197cae7d68eefd1f4f0ae0cc7d01e964cdc0fc217c1085f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT via 1.1 98e30e5953336545df428a8f5923a289.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status HIT age 234 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED content-encoding br content-type application/javascript; charset=utf-8 cf-request-id 062bebc37f000007420e137000000001 last-modified Mon, 02 Nov 2020 10:38:03 UTC server cloudflare etag W/"a29b10ef42faf368dd8d529405716df0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-version-id 6bJ.hvT6TYVIu5xo41r_zLLKPELmu.l8 access-control-allow-origin * cache-control s-maxage=600, max-age=0 x-amz-cf-pop IAD89-C3 cf-ray 5ec0157f38560742-FRA x-amz-cf-id elSba2G_Pg5xTPvill2YjWwdV7FNVl_zpf3s98C-Qv1GIF8KLJg4tg==
GET H2	200	logo.svg snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/svg/	8 KB 4 KB	69ms 67ms	Image image/svg+xml	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/svg/logo.svg Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 433000795cb0a9c8d636bd06a642060e15d14784b51d8d678a0b10046a0cb3a1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 426 date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff x-edgeconnect-midmile-rtt 3 status 200 strict-transport-security max-age=31536000; preload content-length 3575 x-xss-protection 1; mode=block last-modified Tue, 14 May 2019 08:26:40 GMT server nginx x-frame-options deny etag W/"5cda7bc0-1e78" vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=28332509 expires Sun, 26 Sep 2021 17:06:24 GMT
GET H2	200	main-2710.js Show response snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/scripts/	375 KB 102 KB	83ms 81ms	Script application/javascript	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/scripts/main-2710.js Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 16dd4b71d28fb9ee543ccc1d04aafb5992336b6814e075e3ecd0cef9bd75ee51 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 511 date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff x-edgeconnect-midmile-rtt 1 status 200 strict-transport-security max-age=31536000; preload content-length 103365 x-xss-protection 1; mode=block last-modified Tue, 27 Oct 2020 10:48:46 GMT server nginx x-frame-options deny etag W/"5f97fb0e-5ddc2" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	wp-embed.min.js Show response snyk.io/wp-includes/js/	1 KB 1 KB	70ms 68ms	Script application/javascript	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-includes/js/wp-embed.min.js?ver=5.4.2 Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 26 Oct 2019 00:17:07 GMT server nginx status 200 etag W/"5db39083-59a" x-frame-options deny content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000 strict-transport-security max-age=31536000; preload vary Accept-Encoding content-length 769 x-xss-protection 1; mode=block
GET H3-Q050	200	css fonts.googleapis.com/	14 KB 1 KB	192ms 104ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i Requested by Host: snyk.io URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7b2794043603e97ec35a95f6884a96780f80286fc30112ac68d804b3fb2d00bc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 02 Nov 2020 18:57:55 GMT server ESF date Mon, 02 Nov 2020 18:57:55 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 02 Nov 2020 18:57:55 GMT
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/	400 KB 79 KB	186ms 76ms	Script text/javascript	52.84.86.139 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.84.86.139 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-84-86-139.ham50.r.cloudfront.net Software AmazonS3 / Resource Hash f4c0128f57d0c6151f056cfeb28a4aea711fc50d7d2df0dce379c16e3c7f9815 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-version-id H8Hc2bngiouvW9HgLLtcQOKBjT4Gn2DC content-encoding gzip etag "e107e3bce4ebf921ebfc4e236e12b46d" x-amz-cf-pop HAM50-C2 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED content-length 79926 access-control-allow-origin * last-modified Fri, 30 Oct 2020 21:15:07 GMT server AmazonS3 date Mon, 02 Nov 2020 18:57:55 GMT access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 via 1.1 388cc0c5ce8a8fabd4c67331fde9504d.cloudfront.net (CloudFront) cache-control public, max-age=300 accept-ranges bytes x-amz-cf-id p73OM8YIv9mKDcDQbiSaBD9P1qS6pAAC-nGdoXcPTpinriuHeAcahQ==
GET H2	200	n-mEMkeoUqs www.youtube.com/embed/ Frame 7DA3	0 0	99ms 98ms	Document text/html	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/n-mEMkeoUqs?feature=oembed Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/n-mEMkeoUqs?feature=oembed pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ Response headers status 200 strict-transport-security max-age=31536000 content-encoding br content-length 20052 x-content-type-options nosniff cache-control no-cache content-type text/html; charset=utf-8 expires Tue, 27 Apr 1971 19:44:06 GMT p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." date Mon, 02 Nov 2020 18:57:55 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=VQFIbuJ4QYU; path=/; domain=.youtube.com; secure; expires=Sat, 01-May-2021 18:57:55 GMT; httponly; samesite=None VISITOR_INFO1_LIVE=VQFIbuJ4QYU; path=/; domain=.youtube.com; secure; expires=Sat, 01-May-2021 18:57:55 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 02-Nov-2020 19:27:55 GMT YSC=Jfi1A4ao4eo; path=/; domain=.youtube.com; secure; httponly; samesite=None alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	o79R4fr2cho www.youtube.com/embed/ Frame D96B	0 0	96ms 96ms	Document text/html	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/o79R4fr2cho?feature=oembed Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software YouTube Frontend Proxy / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/o79R4fr2cho?feature=oembed pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ Response headers status 200 expires Tue, 27 Apr 1971 19:44:06 GMT content-length 20137 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." x-content-type-options nosniff content-encoding br strict-transport-security max-age=31536000 content-type text/html; charset=utf-8 cache-control no-cache date Mon, 02 Nov 2020 18:57:55 GMT server YouTube Frontend Proxy x-xss-protection 0 set-cookie VISITOR_INFO1_LIVE=y7vXpj7Ku9I; path=/; domain=.youtube.com; secure; expires=Sat, 01-May-2021 18:57:55 GMT; httponly; samesite=None YSC=C2svc-LoKjg; path=/; domain=.youtube.com; secure; httponly; samesite=None VISITOR_INFO1_LIVE=y7vXpj7Ku9I; path=/; domain=.youtube.com; secure; expires=Sat, 01-May-2021 18:57:55 GMT; httponly; samesite=None GPS=1; path=/; domain=.youtube.com; expires=Mon, 02-Nov-2020 19:27:55 GMT alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET DATA	200 OK	truncated /	200 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0ffad23e9072a87e4086aa3cfd3cd8812d70cdf1555d5c3883ca178871d84ec4 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	180 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cc5fb6461d3b1d62fd3953a5db6eae25d87dba2e6345417416648cc16a70eb54 