research.jfrog.com Open in urlscan Pro
185.199.109.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Effective URL:
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Submission: On February 27 via api (February 27th 2024, 11:55:32 pm UTC) from IL — Scanned from IL

Summary HTTP 31 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 3 domains to perform 31 HTTP transactions. The main IP is 185.199.109.153, located in San Francisco, United States and belongs to FASTLY, US. The main domain is research.jfrog.com.
TLS certificate: Issued by R3 on January 2nd 2024. Valid for: 3 months.

This is the only time research.jfrog.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	185.199.109.153 185.199.109.153	54113 (FASTLY) (FASTLY)
2	142.250.186.40 142.250.186.40	15169 (GOOGLE) (GOOGLE)
5	23.37.63.218 23.37.63.218	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
5	162.13.202.201 162.13.202.201	15395 (RACKSPACE...) (RACKSPACE-LON)
31	5

19 185.199.109.153 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)
PTR: cdn-185-199-109-153.github.com

research.jfrog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.37.63.218 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-218.deploy.static.akamaitechnologies.com

lonrtp1-cdn.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtp-static.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

gtm.jfrog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.13.202.201 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)

lonrtp1.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	jfrog.com 1 redirects research.jfrog.com gtm.jfrog.com — Cisco Umbrella Rank: 303572	405 KB
10	marketo.com lonrtp1-cdn.marketo.com — Cisco Umbrella Rank: 81756 rtp-static.marketo.com — Cisco Umbrella Rank: 18986 lonrtp1.marketo.com — Cisco Umbrella Rank: 72931	124 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	196 KB
31	3

	Domain	Requested by
19	research.jfrog.com	1 redirects research.jfrog.com
5	lonrtp1.marketo.com	research.jfrog.com rtp-static.marketo.com
4	rtp-static.marketo.com	research.jfrog.com
2	www.googletagmanager.com	research.jfrog.com
1	gtm.jfrog.com	www.googletagmanager.com
1	lonrtp1-cdn.marketo.com	research.jfrog.com
31	6

This site contains links to these domains. Also see Links.

Domain
twitter.com
github.com
jfrog.com

Subject Issuer	Validity	Valid
research.jfrog.com R3	`2024-01-02` - `2024-04-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.marketo.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
gtm.jfrog.com GTS CA 1D4	`2024-01-13` - `2024-04-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Frame ID: 4896A2D8D7FB734F5CFDF039D1CAB8F1
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MLflow untrusted dataset XSS | JFSA-2024-000631932 - JFrog Security Research

Page URL History Show full URLs

http://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/ HTTP 301
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-
vue[.-]([\d.]*\d)[^/]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

5
IPs

3
Countries

724 kB
Transfer

1457 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/JFrogSecurity
Title: Follow JFrog Security

Search URL Search Domain Scan URL

URL: https://github.com/mlflow/mlflow/pull/10893
Title: Fix PR

Search URL Search Domain Scan URL

URL: https://jfrog.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://jfrog.com/jfrog-cookies-policy/
Title: Cookies Policy

Search URL Search Domain Scan URL

URL: https://jfrog.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/ HTTP 301
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Redirect Chain

http://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/

18 KB
7 KB

417ms
213ms

Document
text/html

185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 8d978f68e9d7d217c6b7080506d565b9fa0112657bc4fa128fbd57d179712d67

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: he-IL,he;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 6819
content-type: text/html; charset=utf-8
date: Tue, 27 Feb 2024 23:55:26 GMT
etag: W/"65dd970d-4636"
expires: Wed, 28 Feb 2024 00:05:25 GMT
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: caab0e91bb61e6a35756e1f335f8aeb163ee2496
x-github-request-id: CC3C:1307D:73D52D9:7603CCC:65DE766B
x-proxy-cache: MISS
x-served-by: cache-mrs1050091-MRS
x-timer: S1709078126.904722,VS0,VE117

Redirect headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 27 Feb 2024 23:55:25 GMT
Location: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Server: GitHub.com
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Fastly-Request-ID: e6a7b84f64ee6a18225aec800d84ad9526bf6789
X-GitHub-Request-Id: CE78:0DD1:419CAD2:42D721A:65DE766D
X-Served-By: cache-mrs10537-MRS
X-Timer: S1709078125.489654,VS0,VE109

