www.fastly.com Open in urlscan Pro
2a04:4e42:600::313 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Submission: On June 02 via api (June 2nd 2024, 9:29:17 am UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 27 domains to perform 139 HTTP transactions. The main IP is 2a04:4e42:600::313, located in United States and belongs to FASTLY, US. The main domain is www.fastly.com. The Cisco Umbrella rank of the primary domain is 456434.
TLS certificate: Issued by Certainly Intermediate R1 on May 30th 2024. Valid for: a month.

This is the only time www.fastly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a04:4e42:600... 2a04:4e42:600::313	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
1 75	151.101.193.57 151.101.193.57	54113 (FASTLY) (FASTLY)
4	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.230.228.8 54.230.228.8	16509 (AMAZON-02) (AMAZON-02)
6	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	18.66.192.93 18.66.192.93	16509 (AMAZON-02) (AMAZON-02)
1 2	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6813:b134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
1	151.101.66.91 151.101.66.91	54113 (FASTLY) (FASTLY)
2	2606:4700:440... 2606:4700:4400::ac40:90e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.150.44 172.64.150.44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:973c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	104.16.118.43 104.16.118.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:237... 2600:9000:237d:6c00:4:8491:f2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2 3	18.207.58.146 18.207.58.146	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.224.237.84 34.224.237.84	14618 (AMAZON-AES) (AMAZON-AES)
139	30

4 2a04:4e42:600::313 (United States)

ASN54113 (FASTLY, US)

www.fastly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

client-registry.mutinycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 151.101.193.57 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

www.fastly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.228.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-8.muc50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1025883.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

025-xko-469.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-93.muc50.r.cloudfront.net

rc-widget-frame.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::729 (United States) 1 redirects

ASN54113 (FASTLY, US)

fiddle.fastlydemo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiddle.fastly.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:90e1 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.150.44 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:973c (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:6c00:4:8491:f2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.207.58.146 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-58-146.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.237.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-237-84.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	fastly.com 1 redirects www.fastly.com — Cisco Umbrella Rank: 456434	1 MB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 312	127 KB
6	sentry.io o1025883.ingest.sentry.io	570 B
5	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 23885 aorta.clickagy.com — Cisco Umbrella Rank: 2218 hemsync.clickagy.com — Cisco Umbrella Rank: 20348	15 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 11817 ws.zoominfo.com — Cisco Umbrella Rank: 4715	31 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7752	26 KB
4	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3868	6 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 26104 ibc-flow.techtarget.com — Cisco Umbrella Rank: 23444	2 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 6903	4 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 5864 rc-widget-frame.js.driftt.com — Cisco Umbrella Rank: 106213 Failed	60 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	223 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 669	684 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1370 insight.adsrvr.org — Cisco Umbrella Rank: 691	5 KB
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 7754	1 KB
2	mutinycdn.com client-registry.mutinycdn.com — Cisco Umbrella Rank: 18650	17 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 456	98 B
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	254 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095	245 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 11942	203 B
1	fastly-insights.com www.fastly-insights.com — Cisco Umbrella Rank: 8414	676 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	295 B
1	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 6908	9 KB
1	fastly.dev fiddle.fastly.dev	3 KB
1	fastlydemo.net 1 redirects fiddle.fastlydemo.net	205 B
1	mktoresp.com 025-xko-469.mktoresp.com Failed	318 B
0	company-target.com Failed api.company-target.com Failed
139	27