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	312 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 833f0d706a7c5cae94ee49e834bf9c1254e6c0a25483f9b7fa4a95b8b4c21d65 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	prenton-regular.woff snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/fonts/	119 KB 120 KB	49ms 47ms	Font font/woff	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/fonts/prenton-regular.woff Requested by Host: snyk.io URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 27aa4691b6b6c4124e48c31507d5f4d06ce5b8e605539f26dc1ab8a9d4607c90 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Origin https://snyk.io Referer https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 184 date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 7 status 200 content-length 121982 x-xss-protection 1; mode=block last-modified Tue, 14 May 2019 08:26:40 GMT server nginx x-frame-options deny etag "5cda7bc0-1dc7e" strict-transport-security max-age=31536000; preload content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	prenton-medium.woff snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/fonts/	121 KB 122 KB	72ms 70ms	Font font/woff	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/fonts/prenton-medium.woff Requested by Host: snyk.io URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 02172ae8e82ddc260a421e15a727c4737c8051a169b9de6ab6f56ba8d6519f24 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Origin https://snyk.io Referer https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 517 date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 6 status 200 content-length 124121 x-xss-protection 1; mode=block last-modified Tue, 14 May 2019 08:26:40 GMT server nginx x-frame-options deny etag "5cda7bc0-1e4d9" strict-transport-security max-age=31536000; preload content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H2	200	mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 fonts.gstatic.com/s/opensans/v18/	9 KB 9 KB	9ms 7ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://snyk.io Referer https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 30 Oct 2020 09:05:25 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:49 GMT server sffe age 294750 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9180 x-xss-protection 0 expires Sat, 30 Oct 2021 09:05:25 GMT
GET H2	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v18/	9 KB 9 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://snyk.io Referer https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 30 Oct 2020 09:05:25 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:28 GMT server sffe age 294750 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9132 x-xss-protection 0 expires Sat, 30 Oct 2021 09:05:25 GMT
GET H2	200	58ba0d4b-160b-4760-90e7-ff84e98a46d0 Show response forms.hsforms.com/embed/v3/form/1699665/	24 KB 5 KB	513ms 340ms	Script application/javascript	2606:4700::6810:5605 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/1699665/58ba0d4b-160b-4760-90e7-ff84e98a46d0?callback=hs_reqwest_0&hutk= Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae7f37cead776e09ae15fbf8c8f58a8735456b9e1bb67f4d30911e5c6f4af180 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC status 200 content-disposition attachment; filename=no-rfd.txt vary Accept-Encoding cf-request-id 062bebc5b200000eb768278000000001 server cloudflare x-trace 2B05848C2C35C5730A4D68D4F6E1D1F1A192B9308F000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript;charset=utf-8 cache-control max-age=0, no-cache, no-store access-control-allow-credentials false cf-ray 5ec01582beef0eb7-FRA
GET H2	200	58ba0d4b-160b-4760-90e7-ff84e98a46d0 Show response forms.hsforms.com/embed/v3/form/1699665/	24 KB 4 KB	494ms 341ms	Script application/javascript	2606:4700::6810:5605 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hsforms.com/embed/v3/form/1699665/58ba0d4b-160b-4760-90e7-ff84e98a46d0?callback=hs_reqwest_1&hutk= Requested by Host: js.hsforms.net URL: https://js.hsforms.net/forms/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc4f05d04232206938a0c1bd65a1d6b1ea624b91b202117694419c264b1e53a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC status 200 content-disposition attachment; filename=no-rfd.txt vary Accept-Encoding cf-request-id 062bebc5b300000eb76097e000000001 server cloudflare x-trace 2B5AB8A26AE97D3E9E7FB59E9B0F83828AAEEBBD4E000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript;charset=utf-8 cache-control max-age=0, no-cache, no-store access-control-allow-credentials false cf-ray 5ec01582bef40eb7-FRA
GET H2	200	blog-footer-icon.svg snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/	162 KB 122 KB	56ms 56ms	Image image/svg+xml	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/images/blog-footer-icon.svg Requested by Host: snyk.io URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 405e20c5222232f1ba29b4c0afab70c60a0830ce7eee15958fb1ec3862bcb76d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff status 200 vary Accept-Encoding content-length 124685 x-xss-protection 1; mode=block last-modified Wed, 30 Sep 2020 07:53:54 GMT server nginx x-frame-options deny etag W/"5f743992-286ff" strict-transport-security max-age=31536000; preload content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31494217 expires Tue, 02 Nov 2021 07:21:32 GMT
GET H2	200	fontawesome-webfont_af7ae505.woff2 snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/vendor/	75 KB 76 KB	48ms 47ms	Font font/woff2	2a02:26f0:41:69b::ecd AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/vendor/fontawesome-webfont_af7ae505.woff2 Requested by Host: snyk.io URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:41:69b::ecd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software nginx / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000; preload X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Origin https://snyk.io Referer https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-0211-2.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 130 date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 4 status 200 content-length 77160 x-xss-protection 1; mode=block last-modified Tue, 14 May 2019 08:26:40 GMT server nginx x-frame-options deny etag "5cda7bc0-12d68" strict-transport-security max-age=31536000; preload content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes
GET H/1.1	200 OK	6si.min.js Show response j.6sc.co/	15 KB 7 KB	140ms 46ms	Script application/javascript	104.103.76.197 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://j.6sc.co/6si.min.js Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.103.76.197 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-76-197.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash 779651bc146d489786b9b4ab590d2784547448e4b85cf1bb9036b31e404d1a37 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 02 Nov 2020 18:57:55 GMT Content-Encoding gzip Last-Modified Thu, 24 Sep 2020 22:09:24 GMT Server nginx/1.14.0 (Ubuntu) ETag "5f6d1914-3a6c" Vary Accept-Encoding Access-Control-Allow-Methods GET,POST Content-Type application/javascript Access-Control-Allow-Origin Access-Control-Max-Age 86400 Access-Control-Allow-Credentials true Connection keep-alive Accept-Ranges bytes Access-Control-Allow-Headers * Content-Length 6116
