staging.hackr.io Open in urlscan Pro
3.12.141.49  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request xss-cheat-sheet Show response staging.hackr.io/blog/	201 KB 44 KB	1290ms 741ms	Document text/html	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash b66607c8729a23dd75f31c0f9bdd0996294be6530a53b0d5d75dfc6d176740f5 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache, private max-age=31536000 Cache-control no-cache="set-cookie" Connection keep-alive Content-Encoding gzip Content-Length 43473 Content-Type text/html; charset=UTF-8 Date Sun, 16 Apr 2023 22:52:18 GMT Expires Mon, 15 Apr 2024 22:52:17 GMT Referrer-Policy strict-origin-when-cross-origin Server Apache/2.4.56 () OpenSSL/1.0.2k-fips Vary X-Forwarded-Proto,Accept-Encoding,User-Agent X-Content-Type-Options nosniff X-Frame-Options DENY X-XSS-Protection 1; mode=block
GET H2	200	Inter-Regular.ttf cdn.hackr.io/fonts/	303 KB 303 KB	579ms 26ms	Font binary/octet-stream	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hackr.io/fonts/Inter-Regular.ttf Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 06:52:16 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Tue, 04 Apr 2023 01:39:34 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 57603 x-amz-server-side-encryption AES256 etag "079af0e2936ccb99b391ddc0bbb73dcb" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type binary/octet-stream cache-control 604800 accept-ranges bytes content-length 309828 x-amz-cf-id l__DRj4cQmD32q8Xq2BJtT4KSD8Aei9_rDqXoDLRCtinjiw3DA8hDQ==
GET H/1.1	200 OK	app.08c0cf32.css staging.hackr.io/build/assets/	42 KB 8 KB	551ms 550ms	Stylesheet text/css	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/app.08c0cf32.css Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 08c0cf32c5b0514d4ce68393cb9bb3c7aeadb9c0ebe2a4418481b14124fb0bb9 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/blog/xss-cheat-sheet User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:18 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "a94d-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 7812 Expires Mon, 15 Apr 2024 22:52:18 GMT
GET H/1.1	200 OK	newsletter.2a7c30c6.js Show response staging.hackr.io/build/assets/	458 B 755 B	670ms 118ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/newsletter.2a7c30c6.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 5b8db4950e45a422fa6901b04bd369452095082ac6a09890fd56314d9fee5327 Request headers Referer https://staging.hackr.io/blog/xss-cheat-sheet Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:18 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "1ca-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 321 Expires Mon, 15 Apr 2024 22:52:18 GMT
GET H/1.1	200 OK	toc.2236a47d.js Show response staging.hackr.io/build/assets/	298 B 648 B	670ms 118ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/toc.2236a47d.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 42b1341948cbde3b7a060aeb9f680986302e1ef73fbbc94f8c59d0f18a3a37bc Request headers Referer https://staging.hackr.io/blog/xss-cheat-sheet Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:18 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "12a-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 214 Expires Mon, 15 Apr 2024 22:52:18 GMT
GET H2	200	monetization.js Show response m.servedby-buysellads.com/	65 KB 14 KB	62ms 26ms	Script application/javascript	151.139.128.10 STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://m.servedby-buysellads.com/monetization.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US), Reverse DNS map3.hwcdn.net Software AmazonS3 / Resource Hash 5ac6c587a461bff625564655736dd17ca8ff0a8d7576f145883fcb0cc65a0bd9 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:18 GMT content-encoding gzip last-modified Tue, 28 Mar 2023 15:07:02 GMT server AmazonS3 x-amz-request-id F0DEZADMY767S68N etag "46a6992873433c305163612f73437b78" x-amz-server-side-encryption AES256 x-hw 1681685538.cds141.fr8.hn,1681685538.cds254.fr8.c content-type application/javascript access-control-allow-origin * cache-control max-age=1401 accept-ranges bytes content-length 14413 x-amz-id-2 G7Lv5nnbU4nK4DMBXlXtzoI1JclkPBrzTn9N4cgU2SPntQ3ePnV0PPNkDu8bB+EhVkcJ+l21Wwk=
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	77 KB 26 KB	124ms 76ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0b03da165e02fba94f7459285010e89f1065b11b2812df524699f00fd90fb546 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25617 x-xss-protection 0 server cafe etag 69 / 19463 / m202304110101 / config-hash: 11787412583201714567 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 16 Apr 2023 22:52:19 GMT
GET H2	200	20aab45f-8a42-4fd0-bc4d-729df103a012.js Show response clientcdn.pushengage.com/core/	118 KB 29 KB	105ms 38ms	Script application/javascript	2400:52e0:1e00::1053:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://clientcdn.pushengage.com/core/20aab45f-8a42-4fd0-bc4d-729df103a012.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1053 / Resource Hash 63d5e10287d5e03ab699a20105746e29a44f196b5794ba55e09dce6a4c660088 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding br cdn-edgestorageid 1081 cdn-cachedat 04/16/2023 22:46:55 cdn-pullzone 1148540 server BunnyCDN-DE1-1053 cdn-proxyver 1.03 cdn-requestpullcode 200 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache STALE cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd cache-control public, max-age=180 cdn-requestid f5cd1ca53159bc01333171d17a9195ce cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	/ Show response snippet.affilimate.io/	841 B 722 B	78ms 41ms	Script text/javascript	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://snippet.affilimate.io/ Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4a0ab5185dbddeef86a91a22a354bdb57f892945e356702d767d2ff36f80d383 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-served-by cache-fra-eddf8230096-FRA strict-transport-security max-age=31556926 content-encoding br date Sun, 16 Apr 2023 22:52:19 GMT last-modified Mon, 03 Apr 2023 09:54:03 GMT x-timer S1681685539.974221,VS0,VE35 etag "ef7fc61d6e8a646014da3eb5cca25df0e76fb4ddde6d6348d1c38a32e27eac7e-br" vary x-fh-requested-host, accept-encoding x-cache MISS content-type text/javascript; charset=utf-8 cache-control no-cache accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 371 x-cache-hits 0
GET H2	200	16806966093bASZ05PD2.webp cdn.hackr.io/uploads/posts/small/	14 KB 14 KB	81ms 77ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/16806966093bASZ05PD2.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e5a828752ce2fb9a2f4deebb48720712f82bccae4258bf2861085b136ba19a6c Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 04:18:51 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 12:10:11 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 66808 x-amz-server-side-encryption AES256 etag "d9ccd28c909fe3fd58dfbd16c132a2d3" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 14036 x-amz-cf-id 1e7ks5736HUxs5iqtWtBI_YbU7Sv93k6201gH6wLDA2D2sybSo2e8Q==
GET H2	200	167700504325oXpFT07h.webp cdn.hackr.io/uploads/posts/small/	14 KB 15 KB	89ms 86ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/167700504325oXpFT07h.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cfdcd5ce870eefae1ecf4c8f564ead50ca30be269d5222007e7699748c785e8f Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 20:24:22 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 02:04:37 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 8877 etag "cbcb352d92d47315c2f223cff5cf9054" x-amz-server-side-encryption AES256 vary Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 14484 x-amz-cf-id IhH2fXrkJ1wyUVCws6Fkfp090UeiCP-Qs3ic3OJagKeb4WAKeaA3nA==
GET H2	200	168025082784GhPYdSN8.webp cdn.hackr.io/uploads/posts/small/	11 KB 12 KB	90ms 87ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/168025082784GhPYdSN8.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dc25998dd313604b741cf92a98d2f6d9589b542cfaa638ca0ef33ea695353b22 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 20:24:22 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 02:07:06 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 8877 etag "818954403897237c533cfa0c66db1334" x-amz-server-side-encryption AES256 vary Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 11638 x-amz-cf-id XrGHNsY_vR0qx1oS6Bn7E3TdVUOXmwWO6AjKxXlZEMepwQrZiB3yog==
GET H2	200	16542900265LyU7uku0D.webp cdn.hackr.io/uploads/posts/small/	8 KB 9 KB	85ms 82ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/16542900265LyU7uku0D.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 21945b33b3e4540c12e4c0b8ad0827ab17c1492b5897147ab9bf326c41ba70b3 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 21:50:16 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 01:50:14 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 5284 x-amz-server-side-encryption AES256 etag "18c5ff22dd93a26d48d17f88712fe8e1" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 8436 x-amz-cf-id u7GBkQ_D5sBYVKR8_lUrM1tdiVNGJCm6cfHe2UnxitVx0ugVOZQEjA==