	Domain	Requested by
79	www.fastly.com	1 redirects www.fastly.com
6	cdn.cookielaw.org	www.fastly.com cdn.cookielaw.org
6	o1025883.ingest.sentry.io	www.fastly.com
4	ws.zoominfo.com	www.fastly.com
4	cdn.bizible.com	www.googletagmanager.com cdn.bizible.com
4	munchkin.marketo.net	www.fastly.com munchkin.marketo.net
3	aorta.clickagy.com	2 redirects www.fastly.com
3	js.zi-scripts.com	www.fastly.com
3	www.googletagmanager.com	www.fastly.com www.googletagmanager.com
2	pixel-sync.sitescout.com	2 redirects
2	ibc-flow.techtarget.com	www.fastly.com
2	tracking.g2crowd.com	www.fastly.com tracking.g2crowd.com
2	js.driftt.com	www.fastly.com
2	client-registry.mutinycdn.com	www.fastly.com
1	hemsync.clickagy.com	www.fastly.com
1	idsync.rlcdn.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	insight.adsrvr.org	js.adsrvr.org
1	js.adsrvr.org	www.fastly.com
1	tags.clickagy.com	www.fastly.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	cdn.bizibly.com
1	trk.techtarget.com	www.fastly.com
1	www.fastly-insights.com	www.googletagmanager.com
1	geolocation.onetrust.com	www.fastly.com
1	cdn.speedcurve.com	www.fastly.com
1	fiddle.fastly.dev
1	fiddle.fastlydemo.net	1 redirects
1	rc-widget-frame.js.driftt.com	js.driftt.com
1	025-xko-469.mktoresp.com	munchkin.marketo.net
0	api.company-target.com Failed	www.fastly.com
139	33

This site contains links to these domains. Also see Links.

Domain
support.fastly.com
manage.fastly.com
www.wordfence.com
patchstack.com
wpscan.com
blog.sucuri.net
wordpress.org
www.joomunited.com
www.facebook.com
twitter.com
www.linkedin.com
www.fastlystatus.com
investors.fastly.com
www.twitter.com
www.instagram.com
www.youtube.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.fastly.com Certainly Intermediate R1	`2024-05-30` - `2024-06-29`	a month	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
client-registry.mutinycdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.drift.com Amazon RSA 2048 M03	`2024-06-02` - `2025-06-30`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-21` - `2025-02-21`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
fastly-insights.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-20` - `2025-01-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-24` - `2024-07-23`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
trk.techtarget.com GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
zoominfo.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.clickagy.com Amazon ECDSA 256 M02	`2023-09-22` - `2024-10-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.de WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Frame ID: 8980BE8D797FE913FA49B218952930E5
Requests: 138 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=c198e648-4f91-4280-b074-9d0e0e4dfb76&sessionStarted=1717320552.245&campaignRefreshToken=05d93699-b478-4259-9027-0bf5ce57b10c&pageLoadStartTime=1717320551718&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F
Frame ID: C58D320D4AAC968194C597EF7B152FC4
Requests: 1 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=c198e648-4f91-4280-b074-9d0e0e4dfb76&sessionStarted=1717320552.245&campaignRefreshToken=05d93699-b478-4259-9027-0bf5ce57b10c&pageLoadStartTime=1717320552282&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F
Frame ID: A7C9C47C00EC8C9516A0D5189CD62CB6
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=siw7zzj&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&upid=srcqgs0&upv=1.1.0
Frame ID: 449B7F64FCECE476D1F8C1918AA2A6DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ HTTP 301
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

139
Requests

95 %
HTTPS

33 %
IPv6

27
Domains

33
Subdomains

30
IPs

4
Countries

1709 kB
Transfer

7616 kB
Size

21
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://support.fastly.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: https://manage.fastly.com/
Title: Einloggen

Search URL Search Domain Scan URL

URL: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-statistics/wp-statistics-145-unauthenticated-stored-cross-site-scripting
Title: CVE-2024-2194

Search URL Search Domain Scan URL

URL: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-meta-seo/wp-meta-seo-4512-unauthenticated-stored-cross-site-scripting-via-referer-header
Title: CVE-2023-6961

Search URL Search Domain Scan URL

URL: https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-site-wide-stored-xss-vulnerability/
Title: CVE-2023-40000

Search URL Search Domain Scan URL

URL: https://wpscan.com/blog/surge-of-javascript-malware-in-sites-with-vulnerable-versions-of-litespeed-cache-plugin/
Title: 1

Search URL Search Domain Scan URL

URL: https://blog.sucuri.net/2023/10/balada-injector-targets-unpatched-tagdiv-plugin-newspaper-theme-wordpress-admins.html
Title: 2

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-statistics/
Title: WP Statistics plugin

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-statistics/advanced/
Title: versions lower than 14.5

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-meta-seo
Title: WP Meta SEO plugin

Search URL Search Domain Scan URL

URL: https://www.joomunited.com/wordpress-products/wp-meta-seo/404-errors-and-url-redirect-manager
Title: 404 & Redirects page

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-meta-seo/advanced/
Title: versions lower than 4.5