GET H2	200	5698.json Show response script.crazyegg.com/pages/data-scripts/0082/	2 KB 1 KB	263ms 97ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0082/5698.json?t=5347811 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0082/5698.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76be3806873d22c59a0d17022cb6c34754bccbd421aca20ee7492e8625fd30ea Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip cf-cache-status HIT age 12669 ce-version 11.1.143 status 200 content-length 771 cf-request-id 062bebc628000017667520e000000001 last-modified Mon, 02 Nov 2020 15:26:46 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes cf-ray 5ec01583791f1766-FRA
POST H2	200	p Show response api.segment.io/v1/	21 B 136 B	615ms 205ms	XHR application/json	52.37.21.144 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.37.21.144 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-37-21-144.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers status 200 date Mon, 02 Nov 2020 18:57:56 GMT access-control-allow-origin https://snyk.io content-length 21 vary Origin content-type application/json
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	88 KB 23 KB	9ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 content-length 23070 x-xss-protection 0 pragma public x-fb-debug Vh8TJGaxGPz3n/wo443JGoiCnuVqhI86WvU1O17allyfrhQOtUHWRRnQ3GakUw92o1wHIhFPOGWuXmSgOAu1Gw== x-fb-trip-id 664085054 x-frame-options DENY date Mon, 02 Nov 2020 18:57:55 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	30 KB 11 KB	51ms 48ms	Script text/javascript	216.58.210.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s07-in-f2.1e100.net Software cafe / Resource Hash cd0b93e601f0c6879b03f1cf419a72c592d57a4902f4a2ad4fd442ca964a62b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 11477 x-xss-protection 0 server cafe etag 4463296694571982414 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 02 Nov 2020 18:57:55 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	965 B 761 B	12ms 9ms	Script application/x-javascript	2a02:26f0:10c:58e::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 02 Nov 2020 18:57:55 GMT Content-Encoding gzip Last-Modified Tue, 22 Sep 2020 22:01:48 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=83342 Connection keep-alive Accept-Ranges bytes Content-Length 448
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	84ms 82ms	Script text/javascript	2a00:1450:4001:816::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 6127 date Mon, 02 Nov 2020 17:15:48 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Mon, 02 Nov 2020 19:15:48 GMT
GET H2	200	1699665.js Show response js.hs-analytics.net/analytics/1604343600000/	60 KB 18 KB	272ms 96ms	Script text/javascript	2606:4700::6811:45b0 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1604343600000/1699665.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a66cea5cc0986146bb1c7f1aa317717399f4e6635e300ca72f820a103f0a716c Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding br cf-cache-status HIT age 116 x-amz-server-side-encryption AES256 status 200 x-amz-request-id 37190EFE59E7F69A x-amz-id-2 dgW3jlvBj5r0GDeVi/MFdJMESsjtWVIvcmeeR7DbDEm8ZUkW8w2Jl1DDAxqLMl6LgpLhpPgWTl4= last-modified Mon, 02 Nov 2020 16:23:09 GMT server cloudflare etag W/"d3e089df6688df19ef991bcd64d13cad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript cache-control max-age=300, public access-control-allow-credentials false x-amz-version-id null cf-request-id 062bebc68d0000062580352000000001 cf-ray 5ec015841a490625-FRA expires Mon, 02 Nov 2020 19:00:59 GMT
GET H2	200	shim.latest.js Show response js.intercomcdn.com/ Redirect Chain https://widget.intercom.io/widget/ksrvzmf2 https://js.intercomcdn.com/shim.latest.js	11 KB 5 KB	154ms 50ms	Script application/javascript	52.85.32.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/shim.latest.js Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.32.111 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-32-111.ham50.r.cloudfront.net Software AmazonS3 / Resource Hash b5aed79e4333ac639e3b61c74ce085a8ed68a2e5639a42eb24ba8fa1dae8dbfd Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:54 GMT content-encoding gzip age 2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 content-length 4277 last-modified Thu, 29 Oct 2020 16:37:46 GMT server AmazonS3 etag "3f6869ae1ca3c1253cd4b9a2cda195f9" content-type application/javascript; charset=UTF-8 via 1.1 cfd67353680316557643ad146b46d047.cloudfront.net (CloudFront) cache-control max-age=300, s-maxage=300, public x-amz-cf-pop HAM50-C1 accept-ranges bytes x-amz-cf-id z6SWovt458HoAgpoYLQwjx1inuUsEchngO3DlDhm7Gba1d4IILk0QA== Redirect headers date Fri, 23 Oct 2020 10:19:52 GMT via 1.1 64003b022bc3cc2e877f218eb451e376.cloudfront.net (CloudFront) server AmazonS3 age 895084 status 302 x-cache Hit from cloudfront location https://js.intercomcdn.com/shim.latest.js x-amz-cf-pop HAM50-C3 content-length 0 x-amz-cf-id 5P6NtjNaD2e9tS_J7ODqfKaYD86_qBsS23lz8aIzr1pSSIYIXlrpZQ==
GET H/1.1	200 OK	/ Show response c.6sc.co/	47 B 363 B	143ms 45ms	XHR text/plain	104.103.76.197 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://c.6sc.co/ Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.103.76.197 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-76-197.deploy.static.akamaitechnologies.com Software / Resource Hash 8379077ce404bbc8a6a0727a35f37110a9e620b3d207bbc8c6de1bb36e428a93 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 02 Nov 2020 18:57:55 GMT Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type text/plain Access-Control-Allow-Origin https://snyk.io Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers * Content-Length 47
GET H/1.1	200 OK	getuidj Show response secure.adnxs.com/	11 B 698 B	160ms 64ms	XHR application/json	185.33.221.52 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://secure.adnxs.com/getuidj Requested by Host: j.6sc.co URL: https://j.6sc.co/6si.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.52 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash 31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Mon, 02 Nov 2020 18:57:55 GMT X-Proxy-Origin 185.156.175.107; 185.156.175.107; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.43:80 AN-X-Request-Uuid 4f2c512c-9869-4c8b-9278-76cfd82a139f Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://snyk.io Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 11 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	insight.beta.min.js Show response snap.licdn.com/li.lms-analytics/	4 KB 2 KB	10ms 9ms	Script application/x-javascript	2a02:26f0:10c:58e::25ea AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:10c:58e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 02 Nov 2020 18:57:55 GMT Content-Encoding gzip Last-Modified Tue, 22 Sep 2020 22:01:48 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=31734 Connection keep-alive Accept-Ranges bytes Content-Length 1799