GET H2	200	1621526192qMAkkvCA7g.webp cdn.hackr.io/uploads/posts/small/	8 KB 9 KB	81ms 78ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/1621526192qMAkkvCA7g.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ce49704b7c95dfec14511f266ef993458832231b2458a57e85bbd04c7766f45d Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 21:50:16 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 01:52:35 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 5267 x-amz-server-side-encryption AES256 etag "5fe83e52ed3961a71e7bae39b6218ee6" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 8678 x-amz-cf-id apM-WmJMCluzYwGk26mGVwNv8Zio1jDK2CHIsHktDFM27hb41x0HLQ==
GET H2	200	1670133772FgKTvzxWXt.webp cdn.hackr.io/uploads/posts/small/	13 KB 13 KB	81ms 78ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/1670133772FgKTvzxWXt.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1b7dbc5d743bd6177f0adbb87df510b364eab419b8e697c43d20f4da21f932c9 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 03:57:57 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 02:00:38 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 68062 x-amz-server-side-encryption AES256 etag "d3c81a904ffa5602f58f9bb54435ccf7" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 13368 x-amz-cf-id EPdWPvdowxNeoqnX6863e1yZPkWobr_OVYFHdNMR286iHT6Fof-P4Q==
GET H2	200	1655340997cwomLm6k5h.webp cdn.hackr.io/uploads/posts/small/	15 KB 15 KB	81ms 78ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/1655340997cwomLm6k5h.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2bf861573164692ae67cc18fa484aded25bad402f8cd571aa97f681cf875bf5 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 03:57:57 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 01:56:54 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 68062 x-amz-server-side-encryption AES256 etag "29d0df55cbc29eee2492dc8ce7eca443" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 15302 x-amz-cf-id WaQscC8THclJ3nBy9GhcfS6t-Uu2XKQLlah7Y0IqayQ1MCCbyGM_7A==
GET H2	200	16442576428Vo88giqoc.webp cdn.hackr.io/uploads/posts/small/	11 KB 11 KB	86ms 83ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/16442576428Vo88giqoc.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 09df3775dece9543f27a4d54b93250b99ddae851687fa53e7d8fc74e2479c07f Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 17:01:41 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 01:54:40 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 22680 x-amz-server-side-encryption AES256 etag "c307034dfc9834a8f5ef95ec529f65e1" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 11006 x-amz-cf-id -nIfNW9dMEwcN4Ag9K54pFYJlgFt0rFk203md3htM0eBPx768KjTGQ==
GET H2	200	1659629898wLsoKPUCYn.webp cdn.hackr.io/uploads/posts/small/	6 KB 6 KB	85ms 82ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/1659629898wLsoKPUCYn.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7f2f1398067666036c12e4984d8b0320e156e436e3461858fb72abf96d2b4b16 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 08:10:23 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 01:58:01 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 52916 x-amz-server-side-encryption AES256 etag "c6586907447a1756ab30c97807633af8" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 6026 x-amz-cf-id UnG9rtAvEHnSDgOGw-kXXW7kGji17q14enDmuye-akUCsJpjsifK0w==
GET H2	200	1673686472t0H7zkoYlV.webp cdn.hackr.io/uploads/posts/small/	10 KB 11 KB	85ms 83ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/1673686472t0H7zkoYlV.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2ca1af3493814bee9a916c5ed720b86988d32c91977f0ff7f06829476901071c Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 06:12:41 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 02:02:25 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 59977 x-amz-server-side-encryption AES256 etag "385f8cfe9cbd0abb267b9329f12d27ae" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 10682 x-amz-cf-id NIXvOy1Sg7IW8HDNpURf91h33OFhl6Q7CEqzSYN3XCRJ_-36MxEICA==
GET H2	200	1570190199727DINLouL.webp cdn.hackr.io/uploads/posts/small/	7 KB 7 KB	85ms 82ms	Image image/webp	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/posts/small/1570190199727DINLouL.webp Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c3acbcc2284347596454d881bb7dae4b5133e5afd9cfdfdf6fe097a64509ecf4 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 21:50:16 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 05 Apr 2023 01:40:07 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 13041 x-amz-server-side-encryption AES256 etag "a53afe7c539bf1eef6a34107a2140950" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/webp accept-ranges bytes content-length 6774 x-amz-cf-id elDNEmuZ8aw9hTldGUwVt1xl-QcxRmomvqui60wGd-pq2JGo2SPx8g==
GET H/1.1	200 OK	youtube-icon-white.png s3.us-east-2.amazonaws.com/hackr.io-production/assets/images/	13 KB 13 KB	427ms 147ms	Image image/png	52.219.109.145 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.us-east-2.amazonaws.com/hackr.io-production/assets/images/youtube-icon-white.png Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.109.145 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash 761932b546d167fd12090fd5d2cae7bb15a02270b40e10e3a6e041e02cf79dd0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:20 GMT Last-Modified Tue, 04 Apr 2023 01:39:06 GMT Server AmazonS3 x-amz-request-id A64TS817QS1XACQA ETag "3cfbc995df96e1ace93e0d23e5884b3e" x-amz-server-side-encryption AES256 Content-Type image/png Cache-Control 604800 Accept-Ranges bytes Content-Length 13195 x-amz-id-2 2VBiEnxHRHu6RP2T9LlzF+9EkaGiYyJYVNt8UZW/77p2e+0OUPYa+s5y6RSkLb6q6e67oZrZtR8=
GET H/1.1	200 OK	navbar.6c8f1787.js Show response staging.hackr.io/build/assets/	9 KB 4 KB	224ms 120ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/navbar.6c8f1787.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 85c9bf95880a2cc7166d64b8ffec2f9ff0a6cc8edb6d5c40b282d671e01a896a Request headers Referer https://staging.hackr.io/blog/xss-cheat-sheet Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "2396-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 3247 Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H/1.1	200 OK	footer.d135660c.js Show response staging.hackr.io/build/assets/	5 KB 2 KB	224ms 120ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/footer.d135660c.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash e8c4e8be4a9e40feb3642c317c82868c9ee470b3513b9f09f2f67726623d4853 Request headers Referer https://staging.hackr.io/blog/xss-cheat-sheet Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "15bf-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 2040 Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H/1.1	200 OK	coupon.bea58541.js Show response staging.hackr.io/build/assets/	311 B 656 B	226ms 117ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/coupon.bea58541.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 946a055eb2252bc1e5ca414efe67a832588edb8a4a38ba9f47174f7bfcf45436 Request headers Referer https://staging.hackr.io/blog/xss-cheat-sheet Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "137-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 222 Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H2	200	display.min.js Show response widgets.jobbio.com/partner_fluid_widgets_v1.6.1/	31 KB 4 KB	121ms 24ms	Script application/javascript	2600:9000:2127:e600:15:f55c:78c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e600:15:f55c:78c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6395ff1c21cadc9d5c2ed5f42c66ac191ec8cdeaaf750a88afc16f1418d5c5fc Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 07:21:27 GMT content-encoding gzip via 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront) last-modified Fri, 31 Mar 2023 19:35:19 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 55907 x-amz-server-side-encryption AES256 etag W/"ae895056fada5e1f4949e2d03ab3a6e9" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id AGMlca2RMccV1spB1BQTZwoHCgQGwHrig8enX2R-aV1lzl_-u4LwaQ==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	86ms 25ms	Script text/javascript	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 16 Apr 2023 22:11:32 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 2447 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20085 expires Mon, 17 Apr 2023 00:11:32 GMT
GET H2	200	v2kxoQpEJBKhkeeh4lQa_vewl5LR4YJ0ZQ9009fm7sY89SyHjrwrT0h5pDFr0MFg4 Show response stakingsmile.com/	60 KB 22 KB	84ms 24ms	Script text/javascript	2600:1901:0:7a38::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stakingsmile.com/v2kxoQpEJBKhkeeh4lQa_vewl5LR4YJ0ZQ9009fm7sY89SyHjrwrT0h5pDFr0MFg4 Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7a38::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 2838b2c6ae08d9462f4a1d0413731f80255de2c5cb0e2fb578c1b660238d33e0 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=15724800; preload content-encoding br via 1.1 google date Sun, 16 Apr 2023 22:52:19 GMT x-datacenter gce-europe-west1 etag "d18247584cc11b9560dbd3a77684d282ec27016eca42cb9f2aaf403f8348b561" x-buildname hoothoot vary Accept-Encoding, Accept-Language x-hostname fen-hoothoot-europe-west1-spot-tzkm content-type text/javascript; charset=utf-8 cache-control private, must-revalidate, max-age=21600 x-buildnumber 832971200 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H2	200	hotjar-2846963.js Show response static.hotjar.com/c/	9 KB 4 KB	169ms 59ms	Script application/javascript	143.204.55.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2846963.js?sv=6 Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.55.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-55-98.osl50.r.cloudfront.net Software / Resource Hash ad7e4586497efecfcaad92272c304f91a6af0677e898f5bd95dc451331a51a03 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sun, 16 Apr 2023 22:52:19 GMT via 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront) x-amz-cf-pop OSL50-C1 age 30 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/0a29a1354cac18ac0d5bcdc8d6104128 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id lRlGMeAmqSfK7R1DJ9IeifQjoObCH3nUajVCglfaaqZtal4U4n6WNQ==