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/litespeed-cache/
Title: LiteSpeed Cache plugin

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/litespeed-cache/advanced/
Title: versions lower than 5.7

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/&text=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins&url=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/

Search URL Search Domain Scan URL

URL: https://www.fastlystatus.com/
Title: Netzwerkstatus

Search URL Search Domain Scan URL

URL: https://investors.fastly.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fastly
Title: X

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fastly
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fastlyinc
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2Zx8R9llwwyNBB6thfIwxg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ HTTP 301
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95

https://fiddle.fastlydemo.net/embed.js HTTP 301
https://fiddle.fastly.dev/embed.js

Request Chain 136

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D HTTP 302
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=42a89b82-5a75-4d65-8a8b-dc65b9ea7ae4-665c3b6b-5553 HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:e69c34ed160fa7c44916263282be062c

139 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Show response
www.fastly.com/blog/ 634 KB
91 KB 566ms
362ms Document
text/html 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1a951a913aded15ba2df0b9d208bcbf7f3dc3fbddf6cffd7c660bfdcb7e80026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=0, must-revalidate
content-encoding: gzip
content-length: 93013
content-type: text/html
date: Sun, 02 Jun 2024 09:29:11 GMT
etag: "fb1f1170405d0564af8e21a385ace66a"
link: </g-static/fonts/subsetting/inter-var.woff2>; rel=preload; as=font; crossorigin; nopush, <https://user-data.mutinycdn.com>; rel=preconnect, <https://client.mutinycdn.com>; rel=preconnect, <https://client-registry.mutinycdn.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect
server: Artisanal bits
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-sjc1000115-SJC, cache-sjc1000097-SJC, cache-cph2320034-CPH
x-timer: S1717320551.216742,VS0,VE169
x-xss-protection: 1; mode=block

GET
H2 200 inter-var.woff2
www.fastly.com/g-static/fonts/subsetting/ 77 KB
77 KB 152ms
151ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/subsetting/inter-var.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37bb2fe07156e83bf66ed1214d5f27cae6bdd70549affa70372b82a9c6689ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000110-SJC, cache-sjc1000104-SJC, cache-cph2320034-CPH
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.586856,VS0,VE2
etag: "c74946b05a04c9302636cc6106891bbd"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 78400
x-cache-hits: 0, 178, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 415 KB
121 KB 167ms
78ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ccaa9c19f55a6620ce82fa5494a062817ceb3cd72fdf58c59114e409aafd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123349
x-xss-protection: 0
last-modified: Sun, 02 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Jun 2024 09:29:11 GMT

GET
H2 200 b20024ac5582424c.js Show response
client-registry.mutinycdn.com/personalize/client/ 52 KB
17 KB 139ms
39ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/b20024ac5582424c.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c76a9cb437eb62c4dd5a2ff9f6d2e3835a73dacee48687c63735220e081b8265

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Blyb2XtH3GZWPKbWYJYl9H6StrOswdlh
x-continent-code: EU
content-encoding: gzip
date: Sun, 02 Jun 2024 09:29:11 GMT
via: 1.1 varnish
x-edge-region: EU-East
x-amz-request-id: 2MTYT07ZG5ZPH2PX
age: 1820
x-amz-server-side-encryption: AES256
x-cache: HIT
x-edge-datacenter: FRA
content-length: 17034
x-amz-id-2: ALmavs+KK6snt9/FVLxKzN34rM4Gjams7MWPPANH6xE3Akd2WTXIu5VuIXu5WyhMN61oEKNdgrJMSdc2JAFdYQ==
x-served-by: cache-fra-etou8220124-FRA
x-connection-speed: broadband
last-modified: Fri, 31 May 2024 23:38:22 GMT
server: AmazonS3
etag: "5484c522dc31653f98944694891165ce"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=3600, max-age=0
vary: X-Continent-Code, Accept-Encoding
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 0

GET
H3 200 icon-social-facebook.svg
www.fastly.com/g-static/icons/ 597 B
668 B 41ms
41ms Image
image/svg+xml 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-facebook.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10030-SJC, cache-sjc1000088-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.741233,VS0,VE2
etag: "bb1c97bce60b58d56b793de7b4a4bc13"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 359
x-cache-hits: 0, 4, 0