GET H2	200	identity.js Show response connect.facebook.net/signals/plugins/	11 KB 5 KB	6ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/plugins/identity.js?v=2.9.27 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff status 200 content-length 4673 x-xss-protection 0 pragma public x-fb-debug ls2C5i4iuh1DOmVcYik94xRdIvJG3Xhk1hwn+mti0JvjKpd/GTj8aRGH4Q2LC1m1t2ZYph6QAksRswxRZ/bOdw== x-fb-trip-id 664085054 x-frame-options DENY date Mon, 02 Nov 2020 18:57:55 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	451468715046970 Show response connect.facebook.net/signals/config/	234 KB 69 KB	52ms 52ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/451468715046970?v=2.9.27&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 9dfac400facf2af76d6765fd9320e4f9dfbd76a39848adcdf17fa559b3f756b3 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-fb-trip-id 664085054 pragma public x-fb-debug YylI98W3hbJ4uhG4OKxT9+9KcwhZ7yrwLeW4wXXzLEKOJcrDDSVmUGWdq5HALHDkY8G3X89VFk4e3YNCxSoRWw== content-encoding gzip x-content-type-options nosniff x-frame-options DENY date Mon, 02 Nov 2020 18:57:55 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 status 200 cache-control public, max-age=1200 content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; vary Accept-Encoding x-xss-protection 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	204	/ lux.speedcurve.com/error/	0 149 B	112ms 36ms	Image text/plain	151.101.114.217 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://lux.speedcurve.com/error/?v=206&id=80837559&fn=https%3A%2F%2Fsnyk.io%2Fwp-content%2Fthemes%2Fsnyk_v2_etyhadar%2Fresources%2Fassets%2Fscripts%2Fjquery3.4.1.min.js%3Fver%3D5.4.2&ln=2&cn=31118&msg=Uncaught%20TypeError%3A%20Cannot%20read%20property%20%27replace%27%20of%20null&l=Remote-code-execution-rce-sourmint&ct=4G Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT via 1.1 varnish server Varnish x-timer S1604343476.717393,VS0,VE1 x-served-by cache-hhn4054-HHN x-cache HIT status 204 accept-ranges bytes access-control-allow-origin * retry-after 0 x-cache-hits 0
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1604343475629&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D970508%26time%3D1604343475629%26url%3Dhttps%253A%252F%252Fsnyk.io%252Fblog%252Fre... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1604343475629&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&liSync=true	0 64 B	177ms 176ms	Image application/javascript	2a05:f500:11:101::b93f:9005 LINKEDIN
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1604343475629&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&liSync=true Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US), Reverse DNS Software Play / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:56 GMT server Play linkedin-action 1 x-li-fabric prod-lor1 status 200 x-li-proto http/2 x-li-pop prod-tln1 content-type application/javascript content-length 0 x-li-uuid N8+RKuTFQxbgKWNtvSoAAA== Redirect headers content-security-policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' x-content-type-options nosniff linkedin-action 1 status 302 content-length 0 x-li-uuid 6v69IuTFQxaQHpfeECsAAA== pragma no-cache x-li-pop afd-prod-esv5 x-msedge-ref Ref A: E811C3137D3D49858801399DE38AFD25 Ref B: FRAEDGE1319 Ref C: 2020-11-02T18:57:55Z x-frame-options sameorigin date Mon, 02 Nov 2020 18:57:55 GMT expect-ct max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct" strict-transport-security max-age=2592000 x-li-fabric prod-lor1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1604343475629&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&liSync=true x-xss-protection 1; mode=block cache-control no-cache, no-store x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3-Q050	200	/ Show response www.googleadservices.com/pagead/conversion/923832244/	2 KB 1 KB	92ms 92ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/923832244/?random=1604343475661&cv=9&fst=1604343475661&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 489af1c186d6b8fa09a0a5bed95d8c68db6dd9af5575d6b45268af9f249893cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1099 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/	3 KB 1 KB	105ms 105ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/?random=1604343475666&cv=9&fst=1604343475666&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=path%3D%2Fblog%2Fremote-code-execution-rce-sourmint%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DSourMint%3A%20iOS%20remote%20code%20execution%5C%2C%20Android%20findings%5C%2C%20and%20community%20response%20%7C%20Snyk%3Burl%3Dhttps%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&frm=0&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f28ea5524f3178b8b4c424d4265fe4e76d6874f9a996ff3d2bd05a7880c7665d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 1116 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	js Show response www.google-analytics.com/gtm/	97 KB 36 KB	25ms 24ms	Script application/javascript	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-K59728M&cid=653800665.1604343476 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b44c9f7c95bde5aa1e061f5fdb1789afa13a1b497950a528220c32dcaa694e95 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding br vary Accept-Encoding status 200 cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36185 x-xss-protection 0 server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 02 Nov 2020 18:57:55 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 146 B	6ms 6ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=451468715046970&ev=PageView&dl=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&rl=&if=false&ts=1604343475760&sw=1600&sh=1200&v=2.9.27&r=stable&a=seg&ec=0&o=30&fbp=fb.1.1604343475760.331704645&it=1604343475624&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Mon, 02 Nov 2020 18:57:55 GMT