GET H2	200	get-loader.js Show response loader.wisepops.com/	76 KB 23 KB	57ms 27ms	Script text/javascript	2606:4700:20::681a:a13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://loader.wisepops.com/get-loader.js?v=1&site=wSxpUczSnq Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10a75420cb4f8a7feda91f37d9e1e6cd0f40e85cee1deda62d02ed57adeedd75 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding br cf-cache-status HIT last-modified Sun, 16 Apr 2023 22:49:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 165 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlYN6MkL%2BC3MycaFDgQZwlJF16ZFF5%2FlWuQ1xvum0BIxGqzTaTShe2wze5i2UWg5RgQp%2BXy8YO%2Bf%2FghaetJGvdE586YPEdfo9XMf1YYSaCigEsPKEzQNwhGsS95ZanWlJhG3iKHTZjrXdhxeSegsxpU%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript x-cloud-trace-context 1ad5c50e0c4fbbe640947d699c329768 cache-control private, max-age=1800 cf-ray 7b8fff7afbad9bc5-FRA
GET H2	200	AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY= Show response fundingchoicesmessages.google.com/f/	24 KB 10 KB	87ms 43ms	Script application/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxU1e4IVFQDjlr400RZXIpdeMVnELRzxk5pphErcvpa-1j6qilBN02V9GKxtJRzTNcd2tMfxoBjzkKdZja4gCNY= Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 144efea5c6b9ddf2386d958f3b68560bdb3bd6afae421b5a47a21775ae4eaf6e Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cmxTvJEeFQIR-tmoHjBvbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-cmxTvJEeFQIR-tmoHjBvbQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	Futura-500.ttf cdn.hackr.io/fonts/	38 KB 38 KB	75ms 28ms	Font binary/octet-stream	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hackr.io/fonts/Futura-500.ttf Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d068c3d5a12ddeb0abf538b1267d3389db8beb13241a9c5b31781c61fdf7cc3e Request headers Referer https://staging.hackr.io/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 06:22:40 GMT via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 59380 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 38764 last-modified Tue, 04 Apr 2023 01:39:34 GMT server AmazonS3 etag "ee64fb9d3f1ba2333e1b489283925bce" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control 604800 accept-ranges bytes x-amz-cf-id ucx4sjQX1mw4N-TDpo4cqdWgrAjqWEd2jxRgtQ_tymO_T7OiacATUQ==
GET H2	200	Inter-Regular.ttf cdn.hackr.io/fonts/	303 KB 303 KB	74ms 27ms	Font binary/octet-stream	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hackr.io/fonts/Inter-Regular.ttf Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 41ab0f707a2bfab8133ccdfcdab52282f5f79e5751f43a264805451c7bb95fb8 Request headers Referer https://staging.hackr.io/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 06:52:16 GMT via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 57604 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 309828 last-modified Tue, 04 Apr 2023 01:39:34 GMT server AmazonS3 etag "079af0e2936ccb99b391ddc0bbb73dcb" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control 604800 accept-ranges bytes x-amz-cf-id EfqC60ibJGJdeIJe5-6d1sGii4idxM0pmun98ZMB4Ry8pDqPA-mWiA==
GET H2	200	Inter-Bold.ttf cdn.hackr.io/fonts/	309 KB 309 KB	160ms 114ms	Font binary/octet-stream	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hackr.io/fonts/Inter-Bold.ttf Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 790c108befe859dac2ddbd20af3fbb6917c601b3d544c8a05761519f3b5508fe Request headers Referer https://staging.hackr.io/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 06:53:32 GMT via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 57528 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 316100 last-modified Tue, 04 Apr 2023 01:39:34 GMT server AmazonS3 etag "275bfea5dc74c33f51916fee80feae67" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control 604800 accept-ranges bytes x-amz-cf-id XwXZujKX0wy8NSpIjUcj9YobePS-04p0FI6-Aa7gZIYzp-DAoWGVQw==
GET H2	200	Inter-Medium.ttf cdn.hackr.io/fonts/	307 KB 308 KB	73ms 26ms	Font binary/octet-stream	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hackr.io/fonts/Inter-Medium.ttf Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 10d48331f5b3c7362ca357b00c17ac4863ad35199b13b0eceb0962c8c1ad7dc9 Request headers Referer https://staging.hackr.io/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 06:26:34 GMT via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 59145 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 314712 last-modified Tue, 04 Apr 2023 01:39:34 GMT server AmazonS3 etag "ed533866b5c83114c7dddbcbc2288b19" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control 604800 accept-ranges bytes x-amz-cf-id PmBuGIjrnQx1TE9SQGrI9uNLwvy3laT9sLI5ige0_DQGMM-kToj8Iw==
GET H2	200	Futura-700.ttf cdn.hackr.io/fonts/	38 KB 39 KB	73ms 27ms	Font binary/octet-stream	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hackr.io/fonts/Futura-700.ttf Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ad46885f3796b7623672e89925351aff9687c120c050207d1bee488b637f8c77 Request headers Referer https://staging.hackr.io/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 05:26:23 GMT via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 62757 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 38980 last-modified Tue, 04 Apr 2023 01:39:34 GMT server AmazonS3 etag "3ea9695ee3af8a5e17413f22249f361a" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control 604800 accept-ranges bytes x-amz-cf-id LHcchjlsZ2n-Jp05fDtHisDHy5jGV34IULfUvKpeom1ivMY9bj3sbw==
GET H2	200	Inter-SemiBold.ttf cdn.hackr.io/fonts/	308 KB 309 KB	73ms 27ms	Font binary/octet-stream	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.hackr.io/fonts/Inter-SemiBold.ttf Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e8cbc2b88bc4268237ff5e251776d3c54edcb14e015a9e66e4883bde4b55f13f Request headers Referer https://staging.hackr.io/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 06:53:32 GMT via 1.1 6ec6c63eb2f7ec00507af95b1621674c.cloudfront.net (CloudFront) x-amz-cf-pop PRG50-C1 age 57528 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 315756 last-modified Tue, 04 Apr 2023 01:39:34 GMT server AmazonS3 etag "07a48beb92b401297a76ff9f6aedd0ed" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control 604800 accept-ranges bytes x-amz-cf-id e4q1qOAbHDv48g8yfrm9P_Bs6PYhpep-VnORJSD6Sp4TgCYZXJDysA==
GET H2	200	Samumedewar.jpeg cdn.hackr.io/uploads/users/small/	5 KB 5 KB	23ms 23ms	Image image/jpeg	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/uploads/users/small/Samumedewar.jpeg Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9f6f70aba1d3ef3154362781229270ec129d86b84e79509662eae0586c908f72 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 03:50:05 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Wed, 16 Nov 2022 11:58:58 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 68535 x-amz-server-side-encryption AES256 etag "4df11543766eba06a0078bd028bd91b5" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/jpeg accept-ranges bytes content-length 5156 x-amz-cf-id NoVwcdIwn2GnFDQnbgTY06DUSPOtmQDNIxSu1XO62cnHbQxndi5O7g==
GET H2	200	affilimate-sm.js Show response snippet.affilimate.io/	21 KB 7 KB	23ms 7ms	XHR text/javascript	151.101.1.195 FASTLY
General Check archive.org Show headers Download Go to Full URL https://snippet.affilimate.io/affilimate-sm.js?v=93f57148a Requested by Host: snippet.affilimate.io URL: https://snippet.affilimate.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.195 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 09667da43d266be97caf6289cb15f20f018126081308130f42268a269e98f3a1 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31556926 content-encoding br date Sun, 16 Apr 2023 22:52:19 GMT x-cache HIT alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 6647 x-served-by cache-fra-eddf8230124-FRA last-modified Mon, 03 Apr 2023 09:54:03 GMT x-timer S1681685539.081613,VS0,VE0 etag "3bcb3e81bb87352ad46552be5cb6f2b8b3bda843e2799d9b05d017651b1b4f35-br" vary x-fh-requested-host, accept-encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=2628000 accept-ranges bytes x-cache-hits 7404