GET
H3 200 icon-social-twitter.svg
www.fastly.com/g-static/icons/ 1 KB
1 KB 42ms
42ms Image
image/svg+xml 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-twitter.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10056-SJC, cache-sjc1000137-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.741422,VS0,VE2
etag: "337117f8ea61b8fe03a5e612e8314180"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
x-cache-hits: 0, 3, 0

GET
H3 200 icon-social-LinkedIn.svg
www.fastly.com/g-static/icons/ 781 B
732 B 42ms
42ms Image
image/svg+xml 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-LinkedIn.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10052-SJC, cache-sjc1000097-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.784635,VS0,VE3
etag: "de1e54a0a64e58525dbe0884c382f63a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 424
x-cache-hits: 0, 3, 0

GET
H3 200 webpack-runtime-94e7fd591bb71c05bae2.js Show response
www.fastly.com/ 17 KB
8 KB 41ms
40ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

13992cc34551fe0f87641b400b3c0b44d2342de47610eccf6e8a80c0b7e5f376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10068-SJC, cache-sjc10063-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.882610,VS0,VE2
etag: "046ae120cc70c85ed101223139420064"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7648
x-cache-hits: 0, 0, 0

GET
H3 200 framework-151fc19b9b9ac4505994.js Show response
www.fastly.com/ 142 KB
45 KB 42ms
41ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

b9561116be07dfb5c239a4ff5c9414c8ffc316835e8122265b4c2b73321e04f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10050-SJC, cache-sjc1000096-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.884883,VS0,VE2
etag: "ef8201535fcede2bc23ee156acaef19b"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45805
x-cache-hits: 0, 1, 0

GET
H3 200 252f366e-d1aa38507652cb741e60.js Show response
www.fastly.com/ 1 KB
780 B 41ms
40ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/252f366e-d1aa38507652cb741e60.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

17fec48aa0d675502c93181d7307ca32e12378e24c21eec53a9f40d604017493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000094-SJC, cache-sjc10041-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885319,VS0,VE1
etag: "697ad6d43c89541e8b393a6a89e2e9ef"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 471
x-cache-hits: 0, 1, 0

GET
H3 200 2c56e427-01361d4940eeadfd165c.js Show response
www.fastly.com/ 277 KB
85 KB 42ms
42ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/2c56e427-01361d4940eeadfd165c.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cd182f3a350ac2d27a4ec5de75d7f39315f31c83db302387deaa56cd48f08fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000142-SJC, cache-sjc1000088-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885583,VS0,VE1
etag: "715d965f78523bf90b11bc8855091ddd"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 86505
x-cache-hits: 0, 2, 0

GET
H3 200 f344f784-59cf6dfaf4313f3a2695.js Show response
www.fastly.com/ 307 KB
89 KB 122ms
122ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/f344f784-59cf6dfaf4313f3a2695.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d83f00e53d435070c5a0d3ff2fa641dbe8c407d9fc754403da515ca52fc4ea0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000147-SJC, cache-sjc10045-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885530,VS0,VE2
etag: "a5050db0b9208146b92bcae8eb2ca082"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 91303
x-cache-hits: 0, 1, 0

GET
H3 200 app-581006721eb7e73b827b.js Show response
www.fastly.com/ 565 KB
184 KB 156ms
155ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/app-581006721eb7e73b827b.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5cc5c15991ca00035f86af72fc4e7fa535af6208351b654d5b875af761ca4319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000113-SJC, cache-sjc1000137-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885549,VS0,VE3
etag: "5c2958192e677dce94e59ef23aa8e1fb"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 187602
x-cache-hits: 0, 0, 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 130ms
42ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 09:29:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 x2ugb2nh7dxy.js
js.driftt.com/include/1717320600000/ 212 KB
60 KB 328ms
213ms Script
application/javascript 54.230.228.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1717320600000/x2ugb2nh7dxy.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-8.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 69ceaf2914bd01ec0e3201288b80afe2.cloudfront.net (CloudFront), 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
x-amz-cf-pop: IAD61-P3, MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 52
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iNvfTia2KPPCsauUa9o82qunK1QIjgUjVV2gijKIaTVBCfIaQtoQZg==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445c32c2df2239bda46c6e62b2a6de1eb0abb24b03675b4047a435c0c24c47ad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1