GET H3-Q050	200	/ www.google.de/pagead/1p-conversion/923832244/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_... https://www.google.com/pagead/1p-conversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_... https://www.google.de/pagead/1p-conversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_n...	42 B 134 B	26ms 26ms	Image image/gif	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://snyk.io/blog/remote-code-execution-rce-sourmint/&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1agX_XoLZjK7_UPmY6I8Ao&cid=CAQSKQCNIrLMiJdoUWQzazLpQXkLZ9pFcGgFZsDk4uR7st49HEcXovvffsvw&random=2680405857&resp=GooglemKTybQhCsO&ipr=y Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 02 Nov 2020 18:57:56 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 302 content-type image/gif location https://www.google.de/pagead/1p-conversion/923832244/?random=1712845291&cv=9&fst=*&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https://snyk.io/blog/remote-code-execution-rce-sourmint/&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=s1agX_XoLZjK7_UPmY6I8Ao&cid=CAQSKQCNIrLMiJdoUWQzazLpQXkLZ9pFcGgFZsDk4uR7st49HEcXovvffsvw&random=2680405857&resp=GooglemKTybQhCsO&ipr=y cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	11.1.143.js Show response script.crazyegg.com/pages/versioned/common-scripts/	100 KB 32 KB	91ms 91ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/common-scripts/11.1.143.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0082/5698.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3519010884e2444cf29e29662556f9a537d9382a96f6d347af455f9ea4987f6a Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:55 GMT content-encoding gzip cf-cache-status HIT age 24381 cf-polished origSize=106963 status 200 cf-request-id 062bebc6880000c2d14ea6f000000001 last-modified Mon, 26 Oct 2020 13:10:12 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 cf-ray 5ec015840eccc2d1-FRA cf-bgj minify
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 82 B	87ms 86ms	XHR text/plain	2a00:1450:400c:c01::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-69111857-1&cid=653800665.1604343476&jid=566740408&gjid=1596415118&_gid=1534549875.1604343476&_u=aGBAgEADQAAAAE~&z=159227887 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 02 Nov 2020 18:57:55 GMT status 200 content-type text/plain access-control-allow-origin https://snyk.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/	35 B 120 B	6ms 6ms	Image image/gif	2a00:1450:4001:806::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j87&a=1496176969&t=pageview&_s=1&dl=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&dp=%2Fblog%2Fremote-code-execution-rce-sourmint%2F&ul=en-us&de=UTF-8&dt=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEADQ~&jid=566740408&gjid=1596415118&cid=653800665.1604343476&tid=UA-69111857-1&_gid=1534549875.1604343476&z=1621883872 Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 01 Nov 2020 20:37:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 80427 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	img.gif b.6sc.co/v1/beacon/	43 B 774 B	348ms 256ms	Image image/gif	104.103.76.197 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=7717655f28630000b356a05f3e02000022db0000&visitor=c55d18af-90f9-45fb-83fe-ca8d435103b2&session=4e6cd71b-418d-4001-874c-f0328083898c&event=a_pageload&q=%7B%7D&isIframe=false&m=%7B%22description%22%3A%22We%E2%80%99ve%20now%20uncovered%20evidence%20that%20%23Android%20has%20been%20affected%20by%20suspicious%20behavior%20of%20Mintegral%20SDK%20as%20well%20as%20Remote%20Code%20Execution%20in%20iOS.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk%22%7D&cb=43475785&r=&thirdParty=%7B%7D&pageURL=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.103.76.197 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-103-76-197.deploy.static.akamaitechnologies.com Software nginx/1.14.0 (Ubuntu) / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 02 Nov 2020 18:57:56 GMT X-Content-Type-Options nosniff Connection keep-alive Content-Length 43 Pragma no-cache Last-Modified Fri, 21 Feb 2020 18:57:20 GMT Server nginx/1.14.0 (Ubuntu) ETag "5e502810-2b" Access-Control-Max-Age 86400 Access-Control-Allow-Methods GET,POST Content-Type image/gif Access-Control-Allow-Origin Cache-Control private, no-cache, no-cache=Set-Cookie, proxy-revalidate Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers * Expires Wed, 19 Apr 2000 11:43:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/923832244/	42 B 107 B	40ms 39ms	Image image/gif	2a00:1450:4001:81a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/923832244/?random=1604343475666&cv=9&fst=1604340000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2Fblog%2Fremote-code-execution-rce-sourmint%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DSourMint%3A%20iOS%20remote%20code%20execution%5C%2C%20Android%20findings%5C%2C%20and%20community%20response%20%7C%20Snyk%3Burl%3Dhttps%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&frm=0&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&async=1&fmt=3&is_vtc=1&random=1824292382&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/923832244/	42 B 107 B	28ms 28ms	Image image/gif	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/923832244/?random=1604343475666&cv=9&fst=1604340000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=path%3D%2Fblog%2Fremote-code-execution-rce-sourmint%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DSourMint%3A%20iOS%20remote%20code%20execution%5C%2C%20Android%20findings%5C%2C%20and%20community%20response%20%7C%20Snyk%3Burl%3Dhttps%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&frm=0&url=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&tiba=SourMint%3A%20iOS%20remote%20code%20execution%2C%20Android%20findings%2C%20and%20community%20response%20%7C%20Snyk&async=1&fmt=3&is_vtc=1&random=1824292382&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.com/ads/	42 B 87 B	107ms 106ms	Image image/gif	2a00:1450:4001:817::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-69111857-1&cid=653800665.1604343476&jid=566740408&_u=aGBAgEADQAAAAE~&z=922662849 Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	ga-audiences www.google.de/ads/	42 B 87 B	32ms 31ms	Image image/gif	2a00:1450:4001:817::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-69111857-1&cid=653800665.1604343476&jid=566740408&_u=aGBAgEADQAAAAE~&z=922662849 Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:55 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 cache-control no-cache, no-store, must-revalidate content-type image/gif alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	frame-modern.1acfce1b.js Show response js.intercomcdn.com/ Frame 88C2	233 KB 63 KB	61ms 60ms	Script application/javascript	52.85.32.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.1acfce1b.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/ksrvzmf2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.32.111 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-32-111.ham50.r.cloudfront.net Software AmazonS3 / Resource Hash b41ca34cc8ba93804a503c32d89428ae5ae4b7578555eeee9f41d90a01e09e6e Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:37:49 GMT content-encoding gzip age 1208 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 content-length 64348 last-modified Thu, 29 Oct 2020 16:28:31 GMT server AmazonS3 etag "a00ab37d21e256facf06f8f976f71ec6" content-type application/javascript; charset=UTF-8 via 1.1 cfd67353680316557643ad146b46d047.cloudfront.net (CloudFront) cache-control max-age=31536000, s-maxage=7200, public x-amz-cf-pop HAM50-C1 accept-ranges bytes x-amz-cf-id 4m9z6h9-bu2qt0WOqADU8KOHkXb2F9Md1H-aYQ-GK79vRRIhKoIfLw==