GET H/1.1	200 OK	vue.esm-bundler.01607869.js Show response staging.hackr.io/build/assets/	132 KB 52 KB	149ms 149ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/vue.esm-bundler.01607869.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 20ad537f80b9304632e99d1d1f3106381168b1d88112de24db13790b7ee45767 Request headers Referer https://staging.hackr.io/build/assets/toc.2236a47d.js Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "21184-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent transfer-encoding chunked Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H/1.1	200 OK	axios.f257fe29.js Show response staging.hackr.io/build/assets/	26 KB 11 KB	225ms 131ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/axios.f257fe29.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 5fffc672e3936329ca76dd70a023369fb10e7a4163692042b2913e6b77d8baab Request headers Referer https://staging.hackr.io/build/assets/newsletter.2a7c30c6.js Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "69a9-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 10558 Expires Mon, 15 Apr 2024 22:52:19 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 209 B	22ms 21ms	XHR text/plain	2a00:1450:4001:808::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j99&a=971793970&t=pageview&_s=1&dl=https%3A%2F%2Fstaging.hackr.io%2Fblog%2Fxss-cheat-sheet&ul=en-us&de=UTF-8&dt=Download%20XSS%20Cheat%20Sheet%20PDF%20for%20Quick%20References&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1152678036&gjid=1887786267&cid=462906059.1681685539&tid=UA-47735927-8&_gid=991257473.1681685539&_r=1&_slc=1&cd1=loggedout&cd2=Cheat%20Sheet&z=1602724860 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://staging.hackr.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 16 Apr 2023 22:52:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://staging.hackr.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	200	/ activity.wisepops.com/	0 0	170ms 118ms	Preflight	2606:4700:20::ac43:4adc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activity.wisepops.com/?v=1.4.2&site=wSxpUczSnq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://staging.hackr.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-origin * access-control-max-age 1800 allow GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH cf-cache-status DYNAMIC cf-ray 7b8fff7bbb2c373b-FRA content-length 0 date Sun, 16 Apr 2023 22:52:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GH96wevq32nbJ3ceal9DSarZAvqymniu1EHuEswtTgVp6ngCqiRjjCVKrNO1qYzN%2BnS1ochmoUBjnIMaPSusX%2FaiMYZI6dfj5zhSS1rytz1w25t5B3LDcoFM7aF8EjnYP%2B5meXAK9qswRhDJwD%2BXdHcjRA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Origin Access-Control-Request-Method Access-Control-Request-Headers
POST H2	200	my-wisepop Show response popup.wisepops.com/	335 B 790 B	226ms 172ms	XHR application/json	2606:4700:20::ac43:4adc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://popup.wisepops.com/my-wisepop Requested by Host: loader.wisepops.com URL: https://loader.wisepops.com/get-loader.js?v=1&site=wSxpUczSnq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e31d61bd149d03e600a93fb2ae46c8439af9521cea91eae5a8e1cb7c664f9e4 Request headers Accept application/json Referer https://staging.hackr.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding access-control-allow-methods OPTIONS, POST, GET content-type application/json access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzOuzwwL6uebgeVeXkZUAul1fB1dRK3%2BfK328veCjfPeb3ve14lGGgmB1i7QT%2B%2F2Vdt6yxWfbfgwmQBxp644L9MmIqua5r8Ml33HveoGdYxo10q1HJIHEWth9qhrlbbUm2ZrN7vVG3vh2n%2Bomd%2BYfg%3D%3D"}],"group":"cf-nel","max_age":604800} x-cloud-trace-context 5dab87f853509f8e8985cd7ad638be54 cache-control no-store cf-ray 7b8fff7ba8a95c92-FRA access-control-allow-headers *
POST H2	200	/ Show response activity.wisepops.com/	0 269 B	123ms 123ms	XHR text/plain	2606:4700:20::ac43:4adc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://activity.wisepops.com/?v=1.4.2&site=wSxpUczSnq Requested by Host: loader.wisepops.com URL: https://loader.wisepops.com/get-loader.js?v=1&site=wSxpUczSnq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4adc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://staging.hackr.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type application/json Response headers date Sun, 16 Apr 2023 22:52:19 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a22FlBJFN1xT5LPs5QNv0i%2F7qzOtBvx0UU1LymQ5nCwlOtGX5yJctI3qlb9SiBixEzJ%2BeEOhE%2FzaExac5aFlz0yxHZHarUphkKpvp1a9FpeYLuTK1KJKMwOwrRyKXYgkf7ApI8TAslxJ7UWH2LA2sjuYuw%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 7b8fff7c7bbc373b-FRA content-length 0
GET BLOB	200 OK	ca12b66c-a8b5-46cc-94ea-d7e0098a496c Show response https://staging.hackr.io/	21 KB 0		Script text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://staging.hackr.io/ca12b66c-a8b5-46cc-94ea-d7e0098a496c Requested by Host: snippet.affilimate.io URL: https://snippet.affilimate.io/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 09667da43d266be97caf6289cb15f20f018126081308130f42268a269e98f3a1 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Content-Length 21714 Content-Type text/javascript
POST H2	200	collect Show response stats.g.doubleclick.net/j/	8 B 353 B	105ms 41ms	XHR text/plain	2a00:1450:400c:c0b::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-47735927-8&cid=462906059.1681685539&jid=1152678036&gjid=1887786267&_gid=991257473.1681685539&_u=YEBAAEAAAAAAACAAI~&z=795230518 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash cb4898e73fb1780e9324487d4c2da6a39bb2b7a4789af30cd5c951f1ef982a96 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://staging.hackr.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 16 Apr 2023 22:52:19 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://staging.hackr.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pushengage.js Show response clientcdn.pushengage.com/	19 KB 6 KB	33ms 33ms	Script application/javascript	2400:52e0:1e00::1053:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://clientcdn.pushengage.com/pushengage.js Requested by Host: clientcdn.pushengage.com URL: https://clientcdn.pushengage.com/core/20aab45f-8a42-4fd0-bc4d-729df103a012.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1053 / Resource Hash 2df1753719c77f2f94c4c1cc08ec9f0cffc14c6f58112c09b231d40fb9c473c0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding br cdn-edgestorageid 752 cdn-cachedat 04/16/2023 22:49:33 cdn-pullzone 1148540 server BunnyCDN-DE1-1053 cdn-proxyver 1.03 cdn-requestpullcode 200 vary Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd cache-control public, max-age=180 cdn-requestid c1c9edad60712502f05223b6fd44e42d cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/	400 KB 124 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e06787d09c0170febea7e8d6ec75107fd88e6875072fdab051f36494e4a9784c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 21:51:35 GMT content-encoding br x-content-type-options nosniff age 3644 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126862 x-xss-protection 0 server cafe etag 16869941564567738629 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Mon, 15 Apr 2024 21:51:35 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	2 KB 547 B	110ms 64ms	XHR application/json	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=staging.hackr.io Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c15fcfc4c383dbce72e09a39293ac88635339b42078089d2283a083b92491ba0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 522 x-xss-protection 0 expires Sun, 16 Apr 2023 22:52:19 GMT
OPTIONS H2	204	tracking_v5-getConfig us-central1-affilimate.cloudfunctions.net//	0 0	238ms 132ms	Preflight text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-affilimate.cloudfunctions.net//tracking_v5-getConfig Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type,x-affilimate-api-token Access-Control-Request-Method POST Origin https://staging.hackr.io Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers access-control-allow-headers content-type,x-affilimate-api-token access-control-allow-methods GET,HEAD,PUT,PATCH,POST,DELETE access-control-allow-origin https://staging.hackr.io alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html date Sun, 16 Apr 2023 22:52:19 GMT function-execution-id 1h071kn5dv7c server Google Frontend vary Origin, Access-Control-Request-Headers x-cloud-trace-context eed60820ef8db54913d184fbf323b97c
POST H2	400	tracking_v5-getConfig Show response us-central1-affilimate.cloudfunctions.net//	14 B 201 B	614ms 610ms	XHR text/html	2001:4860:4802:36::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://us-central1-affilimate.cloudfunctions.net//tracking_v5-getConfig Requested by Host: staging.hackr.io URL: blob:https://staging.hackr.io/ca12b66c-a8b5-46cc-94ea-d7e0098a496c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash aec43e53593021b8ffa2085938360e2e5d270adfa16bce9c6f66e91a63238f81 Request headers Referer https://staging.hackr.io/ X-Affilimate-Api-Token DbyJ3SXLe accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type application/json Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding gzip server Google Frontend etag W/"e-4zmkD6Y6O7L7Qc4q0Dj0pk3OKgs" vary Origin content-type text/html; charset=utf-8 access-control-allow-origin https://staging.hackr.io x-cloud-trace-context d50ce7a20cdb423b2b699f98c51583c0 cache-control private function-execution-id 0wzntwqk34cg alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34