GET
H2 200 0.styles.ee79b767.css
research.jfrog.com/assets/css/ 92 KB
59 KB 209ms
207ms Stylesheet
text/css 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 60ff7a3beaced3f2346c7c3b676aece09bfbebeb06d4cdcf8dfbdca943fa407d

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 4b09fa6372581b7a5fc084b4e33f54e23fdd6521
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 60047
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 2A06:981E4:6FE6653:7202970:65DE6952
x-timer: S1709078126.129632,VS0,VE107
etag: W/"65dd970d-16eb5"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:31 GMT

GET
H2 200 app.eab0b0b8.js Show response
research.jfrog.com/assets/js/ 229 KB
90 KB 315ms
314ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/app.eab0b0b8.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 4e12d1b26d5ec76995de768c083e68845af7c080a72a5755fb5106e959bf7552

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: d002e182f81d4fc19c39de5732cfec14e4324d21
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 91706
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: A94C:0E65:17C6992:1832782:65DE6953
x-timer: S1709078126.129605,VS0,VE119
etag: W/"65dd970d-393fb"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:31 GMT

GET
H2 200 page--src--templates--post-vue.a6f69f84.js Show response
research.jfrog.com/assets/js/ 10 KB
4 KB 314ms
313ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--templates--post-vue.a6f69f84.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: ad139faddadf76bbfb0385518f28c1d8b601ae70ce188dc7381b2ebee9b4af1b

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 5af4743e74b9972ef65905bc454558634caa8583
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 3928
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: C13A:0E77:3285D7E:3369B9F:65DE6953
x-timer: S1709078126.129553,VS0,VE110
etag: W/"65dd970d-2608"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:31 GMT

GET
H2 200 page--src--pages--404-vue.77816cba.js
research.jfrog.com/assets/js/ 0
6 KB 223ms
223ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--404-vue.77816cba.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: ec128cf0a81816d2173e1ff807c9b5cd20578044
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 5538
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: FD78:0E6C:5D11FD:5E9975:65DE6953
x-timer: S1709078127.516860,VS0,VE115
etag: W/"65dd970d-1e20"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 page--src--pages--index-vue.459f3137.js
research.jfrog.com/assets/js/ 0
49 KB 210ms
209ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--index-vue.459f3137.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 5d50df2dc7ee80d082fbd69c6825c1b4ddf49599
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 49748
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: A74C:0E9D:4453E08:4594ABF:65DE6951
x-timer: S1709078127.518053,VS0,VE113
etag: W/"65dd970d-19da4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 page--src--pages--index-vue~page--src--pages--malicious-packages-vue.5e25d45d.js
research.jfrog.com/assets/js/ 0
31 KB 257ms
255ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--index-vue~page--src--pages--malicious-packages-vue.5e25d45d.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 6cee65b499ca469911a181724eb5a7b3865c77b3
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 31654
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 5952:0E10:3CD933:3DCE53:65DE6954
x-timer: S1709078127.522559,VS0,VE127
etag: W/"65dd970d-5903f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 page--src--pages--malicious-packages-vue.9848d295.js
research.jfrog.com/assets/js/ 0
4 KB 224ms
223ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--malicious-packages-vue.9848d295.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: ac1069fa65656b16bc846242a1dcfb45e6e3a0f2
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 4278
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: EB1A:0DF4:1AF48D9:1B69A02:65DE6951
x-timer: S1709078127.522525,VS0,VE114
etag: W/"65dd970d-277a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 page--src--pages--oss-vue.18b64a67.js
research.jfrog.com/assets/js/ 0
17 KB 222ms
222ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--oss-vue.18b64a67.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 8eb7c6ac5073a19b733fcf091240f81e5f55d5d7
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 17743
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: A94C:0E65:17C69EB:18327E8:65DE6954
x-timer: S1709078127.522504,VS0,VE111
etag: W/"65dd970d-a5a3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 page--src--pages--vulnerabilities-vue.a81d19e8.js
research.jfrog.com/assets/js/ 0
15 KB 243ms
242ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/page--src--pages--vulnerabilities-vue.a81d19e8.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 41fa8075188a1c76b41761ad3d57902f469653cb
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 14970
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 595E:0E72:2D26840:2DF7C81:65DE6954
x-timer: S1709078127.522477,VS0,VE123
etag: W/"65dd970d-f4e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 vendors~page--src--pages--index-vue.c7ec8625.js
research.jfrog.com/assets/js/ 0
79 KB 224ms
224ms Other
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/js/vendors~page--src--pages--index-vue.c7ec8625.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: de95403da4977d4e6c56b5be8aa5a41f149504f9
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 80417
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 914E:0DD1:40E49CC:421B214:65DE6952
x-timer: S1709078127.522440,VS0,VE116
etag: W/"65dd970d-4a12b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 speedsize-local.js Show response
research.jfrog.com/ 22 KB
7 KB 339ms
337ms Script
application/javascript 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/speedsize-local.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: ac5027e4fd9c4d3ebf93e310d2d1e766b6260ed27ca487312bf4134c0f88fed9