Request headers

Referer
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2
www.fastly.com/static/ 56 KB
56 KB 46ms
45ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1ba7f7e31ef37d69f9541a2af99984deed19867ab8f8a24d53da8c5b47b47cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000138-SJC, cache-sjc1000093-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916790,VS0,VE2
etag: "f2a8ff0942c38a6325df9a0f60277e93"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56868
x-cache-hits: 0, 0, 0

GET
H3 200 ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2
www.fastly.com/static/ 59 KB
59 KB 50ms
49ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37e8818124561754e1c997013c3bfebfa1e87ec9338148293f7d3870d8e2ae83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10079-SJC, cache-sjc10073-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916401,VS0,VE2
etag: "5d684e67bb303b33d0fc0303d91e76af"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59992
x-cache-hits: 0, 0, 0

GET
H3 200 roboto.woff2
www.fastly.com/g-static/fonts/ 12 KB
12 KB 86ms
85ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/roboto.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000144-SJC, cache-sjc1000106-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916738,VS0,VE2
etag: "d8ab6e6b16f310580e0570584c0ce6d4"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12312
x-cache-hits: 0, 1, 0

GET
H3 200 ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2
www.fastly.com/static/ 56 KB
57 KB 86ms
86ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3109a1a489eb6cf9429c02f62539fbfeac0a730ac3e25b157afc28def5689b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10039-SJC, cache-sjc1000145-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916125,VS0,VE2
etag: "3846fe18ab988be9b98be555ee4c964a"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57832
x-cache-hits: 0, 0, 0

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 836 B
1 KB 130ms
130ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300705
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=836 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 836
x-served-by: cache-sjc10022-SJC, cache-sjc1000093-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914654,VS0,VE2
etag: "w55cncqW7lRXrIFtJk8yEl9DSKBo8EwB3DHcPnGO0tU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 8, 0

GET
H3 200 simran.jpeg
www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/ 699 B
1 KB 131ms
130ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/simran.jpeg?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

14ab9cffba365eab7420a6e75f65bfe85308431fbeb48fb308d21c9b426a5242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300708
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=200562 idim=1024x1024 ifmt=jpeg ofsz=699 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 699
x-served-by: cache-sjc10035-SJC, cache-sjc10044-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914916,VS0,VE2
etag: "Z4x+XkgdmixRHKgUoQj69tvDojC5hFuAhjMFlHbO9Qk"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H3 200 image-20240528-184030.png
www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/ 674 B
1 KB 132ms
131ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/image-20240528-184030.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

773f7d8838ae33fd62fa7cc873009886716e07091a869edbc379fbf9c1121077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300701
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=194268 idim=480x480 ifmt=png ofsz=674 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 674
x-served-by: cache-sjc1000084-SJC, cache-sjc1000114-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914883,VS0,VE2
etag: "wUlyWlxio7aaQu5scBLaIYhCqH3vsIWHvFcT3bX98dI"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H3 200 image-20240528-195447.png
www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/ 800 B
1 KB 131ms
131ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/image-20240528-195447.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

b7a9abff26f10f1da273ea00346283c5aaf8a44042085661d64d2eabb1d2a9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300714
x-cache: Miss from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=3004007 idim=1345x989 ifmt=png ofsz=800 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 800
x-served-by: cache-sjc10053-SJC, cache-sjc1000104-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914867,VS0,VE2
etag: "D8DsvJ288YRVI170Gua2jkFVuVVxywSmBkX53XA927U"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 40ms
40ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 09:29:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Tue, 10 Sep 2024 09:29:12 GMT

POST
H2 200 /
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
308 B 161ms
42ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-data.json Show response
www.fastly.com/page-data/ 50 B
366 B 40ms
40ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/app-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9792bfec70a56c776df59dac10da133724e4f66a1bb5e1be74f0704a0130466e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10079-SJC, cache-sjc1000113-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.119904,VS0,VE1
etag: "3f184d6abeff47de387766eef1d1c66e"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70
x-cache-hits: 0, 2, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ 52 KB
13 KB 41ms
41ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

da5ffaa3ecfb62fb9e1d58ed51468eee919fdcb3bdc24990f1c921c3390f78c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000121-SJC, cache-sjc10026-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.120226,VS0,VE1
etag: "2ecdb848f10352f37f2b1b4ebf111bca"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12812
x-cache-hits: 0, 0, 0