GET H2	200	skeleton.gif static.adsafeprotected.com/	43 B 484 B	98ms 9ms	Image image/gif	2600:9000:223f:3200:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://static.adsafeprotected.com/skeleton.gif?adunitid=saqdig&adnum=269908 Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 25 Jun 2022 14:52:58 GMT x-amz-version-id iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja via 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 25516761 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 last-modified Mon, 17 Aug 2020 23:55:15 GMT server AmazonS3 etag "45cf913e5d9d3c9b2058033056d3dd23" content-type image/gif cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id VF_5HHoZI_AmTIiddOWOM2URNJYlIjq1nAoBVuDqUG0KAbyVE0f1PQ==
GET H/1.1	200 OK	Popup.8aaf4865.js Show response staging.hackr.io/build/assets/	2 KB 1 KB	135ms 135ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/Popup.8aaf4865.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 7391978e2d65ef5909479b7e1ca58fd5baee4c814d132c6c26c0288763254b8a Request headers Referer https://staging.hackr.io/build/assets/navbar.6c8f1787.js Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "790-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 909 Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H/1.1	200 OK	submitTutorial.430e1c5c.js Show response staging.hackr.io/build/assets/	11 KB 4 KB	136ms 136ms	Script application/javascript	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/build/assets/submitTutorial.430e1c5c.js Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash ac53d737f9828fa1287273738da54d55ff2df8d789f354d2967cfc7402d96283 Request headers Referer https://staging.hackr.io/build/assets/navbar.6c8f1787.js Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Content-Encoding gzip Last-Modified Tue, 04 Apr 2023 04:31:58 GMT Server Apache/2.4.56 () OpenSSL/1.0.2k-fips ETag "2c08-5f87b27ec0b80-gzip" Vary X-Forwarded-Proto,Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 3354 Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H2	200	modules.f0ba8b655d2d90cf7a94.js Show response script.hotjar.com/	263 KB 68 KB	167ms 104ms	Script application/javascript	52.222.236.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.f0ba8b655d2d90cf7a94.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2846963.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.236.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-236-63.fra56.r.cloudfront.net Software / Resource Hash 662fc4f3f0124740414378b357488f186cca9937e1c2bd16da6a34c903d2d690 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 17:34:10 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 age 191889 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 68904 last-modified Fri, 14 Apr 2023 17:34:09 GMT etag "1443ed6147bd2b60dbf4236cc16806eb" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id EzxHTzfD97xirmDoUVuDYx2zLZiL1LXJslMtXrcHSa2G5nz7CTg4BA==
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	88ms 43ms	Image image/gif	2a00:1450:4001:82b::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47735927-8&cid=462906059.1681685539&jid=1152678036&_u=YEBAAEAAAAAAACAAI~&z=332703128 Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Sun, 16 Apr 2023 22:52:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com.ua/ads/	42 B 408 B	90ms 43ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com.ua/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-47735927-8&cid=462906059.1681685539&jid=1152678036&_u=YEBAAEAAAAAAACAAI~&z=332703128 Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers pragma no-cache date Sun, 16 Apr 2023 22:52:19 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	22535388737 Show response fundingchoicesmessages.google.com/i/	133 KB 45 KB	59ms 58ms	Script application/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/22535388737?ers=3 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304110101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4668a115254c4735e1bb40bb6276c05d142c6ccfcb18bec063493c21f070f297 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b41KT-xLGSop2Z3kSr-Qbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b41KT-xLGSop2Z3kSr-Qbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="ContributorServingWebSwitchboardHttp" server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site report-to {"group":"ContributorServingWebSwitchboardHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorServingWebSwitchboardHttp/external"}]} content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	412150.js Show response cdn.wisepops.com/shared/wisepops/f43841ea4066b62d09d0f2f90258d022/	476 KB 132 KB	65ms 45ms	Script text/javascript	2606:4700:20::681a:a13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.wisepops.com/shared/wisepops/f43841ea4066b62d09d0f2f90258d022/412150.js?v=1681223738000 Requested by Host: loader.wisepops.com URL: https://loader.wisepops.com/get-loader.js?v=1&site=wSxpUczSnq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2891f3a074f949ba7c8269b1a88273c9973f64de6bb27a55446b8c6711d53284 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 461475 x-guploader-uploadid ADPycdsL4m7N2Z2GGFOZIPqKqAsktchDUuEI0jionKnjf7Dviia2CsuqVXqMBxDK7BpMlcUIH-jpn7jUnj4OxML6tThlfw x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity last-modified Tue, 28 Mar 2023 18:47:46 GMT server cloudflare etag W/"492194408e21679fa246cd67c6f01083" vary Accept-Encoding x-goog-generation 1680029266627971 content-type text/javascript x-goog-hash crc32c=8vsR2Q==, md5=SSGUQI4hZ5+iRs1nxvAQgw== cache-control public, max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExEpVwuwBf8UG29ysMcpuAr8F8udp6sV%2BN0mbbehg8rS29%2Fm2f7hoJlKjKru2W%2F1D4i9BhJbBmQdpGt4K6psUdRZILGnbGIH6Sf8c6zQK5UOqnQe9kp9BNs50xPRpqhcNeatK15d7xBy1zNE%2Frw%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 487392 cf-ray 7b8fff7ced7a9bc5-FRA expires Tue, 11 Apr 2023 15:41:04 GMT
POST H/1.1	200 OK	checkUser Show response staging.hackr.io/	14 B 1 KB	156ms 156ms	XHR application/json	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/checkUser Requested by Host: staging.hackr.io URL: https://staging.hackr.io/build/assets/axios.f257fe29.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 7088814156cba446418171c2b509340685dfe0f89c2a7cb366faec0696e3c306 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://staging.hackr.io/blog/xss-cheat-sheet X-XSRF-TOKEN eyJpdiI6Im5iUnJubnJnV1JjWkh1UjlFTzE4aXc9PSIsInZhbHVlIjoiNFhNZ2RDVzBXOUg4QmhpcTNZckdmTCt2R2sveDZpZDJTaGNESWd3Z0lEQmhCeGR5TVFSUTdDYmJkUWNmZkNsOE5GTlFqRGFTeUFpNmcxL1liMDNIaXpZMC9LMXpIMk9CUWpETXdzdTV4K2pvbHJncmZHSUdjMEZra2RRYXlrWFMiLCJtYWMiOiI2M2FhMTYzNWM4MzY3NTBhZWY3MTdjODMzNWJmOGRkZDgwM2U0MjE2ZTY5NzcxNmY3NzgwMWFjMmY1MzVjZjFkIiwidGFnIjoiIn0= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Referrer-Policy strict-origin-when-cross-origin X-Content-Type-Options nosniff Server Apache/2.4.56 () OpenSSL/1.0.2k-fips Vary X-Forwarded-Proto,User-Agent X-Frame-Options DENY Content-Type application/json Cache-Control no-cache, private, max-age=31536000 Connection keep-alive Content-Length 14 X-XSS-Protection 1; mode=block Expires Mon, 15 Apr 2024 22:52:19 GMT
POST H/1.1	200 OK	checkUser Show response staging.hackr.io/	14 B 1 KB	186ms 186ms	XHR application/json	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/checkUser Requested by Host: staging.hackr.io URL: https://staging.hackr.io/build/assets/axios.f257fe29.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 7088814156cba446418171c2b509340685dfe0f89c2a7cb366faec0696e3c306 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://staging.hackr.io/blog/xss-cheat-sheet X-XSRF-TOKEN eyJpdiI6Im5iUnJubnJnV1JjWkh1UjlFTzE4aXc9PSIsInZhbHVlIjoiNFhNZ2RDVzBXOUg4QmhpcTNZckdmTCt2R2sveDZpZDJTaGNESWd3Z0lEQmhCeGR5TVFSUTdDYmJkUWNmZkNsOE5GTlFqRGFTeUFpNmcxL1liMDNIaXpZMC9LMXpIMk9CUWpETXdzdTV4K2pvbHJncmZHSUdjMEZra2RRYXlrWFMiLCJtYWMiOiI2M2FhMTYzNWM4MzY3NTBhZWY3MTdjODMzNWJmOGRkZDgwM2U0MjE2ZTY5NzcxNmY3NzgwMWFjMmY1MzVjZjFkIiwidGFnIjoiIn0= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Referrer-Policy strict-origin-when-cross-origin X-Content-Type-Options nosniff Server Apache/2.4.56 () OpenSSL/1.0.2k-fips Vary X-Forwarded-Proto,User-Agent X-Frame-Options DENY Content-Type application/json Cache-Control no-cache, private, max-age=31536000 Connection keep-alive Content-Length 14 X-XSS-Protection 1; mode=block Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H2	200	popup-google-logo.png cdn.hackr.io/assets/images/	108 KB 108 KB	34ms 33ms	Image image/png	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/assets/images/popup-google-logo.png Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 61a827812acb533c195ae7d8d4d1365f142a0a650c85ef6410e4f5e777308837 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 10:30:04 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Tue, 04 Apr 2023 01:39:03 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 44536 x-amz-server-side-encryption AES256 etag "3e26049d9396f49912688a986b4027b8" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png cache-control 604800 accept-ranges bytes content-length 110441 x-amz-cf-id wqba7NdLPIbEunIVDoM7LOPgTcQHpQpAgLGK8e3rmiH6h82vKbQPCw==
