labs.integrity.pt Open in urlscan Pro
2606:4700:20::681a:dad  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response labs.integrity.pt/advisories/cve-2016-3670/	11 KB 5 KB	142ms 122ms	Document text/html	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39410a62761cd6a7efe42efb5a1bb09a52d793d3364f7cf1d48071d27c7613a0 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers :method GET :authority labs.integrity.pt :scheme https :path /advisories/cve-2016-3670/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-type text/html set-cookie __cfduid=d827fe3cba73baa5ee45728c55153c2301616440471; expires=Wed, 21-Apr-21 19:14:31 GMT; path=/; domain=.integrity.pt; HttpOnly; SameSite=Lax; Secure x-frame-options SAMEORIGIN frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubDomains x-xss-protection 1; mode=block x-content-type-options nosniff cache-control max-age=60, must-revalidate referrer-policy origin-when-cross-origin content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' vary Accept-Encoding last-modified Fri, 19 Mar 2021 00:17:39 GMT cf-cache-status DYNAMIC cf-request-id 08fcf5481a00002bb957998000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ai6eEq7IQCY4xWzBkUeqNq5DD3QTkAnyx%2BO71%2B9SHy19nZI%2BIwerSQxkURglzzS2vq3q7tbY80jy6kh7MrrJrCo5QZeu5Dd4TcKz9QxNwPLMFMJ0OLCVmRpl490eig%3D%3D"}],"max_age":604800,"group":"cf-nel"} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6341be535c212bb9-FRA content-encoding br
GET H2	200	framework.css labs.integrity.pt/wp-content/themes/blaskan/	5 KB 1 KB	20ms 19ms	Stylesheet text/css	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-content/themes/blaskan/framework.css?ver=3.5.1 Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7cff378d02d47590864fa3465825c6dfad9ccc94202f43a37f9e4cad48e438b8 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-polished origSize=5307 cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 19 Mar 2021 00:18:30 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"807407913" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=x%2F%2BJXG%2F%2FcRJv94TY1sWLnADbHl6UZ8mr0AN65fNB0xnh1iykbSToGz7C2owNrAIpSanQLzT50n0eA8HKhz0l1BkXFzimfyZj%2BdrQIzpAHnEpiRhbWRLEdXtPOUk2UQ%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type text/css cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-request-id 08fcf5489900002bb90b085000000001 cf-ray 6341be542dec2bb9-FRA cf-bgj minify
GET H2	200	style.css labs.integrity.pt/wp-content/themes/blaskan/	28 KB 5 KB	21ms 19ms	Stylesheet text/css	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-content/themes/blaskan/style.css?ver=3.5.1 Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15eb02fcc2f98612277d60ef30a1d2773121f18350e608929d2d842ce21314d5 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-polished origSize=29150 cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 19 Mar 2021 00:18:31 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"3868457100" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sN6nVmGAn4BpywpOzHA%2BLsDLc13QgD6Ohu7E4EZke%2FZPdpUKjacLtx32x4U4Y%2FBzbctKpiJ6cbluZOTp6qic0N4YQFPna1sqlHA6xXrscqolOF0FqGip3Ek3JAOIuQ%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type text/css cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-request-id 08fcf5489900002bb97e295000000001 cf-ray 6341be542def2bb9-FRA cf-bgj minify
GET H2	200	modernizr.min.js Show response labs.integrity.pt/wp-content/themes/blaskan/js/libs/	14 KB 6 KB	18ms 17ms	Script application/javascript	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-content/themes/blaskan/js/libs/modernizr.min.js?ver=3.5.1 Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c2b86773c380d088c7d5ba35408898ee67747299e95fe15747d4649bb4e2c1b Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-cache-status HIT vary Accept-Encoding cf-request-id 08fcf5489900002bb985855000000001 referrer-policy origin-when-cross-origin last-modified Fri, 19 Mar 2021 00:17:55 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"3635668765" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Anbv%2BcQsGuEQNC9dv9Y6Pg9zClvruzejVJwJntPpYjUWsYuKzv3nykfxtiKHoveJvzxLuEXzcwroof7ZvzukAE0jOTBBpqdcRwY8%2FTiW8MCCm7ILdvzvPKFlfrP90g%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript x-xss-protection 1; mode=block cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-ray 6341be542df22bb9-FRA
GET H2	200	jquery.js Show response labs.integrity.pt/wp-includes/js/jquery/	87 KB 30 KB	22ms 20ms	Script application/javascript	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-includes/js/jquery/jquery.js?ver=3.5.1 Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07f9b1bbe459991154cf6a4a9b68c8ae0f535696599e9f1c330aabca0ab452f5 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-cache-status HIT vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 19 Mar 2021 00:18:24 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"3526600872" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yHEiFJpS9QC%2BrMy%2BO4iZspze9tcOTFVrIW8ECGQ7Z%2FmglDxj1pnvuMWIR9YSEuRwi4jFtyGllVj1s5m87cPehPC%2FKijjFELyDcCZNpdv8I1dsGNp%2F4OGwN9kYASwXw%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-request-id 08fcf5489a00002bb9222b5000000001 cf-ray 6341be542df32bb9-FRA cf-bgj minify