POST visitWebPage
025-xko-469.mktoresp.com/webevents/ 0
0

GET
H3 200 43a66a61-c84aa95f2ddfba93c469.js Show response
www.fastly.com/ 16 KB
5 KB 41ms
41ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/43a66a61-c84aa95f2ddfba93c469.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe8ee1e74a19f26f635bfd0127127df11580dede6ad1878cc864d3686bab6ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000089-SJC, cache-sjc10031-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.163285,VS0,VE2
etag: "9c542dba9b59eb4a08ab445bed9e9901"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4424
x-cache-hits: 0, 0, 0

GET
H3 200 commons-d15e4fa94351ced85b96.js Show response
www.fastly.com/ 13 KB
5 KB 40ms
40ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/commons-d15e4fa94351ced85b96.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0ba0a6dc3b6c35adbbfbe6986c9284b130a088b99194c538059986b46e4b982c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10052-SJC, cache-sjc10043-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.163365,VS0,VE2
etag: "f8813d8fa5ac68732927c160f7fbdc88"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4955
x-cache-hits: 0, 1, 0

GET
H3 200 component---src-templates-blog-post-js-866d3397ebbb89925494.js Show response
www.fastly.com/ 10 KB
4 KB 42ms
42ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/component---src-templates-blog-post-js-866d3397ebbb89925494.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

15a056617d74788f1cd880c91661b8682a4dae8a7b732ed83f06a85e916a7951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10050-SJC, cache-sjc10049-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.163605,VS0,VE2
etag: "0546bd48b28535f83eaa05b4df389a39"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3853
x-cache-hits: 0, 0, 0

GET
H3 200 1727377946.json Show response
www.fastly.com/page-data/sq/d/ 61 B
360 B 42ms
42ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1727377946.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000099-SJC, cache-sjc10068-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.164037,VS0,VE2
etag: "620acf1ee1d982fd3abfad3d91e15496"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-cache-hits: 0, 2, 0

GET
H3 200 1831612556.json Show response
www.fastly.com/page-data/sq/d/ 409 B
533 B 43ms
42ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1831612556.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10071-SJC, cache-sjc1000144-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.164018,VS0,VE2
etag: "d23265dab806df0bcfaeae0eb941f680"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 237
x-cache-hits: 0, 2, 1

GET
H3 200 2892375363.json Show response
www.fastly.com/page-data/sq/d/ 35 KB
11 KB 44ms
44ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/2892375363.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

86bf1036789fc9768f23c81cdf61c486b86228a0eddbe232e86a99a96dac5d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10071-SJC, cache-sjc1000134-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.164463,VS0,VE2
etag: "808867d668fa9a7869d09468cd75a89c"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10728
x-cache-hits: 0, 2, 0

GET
H3 200 3715587086.json Show response
www.fastly.com/page-data/sq/d/ 642 B
712 B 45ms
44ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3715587086.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000121-SJC, cache-sjc10075-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.164419,VS0,VE2
etag: "062b895294b682a9dbc9adbe5d97f206"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 415
x-cache-hits: 0, 3, 0

GET
H3 200 3925522448.json Show response
www.fastly.com/page-data/sq/d/ 3 KB
2 KB 45ms
45ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3925522448.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

516e05996b0e9d097fbe55f14bb7948f16a19d043950a88d086975b976593fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000127-SJC, cache-sjc1000132-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.164753,VS0,VE2
etag: "2aa5d94312606b8c9bf40c81d65812c5"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1437
x-cache-hits: 0, 2, 0

GET
H3 200 433030069.json Show response
www.fastly.com/page-data/sq/d/ 316 B
508 B 43ms
43ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/433030069.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cc4abce21cb2be565c9d4ea8b3be9b942b42eee8770694e8a3415e09f0b39803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10040-SJC, cache-sjc1000111-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.164797,VS0,VE2
etag: "b81520dfa11dbb486b097182b19955a5"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 212
x-cache-hits: 0, 2, 0

GET
H3 200 668095159.json
www.fastly.com/page-data/sq/d/ 495 B
605 B 46ms
46ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/668095159.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10047-SJC, cache-sjc10040-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.165080,VS0,VE2
etag: "fc1745b05e609a8bbab6bd072c2caf79"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 310
x-cache-hits: 0, 0, 0