GET H/1.1	200 OK	popup-github-logo.png s3.us-east-2.amazonaws.com/hackr.io-production/assets/images/	482 B 899 B	136ms 135ms	Image image/png	52.219.109.145 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s3.us-east-2.amazonaws.com/hackr.io-production/assets/images/popup-github-logo.png Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.219.109.145 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3.us-east-2.amazonaws.com Software AmazonS3 / Resource Hash f0349fd944dbd6d3d9b510c2c0ba991e77ee5b8ca620c8d3b94af062e5578a6c Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:20 GMT Last-Modified Tue, 04 Apr 2023 01:39:03 GMT Server AmazonS3 x-amz-request-id A64NCVSJQY0B228Q ETag "7bba622a142a44e64e262c6fc2482190" x-amz-server-side-encryption AES256 Content-Type image/png Cache-Control 604800 Accept-Ranges bytes Content-Length 482 x-amz-id-2 GaFXXEBsm7yJm3NXBA5e0C9hiN2n8ABdV2YzNgGjQ1o2yfvSaf8SNULUi3J3Q0GnyO6768MeLmM=
GET H2	200	email-us-popup.png cdn.hackr.io/assets/images/	12 KB 13 KB	34ms 33ms	Image image/png	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/assets/images/email-us-popup.png Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c34917fa708c77ac1f28b08b2fd92d60ab136cd07abea5be09f5282dfb93477b Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 10:30:04 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Tue, 04 Apr 2023 01:38:55 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 44536 x-amz-server-side-encryption AES256 etag "db6a234cf8737390650cc3db73127014" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png cache-control 604800 accept-ranges bytes content-length 12400 x-amz-cf-id j-Bdcip_vGkWvvlZmJcnSghSrihpshq9NgmEwZFSjd3atqVAMF4s0g==
POST H/1.1	200 OK	checkUser Show response staging.hackr.io/	14 B 1 KB	182ms 182ms	XHR application/json	3.12.141.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://staging.hackr.io/checkUser Requested by Host: staging.hackr.io URL: https://staging.hackr.io/build/assets/axios.f257fe29.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.12.141.49 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-12-141-49.us-east-2.compute.amazonaws.com Software Apache/2.4.56 () OpenSSL/1.0.2k-fips / Resource Hash 7088814156cba446418171c2b509340685dfe0f89c2a7cb366faec0696e3c306 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://staging.hackr.io/blog/xss-cheat-sheet X-XSRF-TOKEN eyJpdiI6Im5iUnJubnJnV1JjWkh1UjlFTzE4aXc9PSIsInZhbHVlIjoiNFhNZ2RDVzBXOUg4QmhpcTNZckdmTCt2R2sveDZpZDJTaGNESWd3Z0lEQmhCeGR5TVFSUTdDYmJkUWNmZkNsOE5GTlFqRGFTeUFpNmcxL1liMDNIaXpZMC9LMXpIMk9CUWpETXdzdTV4K2pvbHJncmZHSUdjMEZra2RRYXlrWFMiLCJtYWMiOiI2M2FhMTYzNWM4MzY3NTBhZWY3MTdjODMzNWJmOGRkZDgwM2U0MjE2ZTY5NzcxNmY3NzgwMWFjMmY1MzVjZjFkIiwidGFnIjoiIn0= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Referrer-Policy strict-origin-when-cross-origin X-Content-Type-Options nosniff Server Apache/2.4.56 () OpenSSL/1.0.2k-fips Vary X-Forwarded-Proto,User-Agent X-Frame-Options DENY Content-Type application/json Cache-Control no-cache, private, max-age=31536000 Connection keep-alive Content-Length 14 X-XSS-Protection 1; mode=block Expires Mon, 15 Apr 2024 22:52:19 GMT
GET H2	200	hackr-logo.png cdn.hackr.io/assets/images/	3 KB 3 KB	41ms 40ms	Image image/png	2600:9000:2127:800:9:7552:4cc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.hackr.io/assets/images/hackr-logo.png Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:800:9:7552:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a50fa73b35414d622ccf9c7a74995a456086fc9734cab99ab02e4f2ff675dc09 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 01:57:38 GMT via 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront) last-modified Tue, 04 Apr 2023 01:38:56 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 75282 x-amz-server-side-encryption AES256 etag "07be06530aa7a0f8b4882f08d49b988f" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/png cache-control 604800 accept-ranges bytes content-length 2869 x-amz-cf-id 14Pgd-P5f9D8fTsi4KUkw0aQ-oHAYAmXPYYdwI0hp5wiPkWu5YPf1w==
GET H2	200	v1_6_1.css widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/css/	16 KB 5 KB	41ms 41ms	Stylesheet text/css	2600:9000:2127:e600:15:f55c:78c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/css/v1_6_1.css Requested by Host: widgets.jobbio.com URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e600:15:f55c:78c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1555ede4ec24d13602a1c233e67abec66725b6b7957f6296c66c73bfb30f6295 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 03:39:24 GMT content-encoding gzip via 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront) last-modified Fri, 31 Mar 2023 19:57:24 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 70322 x-amz-server-side-encryption AES256 etag W/"5038c5003044412f848cb90a21964567" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css x-amz-cf-id NpKv03sDTRD6-Xm7IwQWUTbqIgr1nXC98NabcIyIGrydD_zTaWrGPQ==
GET H2	200	css2 fonts.googleapis.com/	14 KB 1 KB	112ms 25ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap Requested by Host: widgets.jobbio.com URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash be455fc264e8645a1968f7dd576c16467f92da16125abfeac70e77b4c0244613 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 16 Apr 2023 22:52:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 16 Apr 2023 22:20:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 16 Apr 2023 22:52:19 GMT
GET H2	200	imp.js Show response widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/js/	2 KB 1007 B	41ms 40ms	Script application/javascript	2600:9000:2127:e600:15:f55c:78c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/js/imp.js Requested by Host: widgets.jobbio.com URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2127:e600:15:f55c:78c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f6aa2579190f17098e22234151f389c6da5c54501c085951fc426f9f19fcf862 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 07:21:27 GMT content-encoding gzip via 1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront) last-modified Fri, 31 Mar 2023 19:57:29 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 55906 x-amz-server-side-encryption AES256 etag W/"af3b1e47c34ab0d22f85a6afc881c481" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript x-amz-cf-id Np0JpSIK7lchtdFVEU6lPmqFvSrTnsPJQLNceX8bfexCMc0bPg_hJg==
GET H/1.1	200 OK	hackr-jobs Show response widget-api.jobbio.com/channels/	797 B 1 KB	173ms 54ms	Fetch application/json	52.212.52.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget-api.jobbio.com/channels/hackr-jobs?widgets=true Requested by Host: widgets.jobbio.com URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-212-52-84.eu-west-1.compute.amazonaws.com Software gunicorn / Resource Hash bf461fd6e624a7f9004b8186da15eb4f6d6dd52ef96e2a2796d970a106f8a8d8 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:19 GMT Via 1.1 vegur X-Content-Type-Options nosniff Referrer-Policy same-origin Server gunicorn X-Frame-Options DENY Vary Accept, Origin, Cookie Content-Type application/json Allow GET, DELETE, HEAD, OPTIONS Access-Control-Allow-Origin * Connection keep-alive Content-Length 797
GET H3	200	AGSKWxXbfaeu4i36ExOkOnGRAiqcFgzG5koPtq_TYwPc-X7P-O3mdu6bzyyr1xOY0RbUzlcTO4KRKPO3Bpu0G6_g-Js= Show response fundingchoicesmessages.google.com/f/	264 KB 42 KB	105ms 104ms	Script application/javascript	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXbfaeu4i36ExOkOnGRAiqcFgzG5koPtq_TYwPc-X7P-O3mdu6bzyyr1xOY0RbUzlcTO4KRKPO3Bpu0G6_g-Js=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgxNjg1NTM5LDYzMjAwMDAwMF0sIkE3RUM0NUI4LTg1OTItNEZEMy1COEM1LTkzRDAyRkIyQ0MxMiIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vc3RhZ2luZy5oYWNrci5pby9ibG9nL3hzcy1jaGVhdC1zaGVldCIsbnVsbCxbWzgsInl3aUNfQmViSFFFIl0sWzksImRlIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ywiC_BebHQE.es5.O/d=1/rs=AJlcJMw-3t6PPyf1EAJoKhhMZoewIu5Inw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 10baa9386dc4c29bef829b9ebd3903a2b11856414bf14e4b4a1ed057a4ab9b39 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hacJR9aKBX_uR-fdJ8E3dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-hacJR9aKBX_uR-fdJ8E3dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="ContributorGlobalRouterHttp" server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site report-to {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-type application/javascript; charset=utf-8 x-frame-options SAMEORIGIN cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	204	2846963 Show response vc.hotjar.io/sessions/	0 258 B	88ms 34ms	XHR text/plain	18.66.112.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/2846963?s=0.25&r=0.05168340800647542 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.f0ba8b655d2d90cf7a94.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-19.fra56.r.cloudfront.net Software Python/3.8 aiohttp/3.8.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT via 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront) server Python/3.8 aiohttp/3.8.4 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id PVyJ0ymg7ZDYcPVWbf-c2GVmiM8EaTbwpNaQclztkT0prU5ULZrKjw==
GET H2	200	css fonts.googleapis.com/	6 KB 742 B	23ms 22ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,700 Requested by Host: cdn.wisepops.com URL: https://cdn.wisepops.com/shared/wisepops/f43841ea4066b62d09d0f2f90258d022/412150.js?v=1681223738000 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 16 Apr 2023 22:52:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 16 Apr 2023 22:20:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 16 Apr 2023 22:52:19 GMT