GET H2	200	jquery.fitvids.js Show response labs.integrity.pt/wp-content/themes/blaskan/js/libs/	2 KB 837 B	20ms 19ms	Script application/javascript	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-content/themes/blaskan/js/libs/jquery.fitvids.js?ver=3.5.1 Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a1840e74f75dab4c66cb7d1dd0e4c5416d3b970397531ab751d7108ed5c7cba Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-cache-status HIT vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 19 Mar 2021 00:17:53 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"325326048" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lMLGzZG4W0C4VRj48JrMUVDdg96%2BgzidOiFlHK8HKL6u5Bmx5wkil2SOQIzf20Abc5KJ7HqGqBExKheE8Cqor5cQT8w3hZcbyvMfDJrkpVA1Sd1p5ar7qe88i9k1eA%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-request-id 08fcf5489b00002bb94db82000000001 cf-ray 6341be542df52bb9-FRA cf-bgj minify
GET H2	200	helper.js Show response labs.integrity.pt/wp-content/themes/blaskan/js/mylibs/	5 KB 2 KB	21ms 20ms	Script application/javascript	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-content/themes/blaskan/js/mylibs/helper.js?ver=3.5.1 Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f60989a516ad19f286da1518a70c6e9839033695519bb043a9075325e4746026 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-cache-status HIT vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 19 Mar 2021 00:17:55 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"3540260322" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cpTo9%2FAgK5x%2FCW2Yb4s6CDbjLZ3TdfoZMRGmWKabVemBpJ%2B3TTC3fWAQwIIvYD4PKAnv18HcRgrLhK8tJgx1OLxtfqPvKhqz2neuyd7EhuLtkytcqWFQriu7MW8JLw%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-request-id 08fcf5489a00002bb965803000000001 cf-ray 6341be542df62bb9-FRA cf-bgj minify
GET H2	200	script.js Show response labs.integrity.pt/wp-content/themes/blaskan/js/	658 B 735 B	22ms 21ms	Script application/javascript	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-content/themes/blaskan/js/script.js?ver=3.5.1 Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9432422a96581be518f3f71ebd6f35d6394bf24b649256b471b6873fd749fcb2 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-cache-status HIT vary Accept-Encoding x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Fri, 19 Mar 2021 00:17:56 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"1655677808" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p%2BZXKbOuG0X4Fx14Y2MNzStS0IRpU%2BXb8O3XwkmPbVjPuonvXx%2BKBROrcXdtPzVves6nTQvaWnwlE%2B32Yg8rMaKP8d7YUBJ4jV6GWlhlJ91Ge%2B0kxLYcxe5WE7T2cQ%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-request-id 08fcf5489a00002bb9318ce000000001 cf-ray 6341be542df72bb9-FRA cf-bgj minify
GET H2	200	cropped-integrity_labs2s2.png labs.integrity.pt/wp-content/uploads/2013/06/	11 KB 11 KB	24ms 24ms	Image image/webp	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://labs.integrity.pt/wp-content/uploads/2013/06/cropped-integrity_labs2s2.png Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1dfb087f2a322c07651cde0827cb0f8eb4b07d8755adbe16a012ec677f4bacd Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' etag "552696988" frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-polished origFmt=png, origSize=19511 cf-cache-status HIT content-disposition inline; filename="cropped-integrity_labs2s2.webp" strict-transport-security max-age=31536000; includeSubDomains content-length 10968 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Wed, 07 Oct 2020 07:43:30 GMT server cloudflare x-frame-options SAMEORIGIN date Mon, 22 Mar 2021 19:14:31 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wJcOyIimN%2BOnAYsDedQ6ho4uwyvx9mWE1T%2BE6FMYG1t5OuRGTmurzzrYCJDneWhadfobfaabMAo%2BJXDmBrVuusZZU4zSZrcahHUYK9UKC%2BUGBcS4Sx1%2BqETFgBJ2uA%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type image/webp cache-control max-age=31536000, must-revalidate cf-request-id 08fcf548c500002bb98585a000000001 accept-ranges bytes cf-ray 6341be546e6a2bb9-FRA x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H2	200	sprite.png labs.integrity.pt/wp-content/themes/blaskan/img/	626 B 1 KB	26ms 26ms	Image image/webp	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://labs.integrity.pt/wp-content/themes/blaskan/img/sprite.png Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/wp-content/themes/blaskan/style.css?ver=3.5.