GET
H2

200

Primary Request active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Show response
www.fastly.com/blog/
Redirect Chain

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

634 KB
247 B

41ms
40ms

Document
text/html

2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1a951a913aded15ba2df0b9d208bcbf7f3dc3fbddf6cffd7c660bfdcb7e80026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 93013
content-type: text/html
date: Sun, 02 Jun 2024 09:29:12 GMT
etag: "fb1f1170405d0564af8e21a385ace66a"
link: </g-static/fonts/subsetting/inter-var.woff2>; rel=preload; as=font; crossorigin; nopush, <https://user-data.mutinycdn.com>; rel=preconnect, <https://client.mutinycdn.com>; rel=preconnect, <https://client-registry.mutinycdn.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect
server: Artisanal bits
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-etou8220074-FRA
x-timer: S1717320552.258263,VS0,VE2
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sun, 02 Jun 2024 09:29:12 GMT
location: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
retry-after: 0
server: Artisanal bits
strict-transport-security: max-age=31536000
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220074-FRA

GET core
rc-widget-frame.js.driftt.com/ Frame C58D 0
0

GET
H2 200 inter-var.woff2
www.fastly.com/g-static/fonts/subsetting/ 77 KB
0 152ms
151ms Font
font/woff2 2a04:4e42:600::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/subsetting/inter-var.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 178, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.586856,VS0,VE2
etag: "c74946b05a04c9302636cc6106891bbd"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 78400
x-served-by: cache-sjc1000110-SJC, cache-sjc1000104-SJC, cache-cph2320034-CPH

GET
H2 304 b20024ac5582424c.js Show response
client-registry.mutinycdn.com/personalize/client/ 52 KB
54 B 42ms
42ms Script
application/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/b20024ac5582424c.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c76a9cb437eb62c4dd5a2ff9f6d2e3835a73dacee48687c63735220e081b8265

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.fastly.com/
If-None-Match: "5484c522dc31653f98944694891165ce"
If-Modified-Since: Fri, 31 May 2024 23:38:22 GMT
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 02 Jun 2024 09:29:12 GMT
via: 1.1 varnish
x-continent-code: EU
x-connection-speed: broadband
x-edge-region: EU-East
age: 1821
etag: "5484c522dc31653f98944694891165ce"
vary: X-Continent-Code, Accept-Encoding
x-cache: HIT
cache-control: s-maxage=3600, max-age=0
x-edge-datacenter: FRA
x-country-code: DE
x-served-by: cache-fra-etou8220124-FRA

GET
H3 200 icon-social-facebook.svg
www.fastly.com/g-static/icons/ 597 B
0 41ms
41ms Image
image/svg+xml 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-facebook.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 4, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.741233,VS0,VE2
etag: "bb1c97bce60b58d56b793de7b4a4bc13"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 359
x-served-by: cache-sjc10030-SJC, cache-sjc1000088-SJC, cache-fra-etou8220074-FRA

GET
H3 200 icon-social-twitter.svg
www.fastly.com/g-static/icons/ 1 KB
0 42ms
42ms Image
image/svg+xml 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-twitter.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 3, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.741422,VS0,VE2
etag: "337117f8ea61b8fe03a5e612e8314180"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
x-served-by: cache-sjc10056-SJC, cache-sjc1000137-SJC, cache-fra-etou8220074-FRA

GET
H3 200 icon-social-LinkedIn.svg
www.fastly.com/g-static/icons/ 781 B
0 42ms
42ms Image
image/svg+xml 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-LinkedIn.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 3, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.784635,VS0,VE3
etag: "de1e54a0a64e58525dbe0884c382f63a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 424
x-served-by: cache-sjc10052-SJC, cache-sjc1000097-SJC, cache-fra-etou8220074-FRA

GET
H3 200 webpack-runtime-94e7fd591bb71c05bae2.js Show response
www.fastly.com/ 17 KB
0 41ms
40ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

13992cc34551fe0f87641b400b3c0b44d2342de47610eccf6e8a80c0b7e5f376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.882610,VS0,VE2
etag: "046ae120cc70c85ed101223139420064"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7648
x-served-by: cache-sjc10068-SJC, cache-sjc10063-SJC, cache-fra-etou8220074-FRA