GET H2	200	9cb4475ec963996df25057fed61bc538.png cdn.wisepops.com/shared/images/wisepops/c.59272/	1 MB 1 MB	27ms 27ms	Image image/webp	2606:4700:20::681a:a13 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.wisepops.com/shared/images/wisepops/c.59272/9cb4475ec963996df25057fed61bc538.png Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:a13 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71147c7ecec292c5656f24629600f72efc8972381057163e54fe2afcc9f4a606 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 352923 cf-polished origFmt=png, origSize=2160352 x-guploader-uploadid ADPycdt7y6QmZhipT4XOI9kurmnRlpFxMPUCjHIU0OyWTvihgz4zCByzWp6SEZixPxQ1jqFFSUoyzyWdm8Im31HbCC4HaA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename="9cb4475ec963996df25057fed61bc538.webp" content-length 1317198 cf-bgj imgq:85,h2pri last-modified Wed, 08 Mar 2023 10:59:22 GMT server cloudflare etag "9cb4475ec963996df25057fed61bc538" vary Accept x-goog-generation 1678273162735502 content-type image/webp x-goog-hash crc32c=JNBGuw==, md5=nLRHXsljmW3yUFf+1hvFOA== cache-control public, max-age=31536000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCpeFYtXURjuiWohgLaRnWVIWqwCBKUKJDWZ5Js5iy%2FOHC6G4WGKsMbS5fqoo3ovHGqTJoFV0SsDzj7s6qrSqEckDwmGE%2BJiWKPalOApR3s6q1PuFimUGATRdLK4ux3UA%2BZX3%2BxiyxTQqrYsqrw%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 2160352 accept-ranges bytes cf-ray 7b8fff7f88079bc5-FRA expires Wed, 12 Apr 2023 21:50:16 GMT
POST H3	200	v2vpbOkawaPia_af2gKuBIv1Qkev-k9BMG_roXtwGBt4tBBjIW2pjtlpCTzW_qzEU_SKiBOPO Show response stakingsmile.com/	206 B 233 B	74ms 32ms	Fetch application/json	2600:1901:0:7a38::1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stakingsmile.com/v2vpbOkawaPia_af2gKuBIv1Qkev-k9BMG_roXtwGBt4tBBjIW2pjtlpCTzW_qzEU_SKiBOPO Requested by Host: stakingsmile.com URL: https://stakingsmile.com/v2kxoQpEJBKhkeeh4lQa_vewl5LR4YJ0ZQ9009fm7sY89SyHjrwrT0h5pDFr0MFg4 Protocol H3 Security QUIC, , AES_128_GCM Server 2600:1901:0:7a38::1 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash 4b9a6cc1d33f1218d4a0b2b9344126018aac7d9a4ed985a5a4e3ddd9fb745613 Security Headers Name Value Strict-Transport-Security max-age=15724800; preload Request headers Referer https://staging.hackr.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers strict-transport-security max-age=15724800; preload date Sun, 16 Apr 2023 22:52:19 GMT via 1.1 google x-buildnumber 832971200 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206 x-datacenter gce-europe-west1 x-buildname hoothoot vary Accept-Encoding, Origin access-control-allow-methods POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://staging.hackr.io x-hostname fen-hoothoot-europe-west1-spot-tzkm cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie expires Sun, 16 Apr 2023 22:52:18 GMT
GET H/1.1	200 OK	feed Show response widget-api.jobbio.com/channels/hackr-jobs/	5 KB 6 KB	1232ms 1232ms	Fetch application/json	52.212.52.84 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget-api.jobbio.com/channels/hackr-jobs/feed?search=&page_size=6&source=hackr-jobs_masonry_jobs_widget&widgets=true&page=https://staging.hackr.io/blog/xss-cheat-sheet Requested by Host: widgets.jobbio.com URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-212-52-84.eu-west-1.compute.amazonaws.com Software gunicorn / Resource Hash bd681dc9411fa06bcebcdf4cf143f99bce5d68cc37fa438f34e2889059ef3318 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Date Sun, 16 Apr 2023 22:52:21 GMT Via 1.1 vegur X-Content-Type-Options nosniff Referrer-Policy same-origin Server gunicorn X-Frame-Options DENY Vary Accept, Origin, Cookie Content-Type application/json Allow GET, HEAD, OPTIONS Access-Control-Allow-Origin * Connection keep-alive Content-Length 5316
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	91ms 31ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 10:30:58 GMT x-content-type-options nosniff age 476481 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15740 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 10:30:58 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	76ms 16ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 10:31:00 GMT x-content-type-options nosniff age 476479 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 10:31:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	77ms 17ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 15 Apr 2023 03:47:09 GMT x-content-type-options nosniff age 155110 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 14 Apr 2024 03:47:09 GMT
GET H3	200	css fonts.googleapis.com/	60 KB 4 KB	29ms 28ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ywiC_BebHQE.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMw-3t6PPyf1EAJoKhhMZoewIu5Inw/m=web_iab_tcf_v2_wall_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 79e90e67768dea919de636492bb50f68f0ce9b99ab2402c4c6952b051187abfe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 16 Apr 2023 22:52:19 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 16 Apr 2023 22:52:19 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 16 Apr 2023 22:52:19 GMT
GET H2	200	OlkX1voQiNkTgJDzYIY17G9MSvqQ_ndWSsnaPr75DFCk1Y_w8tAs10gpYP1AUeRLSmtsPjT2yZ9THqgvbl7qy0Zfhtsa6zGxbF2BSpc3CliXp6D1Vws=h60 lh3.googleusercontent.com/	8 KB 8 KB	79ms 27ms	Image image/png	2a00:1450:4001:80b::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://lh3.googleusercontent.com/OlkX1voQiNkTgJDzYIY17G9MSvqQ_ndWSsnaPr75DFCk1Y_w8tAs10gpYP1AUeRLSmtsPjT2yZ9THqgvbl7qy0Zfhtsa6zGxbF2BSpc3CliXp6D1Vws=h60 Requested by Host: staging.hackr.io URL: https://staging.hackr.io/blog/xss-cheat-sheet Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 3201ea8b8d69fd268d32ee1277d26a31fe8862629862374f81cb228131e7972e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 16 Apr 2023 22:52:19 GMT x-content-type-options nosniff age 0 content-disposition inline;filename="unnamed.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7968 x-xss-protection 0 server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Mon, 17 Apr 2023 22:52:19 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v34/	44 KB 44 KB	30ms 30ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 10:31:18 GMT x-content-type-options nosniff age 476461 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 44856 x-xss-protection 0 last-modified Mon, 15 Aug 2022 18:20:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 10:31:18 GMT
POST H3	204	AGSKWxVAwUi5g5fJ_oYQLAI136eGM4EquvvlJG2-rPyefpPwr51Ira3fT4-aEEnPHea02SjvBRgEUOiEZ4hQWpoMTZLKFDpqAoTkyGTlGG8N5_AggHrpVdifqAAPfYKkz6XQb_wRxvQnHw== Show response fundingchoicesmessages.google.com/el/	0 29 B	66ms 32ms	XHR text/html	2a00:1450:4001:82f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVAwUi5g5fJ_oYQLAI136eGM4EquvvlJG2-rPyefpPwr51Ira3fT4-aEEnPHea02SjvBRgEUOiEZ4hQWpoMTZLKFDpqAoTkyGTlGG8N5_AggHrpVdifqAAPfYKkz6XQb_wRxvQnHw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.ywiC_BebHQE.es5.O/d=1/rs=AJlcJMw-3t6PPyf1EAJoKhhMZoewIu5Inw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZDoMKv6KxYVxyQLEdpP4Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://staging.hackr.io/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Content-Type text/plain Response headers date Sun, 16 Apr 2023 22:52:19 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ZDoMKv6KxYVxyQLEdpP4Rg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin; report-to="ContributorLoggingHttp" server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://staging.hackr.io access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN report-to {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]} expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 fonts.gstatic.com/s/materialicons/v140/	125 KB 126 KB	26ms 26ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://staging.hackr.io accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 10:31:34 GMT x-content-type-options nosniff age 476445 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128352 x-xss-protection 0 last-modified Tue, 07 Mar 2023 19:51:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 10:31:34 GMT
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9915b4b01f6ef6ec1037e15e6047382914fc22b4c5057577a2ca5ade88e06a38 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	image-1664373288549.png d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	62 KB 62 KB	65ms 10ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/image-1664373288549.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 72da890dacb1bb542221587af42111e91caeb00ad8f5ad1d161d167761cd47c4 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Thu, 13 Oct 2022 15:06:38 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 16011943 x-amzn-requestid abdc887f-b0a0-4b50-ad37-0028e42a6b1d x-cache Hit from cloudfront x-amz-apigw-id Z8truF6iDoEFnXw= content-length 63338 last-modified Wed, 28 Sep 2022 13:54:49 GMT x-amzn-trace-id Root=1-6348297e-0e4657807de8a2100280a90c access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id X0158gnP5QWqF3rRZzWHq1VvMoZ_bc2UfFP0V_pIfc9M9rIX1KvTPg==