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: 47c686100aa7e84cae24d2aa84cf50d6a0087d71
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 6622
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: ABDC:2F3E55:927CCE6:952AB7B:65DE6953
x-timer: S1709078126.161406,VS0,VE112
etag: W/"65dd970d-578c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:31 GMT

GET
H2 200 jfrog-logo-svg.5788598.74a3bea875bf053c65a0663c9ec9a0fd.svg
research.jfrog.com/assets/static/ 7 KB
3 KB 338ms
337ms Image
image/svg+xml 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.jfrog.com/assets/static/jfrog-logo-svg.5788598.74a3bea875bf053c65a0663c9ec9a0fd.svg
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 55b4a50612be7be04e3666639848b92dd23e6b07138f6bcb0e9d5c0b6bb2dd8d

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-fastly-request-id: d0d2258ca5488045de7fac15bd64757ab1891f8e
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 3185
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 81C8:981E4:6FE66C4:72029E3:65DE6952
x-timer: S1709078126.161386,VS0,VE115
etag: W/"65dd970d-1add"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 369 KB
109 KB 376ms
139ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T6MF8M

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d2b38468c9a6f18bbc8bf8b2b2d9f792857abd9f3c197978aefe643fca619f34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110885
x-xss-protection: 0
last-modified: Tue, 27 Feb 2024 22:15:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Feb 2024 23:55:26 GMT

GET
H2 200 roboto-latin-400-normal.aa23b7b4.woff2
research.jfrog.com/assets/fonts/ 15 KB
15 KB 198ms
197ms Font
font/woff2 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/fonts/roboto-latin-400-normal.aa23b7b4.woff2
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Origin: https://research.jfrog.com
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: eb6107def177aec9efcf92ef62235f08a5c9ecee
date: Tue, 27 Feb 2024 23:55:26 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 15688
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 6700:2D2E2C:3E7857:3F7BA6:65DE6952
x-timer: S1709078127.596215,VS0,VE101
etag: "65dd970d-3d48"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 roboto-latin-700-normal.bf28241e.woff2
research.jfrog.com/assets/fonts/ 15 KB
16 KB 222ms
222ms Font
font/woff2 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/fonts/roboto-latin-700-normal.bf28241e.woff2
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: 0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer: https://research.jfrog.com/assets/css/0.styles.ee79b767.css
Origin: https://research.jfrog.com
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: f29578ded0786510655dbb3de101ed6a40260e03
date: Tue, 27 Feb 2024 23:55:26 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 15828
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: E746:981E4:6FE66AD:72029D5:65DE6953
x-timer: S1709078127.596196,VS0,VE125
etag: "65dd970d-3dd4"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 twitter.e0519be.9769aec62433fd58c76ad32c2d613842.svg
research.jfrog.com/assets/static/ 2 KB
1 KB 208ms
207ms Image
image/svg+xml 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://research.jfrog.com/assets/static/twitter.e0519be.9769aec62433fd58c76ad32c2d613842.svg
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: fe8231bb10228e33951b2fa88d60bc4daccaddaba86a9819ec37810b2714f12f