GET H2	200	vendor-modern.f585e527.js Show response js.intercomcdn.com/ Frame 88C2	123 KB 38 KB	61ms 61ms	Script application/javascript	52.85.32.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.f585e527.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/ksrvzmf2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.85.32.111 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-85-32-111.ham50.r.cloudfront.net Software AmazonS3 / Resource Hash f2115d67889ef9ee779fd47c169d0057c076767844771a2eb6fe918f09760e61 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 17:58:34 GMT content-encoding gzip age 3563 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront status 200 content-length 38303 last-modified Thu, 29 Oct 2020 16:28:31 GMT server AmazonS3 etag "af39b5792e8c69d67c99c9ff6155bb17" content-type application/javascript; charset=UTF-8 via 1.1 cfd67353680316557643ad146b46d047.cloudfront.net (CloudFront) cache-control max-age=31536000, s-maxage=7200, public x-amz-cf-pop HAM50-C1 accept-ranges bytes x-amz-cf-id PVj5Kk_UiEJ2Odw2zxVZGsAbvRLi1vFDNNZ1vIQyoPAG-5gqBnJSgw==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 88C2	16 KB 4 KB	1392ms 1153ms	XHR application/json	75.2.88.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.1acfce1b.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ad8b87a22ce463223.awsglobalaccelerator.com Software nginx / Resource Hash c9db6b214f6d7b8236034008b319013b558dd8c16a562b9a5797825ee53ed091 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 02 Nov 2020 18:57:57 GMT content-encoding gzip x-ami-version ami-0f60be24d0983ce65 status 200, 200 OK strict-transport-security max-age=31556952; includeSubDomains; preload vary Accept-Encoding x-xss-protection 1; mode=block x-request-id 0003tlesf0hpa9ajvht0 x-runtime 1.025425 server nginx x-frame-options SAMEORIGIN etag W/"c9db6b214f6d7b8236034008b319013b" x-ratelimit-remaining 19957 access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://snyk.io x-intercom-version 98cb90071dda6fd76cad4080789ed23418a0bf2f cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1604343480 x-ratelimit-limit 20000 access-control-allow-headers Content-Type x-content-type-options nosniff
GET H2	200	1699665.js Show response js.hs-scripts.com/	799 B 852 B	387ms 219ms	Script application/javascript	2606:4700::6811:d4cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/1699665.js Requested by Host: js.hs-analytics.net URL: https://js.hs-analytics.net/analytics/1604343600000/1699665.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4170fa9c4e11ac462e298dd4ec3e5ebf9b216495a96d18258a6921afb63fd3dc Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:56 GMT content-encoding br vary Accept-Encoding cf-cache-status EXPIRED status 200 cf-request-id 062bebc8e70000c28bc4bb2000000001 server cloudflare x-trace 2BC653A01C2037031AE835D4809CB383525CA614A0000000000000000000 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://snyk.io cache-control public, max-age=60 access-control-allow-credentials true cf-ray 5ec01587def9c28b-FRA expires Mon, 02 Nov 2020 18:58:56 GMT
GET H2	200	__ptq.gif track.hubspot.com/	45 B 129 B	54ms 32ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=1699665&rcu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&pu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&t=SourMint%3A+iOS+remote+code+execution%2C+Android+findings%2C+and+community+response+%7C+Snyk&cts=1604343476206&vi=f82afda3693c0a3799699da8367b56b7&nc=true&ce=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-ray 5ec015868b2f145a-FRA date Mon, 02 Nov 2020 18:57:56 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI CUR ADM OUR NOR STA NID" status 200 cache-control no-cache, no-store, no-transform access-control-allow-credentials false strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/gif content-length 45 cf-request-id 062bebc8150000145aa78eb000000001 x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 129 B	57ms 36ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=17&fi=58ba0d4b-160b-4760-90e7-ff84e98a46d0&fci=6241934c-3a2e-4dbf-a0b4-0c8d4efaf6a5&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=1699665&rcu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&pu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&t=SourMint%3A+iOS+remote+code+execution%2C+Android+findings%2C+and+community+response+%7C+Snyk&cts=1604343476210&vi=f82afda3693c0a3799699da8367b56b7&nc=true&ce=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-ray 5ec015868b37145a-FRA date Mon, 02 Nov 2020 18:57:56 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI CUR ADM OUR NOR STA NID" status 200 cache-control no-cache, no-store, no-transform access-control-allow-credentials false strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/gif content-length 45 cf-request-id 062bebc8170000145a0884d000000001 x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 528 B	50ms 29ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=58ba0d4b-160b-4760-90e7-ff84e98a46d0&fci=6241934c-3a2e-4dbf-a0b4-0c8d4efaf6a5&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=1699665&rcu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&pu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&t=SourMint%3A+iOS+remote+code+execution%2C+Android+findings%2C+and+community+response+%7C+Snyk&cts=1604343476216&vi=f82afda3693c0a3799699da8367b56b7&nc=true&ce=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-ray 5ec015868b35145a-FRA date Mon, 02 Nov 2020 18:57:56 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI CUR ADM OUR NOR STA NID" status 200 cache-control no-cache, no-store, no-transform access-control-allow-credentials false strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/gif content-length 45 cf-request-id 062bebc8160000145aa6bca000000001 x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 129 B	53ms 31ms	Image image/gif	2606:4700::6813:9a53 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=58ba0d4b-160b-4760-90e7-ff84e98a46d0&fci=55be1228-31ed-4cca-bd6d-486ba793b5cb&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2978788718&v=1.1&a=1699665&rcu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&pu=https%3A%2F%2Fsnyk.io%2Fblog%2Fremote-code-execution-rce-sourmint%2F&t=SourMint%3A+iOS+remote+code+execution%2C+Android+findings%2C+and+community+response+%7C+Snyk&cts=1604343476220&vi=f82afda3693c0a3799699da8367b56b7&nc=true&ce=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers cf-ray 5ec015868b3d145a-FRA date Mon, 02 Nov 2020 18:57:56 GMT cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding p3p CP="NOI CUR ADM OUR NOR STA NID" status 200 cache-control no-cache, no-store, no-transform access-control-allow-credentials false strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/gif content-length 45 cf-request-id 062bebc8180000145a4fa74000000001 x-robots-tag none
POST H2	200	/ www.facebook.com/tr/	0 65 B	6ms 6ms	Other text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryuNYNP6TsCDfhvJ5w Response headers strict-transport-security max-age=31536000; includeSubDomains server proxygen-bolt date Mon, 02 Nov 2020 18:57:56 GMT status 200 content-type text/plain access-control-allow-origin https://snyk.io access-control-allow-credentials true alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0