GET H2	200	e6c51bba02aa065b548dc5328ada751b d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/	4 KB 4 KB	99ms 22ms	Image image/jpeg	65.9.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/e6c51bba02aa065b548dc5328ada751b Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.93 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-93.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 0b6c7f339b1de5eaf5b4f98084243e6150872bcc2b23cc7221af90404bd82101 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sun, 15 Jan 2023 01:25:43 GMT via 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront) last-modified Wed, 02 Jun 2021 21:54:37 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 7939599 etag "7764bd303a5ed82d81e32b5c5add242b" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 3941 x-amz-cf-id zvDlPBpgMenhWP-9Z2H32oMw4a06c_CHTBbkdyIeI0dvogg1FSpaWw== expires Sat, 31 May 2031 16:54:36 CDT
GET H2	200	image-1664308265911.jpeg d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	38 KB 39 KB	71ms 17ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/image-1664308265911.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash e4d72b22d46fd3c25afdf0fdbd845bc4affddadb902231caadd62fbb6e5b8cce Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Mon, 13 Feb 2023 14:39:40 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 5386361 x-amzn-requestid b56d9405-f4e1-4e41-8ba9-7c44f87115ce x-cache Hit from cloudfront x-amz-apigw-id ASDC4GuODoEFhRQ= content-length 39094 last-modified Tue, 27 Sep 2022 19:51:06 GMT x-amzn-trace-id Root=1-63ea4bab-43a2bfa861ba4c387ba2ba1c access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id Yd9LMP_5YSvBJ7DcE2j1YJ9-OeLXO8-RhVBlrkTWDVUuD_ts4XFq6Q==
GET H2	200	1b21b609343e678067d5f800204de917 d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/	5 KB 5 KB	99ms 23ms	Image image/jpeg	65.9.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/1b21b609343e678067d5f800204de917 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.93 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-93.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 1010cdecf6755750ed381136c002a2ec061a78b82800854c4a17498381d838de Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 07 Jan 2023 07:52:44 GMT via 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront) last-modified Wed, 02 Jun 2021 19:44:38 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 8607578 etag "721f52bc66befc0ec53fd45f3e3ae8e9" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 5142 x-amz-cf-id vfzYxIY8r5N86HDyEsCz9S8HITfXnW2aSzTMpeqMZqBbjB9E9YQ8IA== expires Sat, 31 May 2031 14:44:36 CDT
GET H2	200	image-1663281729403.jpeg d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	89 KB 89 KB	67ms 13ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/image-1663281729403.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ae14a92da7a5029e715487f9d5edbe8df1d83451a4c52dd9cbd0aa2fd717414d Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Thu, 15 Sep 2022 22:58:56 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 18402805 x-amzn-requestid e3acb7ab-e992-4993-a5d9-2f6978e5671a x-cache Hit from cloudfront x-amz-apigw-id YhgnlHojjoEFZ4Q= content-length 90772 last-modified Thu, 15 Sep 2022 22:42:10 GMT x-amzn-trace-id Root=1-6323ae30-625fc6541d201f5d6c68e90d access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id 6HVVnSjhJvTO2nV4INjFct4gi9C3AM_34nDG1cgE8mMqM52N4_fUbg==
GET H2	200	image-1663281720633.jpeg d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	1 KB 2 KB	74ms 21ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/image-1663281720633.jpeg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 1ed2fc68bf11f82e49ebadfd07e18be56e293c729c59553393d0ff84258db3d9 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Thu, 15 Sep 2022 22:58:56 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 18402805 x-amzn-requestid b8081b64-487e-471d-86a6-8b8af8e258ae x-cache Hit from cloudfront x-amz-apigw-id YhgnhHJ4DoEFfuw= content-length 1124 last-modified Thu, 15 Sep 2022 22:42:01 GMT x-amzn-trace-id Root=1-6323ae2f-7d616c6e1676c6b33546a427 access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id rnrJWcylwoxwQaLMLQKjLpS6qAsWFoc6-KCao3lbmxUOZpFeXLFlaQ==
GET H2	200	image-1667571666824.png d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	54 KB 54 KB	72ms 19ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/image-1667571666824.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash b50071ae9005dc8466826fa25edbe3df4073c8ed8c14ad1b425a7bd522c8ad18 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 04 Nov 2022 14:21:19 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 14113862 x-amzn-requestid edbcac75-b5f0-4da7-9b9b-7e9b2985d80a x-cache Hit from cloudfront x-amz-apigw-id bFHq3Gj6joEFa_Q= content-length 55130 last-modified Fri, 04 Nov 2022 14:21:07 GMT x-amzn-trace-id Root=1-63651fde-5437eb33682d0dd41caac234 access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id TeqrgtRcJYeBoQd2ohg-e5dtksWjwBHHb7GEEBlRiK6oa_WfLMxgNw==
GET H2	200	adobe-1-logo-1627302368799.png d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	2 KB 2 KB	61ms 8ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/adobe-1-logo-1627302368799.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 5225ff7c59a481d2add4db1133cfcc03e62cfab1288d288202ee03f1f5103ac5 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 21 Jan 2023 06:15:01 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 7403840 x-amzn-requestid f9055d81-0b36-49f1-8c34-057fb43d9a81 x-cache Hit from cloudfront x-amz-apigw-id fFFj2H8HjoEFpOA= content-length 1660 last-modified Mon, 26 Jul 2021 12:26:09 GMT x-amzn-trace-id Root=1-63cb82e5-06bdf5773120550d4bcb646a access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id 2jAr9vCGImLLQAwt0fJcGd5dxvEORoJ_2zCneL-zW-qMP1Mx6aYfww==
GET H2	200	image-1680089401028.jpg d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	130 KB 131 KB	51ms 51ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/image-1680089401028.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c7b8f262fcaaf70860de1c6ed63ea24d6a1acce2aae333a152766881eb45e2fe Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 21:53:08 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 435553 x-amzn-requestid 50116ec5-7ee5-40c0-8e98-8ba0ec5c5096 x-cache Hit from cloudfront x-amz-apigw-id DO5-vEcgDoEF7ig= content-length 133024 last-modified Wed, 29 Mar 2023 11:30:02 GMT x-amzn-trace-id Root=1-6435d6c4-5dade213396918ec0efe94cf access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id T9TxQaiDwtpaU3Fp7yU6X6_adHvrWu5htsplb12MZF_MgSYq4rCh6A==
GET H2	200	147c1a8ca20dd4b646e94e98dcfc03a8 d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/	4 KB 4 KB	99ms 24ms	Image image/jpeg	65.9.95.93 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/147c1a8ca20dd4b646e94e98dcfc03a8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.95.93 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-95-93.prg50.r.cloudfront.net Software AmazonS3 / Resource Hash 754d0d49dc1fd992ca8050942ae29ffe8da9f1a774236791914d84d6c05c0739 Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Sat, 01 Apr 2023 15:35:26 GMT via 1.1 cb11ca2ff3db5adbe7df4bca70e51594.cloudfront.net (CloudFront) last-modified Wed, 02 Jun 2021 16:35:28 GMT server AmazonS3 x-amz-cf-pop PRG50-C1 age 1322216 etag "55ae6e956f8061678e9ba55105bb4392" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=315360000 accept-ranges bytes content-length 3960 x-amz-cf-id EhsrxeckEd8yo-oAosoodsSBpwh3wSZwRRD03_fZ-S834lX1XCmMzw== expires Sat, 31 May 2031 11:35:27 CDT
GET H2	200	palo-alto-networks-content-1614772291026.png d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	37 KB 37 KB	49ms 48ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/palo-alto-networks-content-1614772291026.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 2efd44910f1dc298ec2582aa79402b5df7b8926e9e5d58cd95f1df2541d3787f Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Wed, 09 Nov 2022 21:43:50 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 13655311 x-amzn-requestid f157beb6-8aff-4bb3-9c09-e7894f35f079 x-cache Hit from cloudfront x-amz-apigw-id bWnLhERbDoEFeZg= content-length 37588 last-modified Wed, 03 Mar 2021 11:51:32 GMT x-amzn-trace-id Root=1-636c1f16-32ea74506f813645759ecd82 access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id uHfoFtP4L8lhkEWeoHh6XjfGO1_4dvqVNOCTcmQ0kEzX3EivzO9GvQ==
GET H2	200	palo-alto-networks-logo-1614772247373.png d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/	3 KB 4 KB	52ms 51ms	Image image/webp	2600:9000:225e:1a00:14:ad08:9b00:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/palo-alto-networks-logo-1614772247373.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:1a00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c9243eca230fb0f81835470c1e33cfdc6cc0f7a16639c7a21f82524bca077e1c Request headers accept-language de-DE,de;q=0.9 Referer https://staging.hackr.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Wed, 09 Nov 2022 21:43:48 GMT via 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P4 age 13655313 x-amzn-requestid 56f763a4-6f73-4300-a7aa-238f6e5ce3ae x-cache Hit from cloudfront x-amz-apigw-id bWnLPHqjjoEFxvQ= content-length 3372 last-modified Wed, 03 Mar 2021 11:50:48 GMT x-amzn-trace-id Root=1-636c1f14-384048d0226d307c64dfdc5f access-control-allow-methods GET content-type image/webp cache-control max-age=31536000,public access-control-allow-credentials true access-control-allow-headers Content-Type, Authorization x-amz-cf-id -_CLj_SKerEXbOwU8bIb3rm8TOdjUrnmU8zQlAjMLD25_nlkGAiu-g==