Request headers

width: 14
Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 5ee0daa7052aa8158a8d645eb5c2e5871622975e
date: Tue, 27 Feb 2024 23:55:26 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 1162
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 86A2:981E4:6FE66C5:72029E4:65DE694F
x-timer: S1709078127.604704,VS0,VE111
etag: W/"65dd970d-8bb"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 index.json
research.jfrog.com/assets/data/ 0
203 B 229ms
229ms Other
application/json 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/data/index.json
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 5e27c281f3761bbd005553e2fd3e8d1f6d1dae35
date: Tue, 27 Feb 2024 23:55:26 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 76
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 29FE:0DF4:455688C:469FB3C:65DE6954
x-timer: S1709078127.863063,VS0,VE127
etag: "65dd970d-4c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 index.json
research.jfrog.com/assets/data/vulnerabilities/ 0
261 B 223ms
223ms Other
application/json 185.199.109.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://research.jfrog.com/assets/data/vulnerabilities/index.json
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.109.153 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-109-153.github.com
Software: GitHub.com /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://research.jfrog.com/vulnerabilities/mlflow-untrusted-dataset-xss-jfsa-2024-000631932/
dpr: 1
accept-language: he-IL,he;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
viewport-width: 1600

Response headers

x-fastly-request-id: 360db2b93293c9df4d1a71e963362995af571234
date: Tue, 27 Feb 2024 23:55:26 GMT
via: 1.1 varnish
x-cache-hits: 1
age: 0
x-cache: HIT
x-proxy-cache: MISS
content-length: 76
x-served-by: cache-mrs1050091-MRS
last-modified: Tue, 27 Feb 2024 08:02:21 GMT
server: GitHub.com
x-github-request-id: 89B4:1307D:731490D:753F3CB:65DE6954
x-timer: S1709078127.863067,VS0,VE120
etag: "65dd970d-4c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
expires: Tue, 27 Feb 2024 23:09:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
87 KB 135ms
134ms Script
application/javascript 142.250.186.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SQ1NR9VTFJ&l=dataLayer&cx=c

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5e8db02ea46111606594050d3e2d25ec2b3ed1b8ef85a53877a11ec01262ac6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:55:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89229
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 23:55:27 GMT

GET
H/1.1 200
OK rtp.js Show response
lonrtp1-cdn.marketo.com/rtp-api/v1/ 155 KB
42 KB 423ms
169ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1-cdn.marketo.com/rtp-api/v1/rtp.js?aid=jfrog

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-63-218.deploy.static.akamaitechnologies.com

Software

Jetty(9.4.45.v20220203) /

Resource Hash

d6c503df73be4c3a093c3cd889641fab52b6c62a62bcb5d05ba5fb9c65cca6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
Date: Tue, 27 Feb 2024 23:55:27 GMT
Last-Modified: Tue, 09 Jan 2024 23:25:17 GMT
Server: Jetty(9.4.45.v20220203)
Vary: Accept-Encoding
Content-Type: application/x-javascript; charset=UTF-8
Cache-Control: public, max-age=30
Connection: keep-alive
Content-Length: 42855

GET
H2 200 collect Show response
gtm.jfrog.com/g/ 65 B
698 B 740ms
556ms XHR
text/plain 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.jfrog.com/g/collect?v=2&tid=G-SQ1NR9VTFJ&gtm=45je42q1v870433402z86251793za200&_p=1709078126499&gcd=13l3l3l3l1&npa=0&dma=0&cid=1407223070.1709078127&ul=en-us&sr=1600x1200&_fplc=0&ur=IL-TA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&sst.uc=IL&sst.etld=google.co.il&sst.gcd=13l3l3l3l1&sst.tft=1709078126499&_s=1&sid=1709078127&sct=1&seg=0&dl=https%3A%2F%2Fresearch.jfrog.com%2Fvulnerabilities%2Fmlflow-untrusted-dataset-xss-jfsa-2024-000631932%2F&dt=MLflow%20untrusted%20dataset%20XSS%20%7C%20JFSA-2024-000631932%20-%20JFrog%20Security%20Research&en=page_view&_fv=1&_nsi=1&_ss=1&ep.tracking_environment=production&tfd=1951&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SQ1NR9VTFJ&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2415.1e100.net

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 23:55:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: https://research.jfrog.com
cache-control: no-cache
access-control-allow-credentials: true