GET H2	200	/ Show response lux.speedcurve.com/lux/	44 B 141 B	36ms 36ms	Script application/javascript	151.101.114.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://lux.speedcurve.com/lux/?v=206&id=80837559&sid=160434347527100724&uid=160434347527100724&l=Remote-code-execution-rce-sourmint&NT=1604343474102fs0ds1de55cs55sc86ce120qs120bs671be675ol674oi1357os1398oe1398oc2098ls2098le2119sr1112fc1112lc2099&LJS=d1t89f45c1n136e2r100x6908l1000s1168&PS=ns23bs2is6879ss4bc4ic123903ia5it19dd11nd791vh1200vw1600dh12575dw1600ds16967ct4G_er1nt0dm8&CPU=s|209,n|2,d|105,x|115,i|1300,1004|94,1185|115&HN=snyk.io&CLS=0.002177&UT=LUX_end|2298 Requested by Host: cdn.speedcurve.com URL: https://cdn.speedcurve.com/js/lux.js?id=80837559 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash 259401767b8c5270a3c1eb53ae8097afa6b78f8865078181cfbbcebe624f1cef Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 18:57:56 GMT via 1.1 varnish server Varnish x-timer S1604343476.422864,VS0,VE0 x-served-by cache-hhn4054-HHN x-cache HIT content-type application/javascript status 200 accept-ranges bytes access-control-allow-origin * content-length 44 retry-after 0 x-cache-hits 0
GET H2	200	main.js Show response assets.trendemon.com/scripts/2025/	197 KB 58 KB	135ms 43ms	Script application/javascript	13.224.194.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.trendemon.com/scripts/2025/main.js Requested by Host: snyk.io URL: https://snyk.io/blog/remote-code-execution-rce-sourmint/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.81 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-81.fra2.r.cloudfront.net Software / Express Resource Hash 03ea9d7e101f590c7231c013732df07548ad4ca3824ce1626211af99857a511a Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 14:54:42 GMT content-encoding gzip age 14594 x-powered-by Express x-cache Hit from cloudfront status 200 via 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront) trd-ts 2020-11-01T14:54:14.134Z last-modified Sun, 01 Nov 2020 14:53:25 GMT x-sent true etag W/"31588-175844c79d6" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-timestamp 1604242475417 cache-control public, max-age=86400 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-amz-cf-id 6qPylkawjEEYm6Tf8OUb4oWJlhWi7VAoOUiFiNCuIzCz2qPkuDFRVw==
GET H2	200	1699665.js Show response js.hs-banner.com/	46 KB 12 KB	277ms 102ms	Script text/javascript	2606:4700::6812:14bf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/1699665.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/1699665.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a08f4f514455050e5c3b11695067d3101f41241f8a518867fe8b53654353ba5 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-goog-hash crc32c=zxZNEg==, md5=S8mvb+xMH0u2KSrAz96MnA== date Mon, 02 Nov 2020 18:57:56 GMT content-encoding br cf-cache-status HIT age 79 x-guploader-uploadid ABg5-UxQ4fScj92bioQp29Dac-EP20bc58Rt0FQ5hR5JaPlTXrLXUJhD6yi5CoYVjeqVfizW0x89AkKxtfibLRQ4R8WiS9T12w x-goog-storage-class STANDARD status 200 access-control-max-age 604800 x-goog-metageneration 1 x-goog-stored-content-encoding identity content-type text/javascript; charset=UTF-8 cf-request-id 062bebca720000c2a4e105f000000001 timing-allow-origin * last-modified Thu, 29 Oct 2020 11:21:24 GMT server cloudflare etag W/"4bc9af6fec4c1f4bb6292ac0cfde8c9c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-goog-generation 1603970484585326 access-control-allow-origin https://snyk.io access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300, public access-control-allow-credentials true x-goog-stored-content-length 47454 cf-ray 5ec0158a4ff6c2a4-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id expires Mon, 02 Nov 2020 19:01:37 GMT
GET H2	200	fingerprint.min.js Show response assets.trendemon.com/global/	29 KB 11 KB	39ms 39ms	Script application/javascript	13.224.194.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.trendemon.com/global/fingerprint.min.js Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/scripts/2025/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.81 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-81.fra2.r.cloudfront.net Software / Express Resource Hash 3de0dd58502af32b1066b389a5f94f2f257dbb7e7ae50e69a2676f9cea246d2a Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 14:53:33 GMT content-encoding gzip age 14680 x-powered-by Express x-cache Hit from cloudfront status 200 access-control-allow-origin * trd-ts 2020-11-01T14:53:16.300Z last-modified Sun, 01 Nov 2020 14:50:07 GMT etag W/"77f4-17584497118" vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-amz-cf-id R5h4lgRLfqVctVrw660AUUQ6KlYHd5BioE5747sEkmbrSj88xPUqgw==
GET H2	200	me Show response trackingapi.trendemon.com/api/Identity/	95 B 511 B	418ms 136ms	Script application/x-javascript	3.94.71.171 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trackingapi.trendemon.com/api/Identity/me?accountId=2025&DomainCookie=16043434766609749&fingerPrint=f9d3a818ce96dc2c36d301ff3830eb65&callback=jsonp834529&vid= Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/scripts/2025/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.71.171 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-71-171.compute-1.amazonaws.com Software Kestrel / Resource Hash c6ff7d6dd696797177753ea046f13318a3beaba17ac988dded1aa4770eb300a4 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 pragma no-cache date Mon, 02 Nov 2020 18:57:57 GMT cache-control no-store,no-cache server Kestrel content-length 95 content-type application/x-javascript; charset=UTF-8
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 88C2	16 KB 4 KB	731ms 730ms	XHR application/json	75.2.88.188 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.1acfce1b.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS ad8b87a22ce463223.awsglobalaccelerator.com Software nginx / Resource Hash 0191af4d95c6f742b551f06c6d072de0bbf746bd70f6bab36abec78385224cb4 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 02 Nov 2020 18:57:58 GMT content-encoding gzip x-ami-version ami-0f60be24d0983ce65 status 200, 200 OK strict-transport-security max-age=31556952; includeSubDomains; preload vary Accept-Encoding x-xss-protection 1; mode=block x-request-id 003ia249h1qjvlik03ig x-runtime 0.601598 server nginx x-frame-options SAMEORIGIN etag W/"0191af4d95c6f742b551f06c6d072de0" x-ratelimit-remaining 19954 access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://snyk.io x-intercom-version 98cb90071dda6fd76cad4080789ed23418a0bf2f cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-ratelimit-reset 1604343480 x-ratelimit-limit 20000 access-control-allow-headers Content-Type x-content-type-options nosniff