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 191a3c720c276a47a64ffd946f23da81458f89605b752411990488b7035d1c2b Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://labs.integrity.pt/wp-content/themes/blaskan/style.css?ver=3.5.1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' etag "885296360" frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-polished origFmt=png, origSize=2782 cf-cache-status HIT content-disposition inline; filename="sprite.webp" strict-transport-security max-age=31536000; includeSubDomains content-length 626 x-xss-protection 1; mode=block referrer-policy origin-when-cross-origin last-modified Wed, 07 Oct 2020 07:43:30 GMT server cloudflare x-frame-options SAMEORIGIN date Mon, 22 Mar 2021 19:14:31 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rb3a7Lx3SwM9MOqtGqkRU7sWyJ9C0PPa9tjyOqbUfwWcMyZVjcHLp8IMeqE4yJQBvrw769OHAbsDFLOCAuRLmnz%2BR18%2F%2BP2PPIOJr6fb2SRrrxZ8AWs9kQO89yPfDg%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type image/webp cache-control max-age=31536000, must-revalidate cf-request-id 08fcf548d400002bb91ca57000000001 accept-ranges bytes cf-ray 6341be548e9e2bb9-FRA x-content-type-options nosniff cf-bgj imgq:100,h2pri
GET H2	200	league_gothic-webfont.woff labs.integrity.pt/wp-content/themes/blaskan/fonts/	24 KB 24 KB	17ms 16ms	Font application/font-woff	2606:4700:20::681a:dad CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://labs.integrity.pt/wp-content/themes/blaskan/fonts/league_gothic-webfont.woff Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:dad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61a585df2085c308882b34a3770d833c06f0c0ba12b047eca23208ad8cd1f184 Security Headers Name Value Content-Security-Policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Origin https://labs.integrity.pt Referer https://labs.integrity.pt/advisories/cve-2016-3670/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 22 Mar 2021 19:14:31 GMT content-encoding br x-content-type-options nosniff frame-options SAMEORIGIN nel {"report_to":"cf-nel","max_age":604800} age 24 cf-cache-status HIT vary Accept-Encoding cf-request-id 08fcf548d400002bb97986b000000001 referrer-policy origin-when-cross-origin last-modified Wed, 07 Oct 2020 07:43:29 GMT server cloudflare x-frame-options SAMEORIGIN etag W/"2561763320" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DfLeSUAY3F04m25OTDaNojKQNEbrbQU1OKt0PwzggarIBZY4TMkUtBOm74kM10AGKPNPVZ6CDow43nJR2QQeo8XcxF3rkPL7onJRRjaMFsx4uVB91GOHkAkAAZCPiA%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/font-woff x-xss-protection 1; mode=block cache-control max-age=31536000, must-revalidate content-security-policy default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self' cf-ray 6341be548ea22bb9-FRA
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 19 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: labs.integrity.pt URL: https://labs.integrity.pt/advisories/cve-2016-3670/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://labs.integrity.pt/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 6366 date Mon, 22 Mar 2021 17:28:25 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Mon, 22 Mar 2021 19:28:25 GMT
POST		collect www.google-analytics.com/j/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=390646887&t=pageview&_s=1&dl=https%3A%2F%2Flabs.integrity.pt%2Fadvisories%2Fcve-2016-3670%2F&ul=en-us&de=UTF-8&dt=CVE-2016-3670%20Stored%20Cross%20Site%20Scripting%20in%20Liferay%20CE%20%7C%20INTEGRITY%20Labs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1198500809&gjid=2002144078&cid=476687995.1616440472&tid=UA-27538162-4&_gid=951038576.1616440472&_r=1&_slc=1&z=1450840074

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| MBP object| objectL10n string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.integrity.pt/	1970-01-19 17:00:40	Name: _gat Value: 1
			.integrity.pt/	1970-01-19 17:02:06	Name: _gid Value: GA1.2.951038576.1616440472
			.integrity.pt/	1970-01-20 10:31:52	Name: _ga Value: GA1.2.476687995.1616440472
			.integrity.pt/	1970-01-19 17:43:52	Name: __cfduid Value: d827fe3cba73baa5ee45728c55153c2301616440471

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' https://ajax.cloudflare.com https://www.google-analytics.com 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://www.google-analytics.com data: blob:; font-src 'self' data: 'unsafe-inline'; media-src 'self' https://videos.integrity.pt; connect-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

labs.integrity.pt
www.google-analytics.com
www.google-analytics.com
2606:4700:20::681a:dad
2a00:1450:4001:828::200e
07f9b1bbe459991154cf6a4a9b68c8ae0f535696599e9f1c330aabca0ab452f5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
15eb02fcc2f98612277d60ef30a1d2773121f18350e608929d2d842ce21314d5
191a3c720c276a47a64ffd946f23da81458f89605b752411990488b7035d1c2b
2a1840e74f75dab4c66cb7d1dd0e4c5416d3b970397531ab751d7108ed5c7cba
39410a62761cd6a7efe42efb5a1bb09a52d793d3364f7cf1d48071d27c7613a0
5c2b86773c380d088c7d5ba35408898ee67747299e95fe15747d4649bb4e2c1b
61a585df2085c308882b34a3770d833c06f0c0ba12b047eca23208ad8cd1f184
7cff378d02d47590864fa3465825c6dfad9ccc94202f43a37f9e4cad48e438b8
9432422a96581be518f3f71ebd6f35d6394bf24b649256b471b6873fd749fcb2
a1dfb087f2a322c07651cde0827cb0f8eb4b07d8755adbe16a012ec677f4bacd
f60989a516ad19f286da1518a70c6e9839033695519bb043a9075325e4746026