GET
H/1.1 200
OK jquery.min.js Show response
rtp-static.marketo.com/rtp/libs/jquery/1.8.3/ 91 KB
33 KB 398ms
166ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery/1.8.3/jquery.min.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 07 Sep 2015 11:20:15 GMT
Server: AkamaiNetStorage
ETag: "3576a6e73c9dccdbbc4a2cf8ff544ad7:1441624815"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 33467

GET
H/1.1 200
OK jquery-ui-insightera-custom-1.9.6.css
rtp-static.marketo.com/rtp/libs/ 22 KB
4 KB 343ms
112ms Stylesheet
text/css 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jquery-ui-insightera-custom-1.9.6.css
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:27 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Nov 2017 08:57:42 GMT
Server: AkamaiNetStorage
ETag: "7f5b0bee9b1f7af8413b351cbceca223:1510045062"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 3752

GET
H/1.1 200
OK trw Show response
lonrtp1.marketo.com/gw1/ 0
436 B 556ms
117ms Script
application/x-javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/trw?aid=jfrog&trwv.uid=jfrog-1709078127549-b040ded9&trwv.vc=1&trwsa.sid=jfrog-1709078127550-95055490&trwsb.cpv=1&ctzo=+02:00&uri=https%3A%2F%2Fresearch.jfrog.com%2Fvulnerabilities%2Fmlflow-untrusted-dataset-xss-jfsa-2024-000631932%2F&pm=&viewedTypes=&rts=1709078127552

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:28 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: application/x-javascript;charset=utf-8

GET
H/1.1 200
OK ga-integration-2.0.5.js Show response
rtp-static.marketo.com/rtp/libs/ 18 KB
6 KB 341ms
114ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:27 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2023 08:00:53 GMT
Server: AkamaiNetStorage
ETag: "18a7b0f60655900c0010a35d07b9da0f:1686816053.163727"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 5654

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
427 B 516ms
120ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=jfrog-1709078127550-95055490&aid=jfrog&viewedTypes=&0.6827580031060887&rts=1709078127603

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:28 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK jquery-custom-ui.min.js Show response
rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/ 126 KB
35 KB 140ms
139ms Script
application/x-javascript 23.37.63.218
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rtp-static.marketo.com/rtp/libs/jqueryui/1.9.2f/jquery-custom-ui.min.js
Requested by: Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.218 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-218.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Jan 2018 12:54:21 GMT
Server: AkamaiNetStorage
ETag: "5a9f8dd85d85afd20544bd437a505338:1515502461"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 35484

GET
H/1.1 200
OK msg Show response
lonrtp1.marketo.com/gw1/ 0
427 B 359ms
126ms Script
text/javascript 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/msg?a=2&sid=jfrog-1709078127550-95055490&aid=jfrog&viewedTypes=&0.18362729367278008&rts=1709078128110

Requested by

Host: research.jfrog.com
URL: https://research.jfrog.com/speedsize-local.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:28 GMT
Cache-Control: no-cache
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Connection: close
Content-Length: 0
Content-Type: text/javascript;charset=utf-8

GET
H/1.1 200
OK visitor Show response
lonrtp1.marketo.com/gw1/rtp/api/v1_1/ 904 B
2 KB 472ms
119ms XHR
application/json 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/rtp/api/v1_1/visitor?sid=jfrog-1709078127550-95055490&aid=jfrog&1709078128480

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

865b5bb8206915cb78af5b067bbb9e15dacd29b76fb1017928221f82016ebb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: No-cache
Date: Tue, 27 Feb 2024 23:55:28 GMT
Strict-Transport-Security: max-age=63113904
Last-Modified: Tue Feb 27 17:55:28 CST 2024
Server: Jetty(9.4.45.v20220203)
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://research.jfrog.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sgm Show response
lonrtp1.marketo.com/gw1/ga/ 48 B
502 B 470ms
118ms XHR
text/json 162.13.202.201
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL

https://lonrtp1.marketo.com/gw1/ga/sgm?sid=jfrog-1709078127550-95055490&1709078128481

Requested by

Host: rtp-static.marketo.com
URL: https://rtp-static.marketo.com/rtp/libs/ga-integration-2.0.5.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