GET H2	200	MarketingAutomation Show response trackingapi.trendemon.com/api/	95 B 232 B	137ms 136ms	Script application/x-javascript	3.94.71.171 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trackingapi.trendemon.com/api/MarketingAutomation?AccountId=2025&ClientUrl=aHR0cHM6Ly9zbnlrLmlvL2Jsb2cvcmVtb3RlLWNvZGUtZXhlY3V0aW9uLXJjZS1zb3VybWludC8%3D&CookieId=16043434766609749&MaCookie=ZjgyYWZkYTM2OTNjMGEzNzk5Njk5ZGE4MzY3YjU2Yjc%3D&MaCookieName=aHVic3BvdHV0aw%3D%3D&MaName=hubspot&callback=jsonp189959&vid=2025:16043434766609749 Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/scripts/2025/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.71.171 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-71-171.compute-1.amazonaws.com Software Kestrel / Resource Hash 6110ea06e5396e0464e75482b9dfbad28b9368ae8d81b18c6ac42efa101901c0 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 pragma no-cache date Mon, 02 Nov 2020 18:57:57 GMT cache-control no-store,no-cache server Kestrel content-length 95 content-type application/x-javascript; charset=UTF-8
GET H2	200	cta.css assets.trendemon.com/global/	3 KB 1 KB	37ms 37ms	Stylesheet text/css	13.224.194.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.trendemon.com/global/cta.css Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/scripts/2025/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.81 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-81.fra2.r.cloudfront.net Software / Express Resource Hash f9b841b51667180d3f615b5a62a59e0b496dbe9c7787963e10c6a801c72d89d8 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 14:53:34 GMT content-encoding gzip age 14670 x-powered-by Express x-cache Hit from cloudfront status 200 access-control-allow-origin * trd-ts 2020-11-01T14:53:25.856Z last-modified Sun, 01 Nov 2020 14:48:56 GMT etag W/"a31-17584485bc0" vary Accept-Encoding content-type text/css; charset=UTF-8 via 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront) cache-control public, max-age=86400 x-amz-cf-pop FRA2-C1 accept-ranges bytes x-amz-cf-id BMyCIrAAiOl7x9GWQGq1rOCMDHeUXe4_C9omvTZ8EPa5DqaIzsPBQQ==
GET H2	200	pageview trackingapi.trendemon.com/api/events/	43 B 234 B	153ms 153ms	Image image/gif	3.94.71.171 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://trackingapi.trendemon.com/api/events/pageview?accountId=2025&url=aHR0cHM6Ly9zbnlrLmlvL2Jsb2cvcmVtb3RlLWNvZGUtZXhlY3V0aW9uLXJjZS1zb3VybWludC8%3D&cookie=16043434766609749&referral=&vid=2025:16043434766609749&r=1604343477571 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.71.171 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-71-171.compute-1.amazonaws.com Software Kestrel / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 02 Nov 2020 18:57:57 GMT server Kestrel age 1691358 content-type image/gif status 200 cache-control no-cache, no-store, must-revalidate content-length 43 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response trackingapi.trendemon.com/api/cta/personal/	1 KB 2 KB	153ms 153ms	Script application/x-javascript	3.94.71.171 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://trackingapi.trendemon.com/api/cta/personal/?AccountId=2025&ClientUrl=aHR0cHM6Ly9zbnlrLmlvL2Jsb2cvcmVtb3RlLWNvZGUtZXhlY3V0aW9uLXJjZS1zb3VybWludC8%3D&FirstVisitTime=1604343478&ClientCookies=dHJkX2V4aXRpbnRlbnRjbGllbnQ9MTYwNDM0MzQ3NzU3MjE0NTgmdHJkX3NpZD0xNjA0MzQzNDc3NTcwNjg3OCZ0cmRfY2lkPTE2MDQzNDM0NzY2NjA5NzQ5JnRyZF9wdz0xJnRyZF9wd3M9MSZ0cmRfZmlyc3RfdmlzaXQ9MTYwNDM0MzQ3OCZ0cmRfY3RhaGlzdG9yeT1bXQ%3D%3D&callback=jsonp300693&vid=2025:16043434766609749 Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/scripts/2025/main.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.94.71.171 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-94-71-171.compute-1.amazonaws.com Software Kestrel / Resource Hash 2ff9fc3dea2e6c71366c612b818378eed03a7b4d8f9843d6b74180d49070d8b4 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Mon, 02 Nov 2020 18:57:57 GMT server Kestrel content-length 1531 content-type application/x-javascript; charset=UTF-8
GET H3-Q050	200	css fonts.googleapis.com/	2 KB 641 B	92ms 92ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic-ext Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/global/cta.css Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://assets.trendemon.com/global/cta.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff status 200 alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 02 Nov 2020 18:57:57 GMT server ESF date Mon, 02 Nov 2020 18:57:57 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 02 Nov 2020 18:57:57 GMT
GET H3-Q050	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v18/	9 KB 9 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:818::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic-ext Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://snyk.io Referer https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 30 Oct 2020 09:05:25 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:28 GMT server sffe age 294752 status 200 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9132 x-xss-protection 0 expires Sat, 30 Oct 2021 09:05:25 GMT
GET H2	200	6947.json Show response assets.trendemon.com/templates/2025/	18 KB 5 KB	113ms 38ms	XHR application/json	13.224.194.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.trendemon.com/templates/2025/6947.json Requested by Host: assets.trendemon.com URL: https://assets.trendemon.com/scripts/2025/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.194.81 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-81.fra2.r.cloudfront.net Software / Express Resource Hash 1a583b7bb9c5710071049f253b98d254d38d1cd847c6727ce89c16b0de772e30 Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 02 Nov 2020 14:56:10 GMT content-encoding gzip trd-ts 2020-11-01T14:54:45.471Z age 14507 status 200 x-powered-by Express vary Accept-Encoding x-cache Hit from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * etag W/"494b-KxT5Q9uTnJXngO4hYgo97S39Mw0" x-amz-cf-pop FRA2-C1 x-amz-cf-id BDVle-B9ZLNwZbsR89rRXS6WCZP5oYdqTwdcnuzczs8yPOBoKYqnQg== via 1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
GET H/1.1	200 OK	5e2aeda0d8ea69b32f81fe9b71444c5b.png d1ysmqklpsb9ih.cloudfront.net/tasks_logo/2025/	42 KB 42 KB	163ms 61ms	Image image/png	13.224.194.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1ysmqklpsb9ih.cloudfront.net/tasks_logo/2025/5e2aeda0d8ea69b32f81fe9b71444c5b.png Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.224.194.126 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-194-126.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash f87afab1d5103aa360be7969f7c0b5e6eecd68f79d39d9af0056b3c9082561fb Request headers Referer https://snyk.io/blog/remote-code-execution-rce-sourmint/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 Date Sat, 26 Sep 2020 05:44:13 GMT Via 1.1 dde0b4b1e223fa23670e93078a04c116.cloudfront.net (CloudFront) Last-Modified Wed, 23 Sep 2020 20:55:50 GMT Server AmazonS3 Age 3244426 ETag "217224e3799e63e9eea7b23ca12d467e" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive X-Amz-Cf-Pop FRA2-C1 Accept-Ranges bytes Content-Length 42945 X-Amz-Cf-Id zZ0YDgeSXOb9aWepmfUwgNf_5GYpK4VloYveSJ0RVe2SEOWeKjBAwQ== Expires Mon, 23 Sep 2030 20:55:49 GMT