162.13.202.201 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),

Reverse DNS

Software

Jetty(9.4.45.v20220203) /

Resource Hash

25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904

Request headers

accept-language: he-IL,he;q=0.9
Referer: https://research.jfrog.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 23:55:28 GMT
Strict-Transport-Security: max-age=63113904
Server: Jetty(9.4.45.v20220203)
Content-Type: text/json;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Length: 48

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jfrog.com/	1970-01-21 04:20:38	Name: _ga_SQ1NR9VTFJ Value: GS1.1.1709078127.1.0.1709078127.0.0.0
.jfrog.com/	1970-01-21 04:20:38	Name: _ga Value: GA1.1.1407223070.1709078127
.jfrog.com/	1970-01-21 04:20:38	Name: trwv.uid Value: jfrog-1709078127549-b040ded9%3A1
.jfrog.com/	1970-01-20 18:44:39	Name: trwsa.sid Value: jfrog-1709078127550-95055490%3A1
.jfrog.com/	1970-01-21 04:20:38	Name: FPID Value: FPID2.2.T6cJQNVsN0IlIgkJGia2Y0XnWTIeKmgn%2B5PurXyH%2BBs%3D.1709078127
.jfrog.com/	1970-01-20 18:45:50	Name: FPLC Value: A1MQekNryc6oPStWQXo3f0A4DmySAZ%2Bqmb1Djeo%2BBEb59fDnAQKaMizsoxflZnrUuUTFBSePL%2FkYEagn%2BRfhUgoNZEuS1CKG9QvIs7LMRbRaYl9r7TsmRcwslS0U0g%3D%3D
.jfrog.com/	1969-12-31 23:59:59	Name: gtmIdnts Value: %7B%22ga_cid%22%3A%221407223070.1709078127%22%2C%22ga_fpid%22%3A%22T6cJQNVsN0IlIgkJGia2Y0XnWTIeKmgn%2B5PurXyH%2BBs%3D.1709078127%22%2C%22ga_session_id%22%3A%221709078127%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

gtm.jfrog.com
lonrtp1-cdn.marketo.com
lonrtp1.marketo.com
research.jfrog.com
rtp-static.marketo.com
www.googletagmanager.com
142.250.186.40
162.13.202.201
185.199.109.153
216.239.36.21
23.37.63.218
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
25b4e974dc91d718d1b66bf120388c20da6dfd3a886ec8401af1c269dd169a44
339b2b60e94b6dc169fd9e5b68ac16b1ca08ef6a4968e98a0f43c2add405e79a
35f273e01e70db780ae423347dffecfc27cc348ba4abbd6099331559a7c5cd31
4e12d1b26d5ec76995de768c083e68845af7c080a72a5755fb5106e959bf7552
55b4a50612be7be04e3666639848b92dd23e6b07138f6bcb0e9d5c0b6bb2dd8d
5e8db02ea46111606594050d3e2d25ec2b3ed1b8ef85a53877a11ec01262ac6d
60ff7a3beaced3f2346c7c3b676aece09bfbebeb06d4cdcf8dfbdca943fa407d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
865b5bb8206915cb78af5b067bbb9e15dacd29b76fb1017928221f82016ebb60
8d978f68e9d7d217c6b7080506d565b9fa0112657bc4fa128fbd57d179712d67
ac5027e4fd9c4d3ebf93e310d2d1e766b6260ed27ca487312bf4134c0f88fed9
ad139faddadf76bbfb0385518f28c1d8b601ae70ce188dc7381b2ebee9b4af1b
bf6806d8c92e228249230195772afe2e68791d52763b782be9aa2855fab3b641
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d2b38468c9a6f18bbc8bf8b2b2d9f792857abd9f3c197978aefe643fca619f34
d6c503df73be4c3a093c3cd889641fab52b6c62a62bcb5d05ba5fb9c65cca6b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
fe8231bb10228e33951b2fa88d60bc4daccaddaba86a9819ec37810b2714f12f

research.jfrog.com Open in urlscan Pro 185.199.109.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

31 Requests

100 %HTTPS

0 %IPv6

3 Domains

6 Subdomains

5 IPs

3 Countries

724 kBTransfer

1457 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

research.jfrog.com Open in urlscan Pro
185.199.109.153 Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

5
IPs

3
Countries

724 kB
Transfer

1457 kB
Size

7
Cookies

31 HTTP transactions
0 data transactions