GET
H3 200 framework-151fc19b9b9ac4505994.js Show response
www.fastly.com/ 142 KB
0 42ms
41ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

b9561116be07dfb5c239a4ff5c9414c8ffc316835e8122265b4c2b73321e04f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.884883,VS0,VE2
etag: "ef8201535fcede2bc23ee156acaef19b"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45805
x-served-by: cache-sjc10050-SJC, cache-sjc1000096-SJC, cache-fra-etou8220074-FRA

GET
H3 200 252f366e-d1aa38507652cb741e60.js Show response
www.fastly.com/ 1 KB
0 41ms
40ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/252f366e-d1aa38507652cb741e60.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

17fec48aa0d675502c93181d7307ca32e12378e24c21eec53a9f40d604017493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885319,VS0,VE1
etag: "697ad6d43c89541e8b393a6a89e2e9ef"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 471
x-served-by: cache-sjc1000094-SJC, cache-sjc10041-SJC, cache-fra-etou8220074-FRA

GET
H3 200 2c56e427-01361d4940eeadfd165c.js Show response
www.fastly.com/ 277 KB
0 42ms
42ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/2c56e427-01361d4940eeadfd165c.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cd182f3a350ac2d27a4ec5de75d7f39315f31c83db302387deaa56cd48f08fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 2, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885583,VS0,VE1
etag: "715d965f78523bf90b11bc8855091ddd"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 86505
x-served-by: cache-sjc1000142-SJC, cache-sjc1000088-SJC, cache-fra-etou8220074-FRA

GET
H3 200 f344f784-59cf6dfaf4313f3a2695.js Show response
www.fastly.com/ 307 KB
0 122ms
122ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/f344f784-59cf6dfaf4313f3a2695.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d83f00e53d435070c5a0d3ff2fa641dbe8c407d9fc754403da515ca52fc4ea0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885530,VS0,VE2
etag: "a5050db0b9208146b92bcae8eb2ca082"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 91303
x-served-by: cache-sjc1000147-SJC, cache-sjc10045-SJC, cache-fra-etou8220074-FRA

GET
H3 200 app-581006721eb7e73b827b.js Show response
www.fastly.com/ 565 KB
0 156ms
155ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/app-581006721eb7e73b827b.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5cc5c15991ca00035f86af72fc4e7fa535af6208351b654d5b875af761ca4319

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.885549,VS0,VE3
etag: "5c2958192e677dce94e59ef23aa8e1fb"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 187602
x-served-by: cache-sjc1000113-SJC, cache-sjc1000137-SJC, cache-fra-etou8220074-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 415 KB
0 167ms
78ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9ccaa9c19f55a6620ce82fa5494a062817ceb3cd72fdf58c59114e409aafd96a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123349
x-xss-protection: 0
last-modified: Sun, 02 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Jun 2024 09:29:11 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
0 130ms
42ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 09:29:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 x2ugb2nh7dxy.js Show response
js.driftt.com/include/1717320600000/ 212 KB
0 328ms
213ms Script
application/javascript 54.230.228.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1717320600000/x2ugb2nh7dxy.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-8.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 69ceaf2914bd01ec0e3201288b80afe2.cloudfront.net (CloudFront), 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
x-amz-cf-pop: IAD61-P3, MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 52
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: iNvfTia2KPPCsauUa9o82qunK1QIjgUjVV2gijKIaTVBCfIaQtoQZg==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 836 B
0 130ms
130ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300705
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=836 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 836
x-served-by: cache-sjc10022-SJC, cache-sjc1000093-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914654,VS0,VE2
etag: "w55cncqW7lRXrIFtJk8yEl9DSKBo8EwB3DHcPnGO0tU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 8, 0

GET
H3 200 simran.jpeg
www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/ 699 B
0 131ms
130ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/simran.jpeg?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

14ab9cffba365eab7420a6e75f65bfe85308431fbeb48fb308d21c9b426a5242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300708
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=200562 idim=1024x1024 ifmt=jpeg ofsz=699 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 699
x-served-by: cache-sjc10035-SJC, cache-sjc10044-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914916,VS0,VE2
etag: "Z4x+XkgdmixRHKgUoQj69tvDojC5hFuAhjMFlHbO9Qk"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H3 200 image-20240528-184030.png
www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/ 674 B
0 132ms
131ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/image-20240528-184030.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

773f7d8838ae33fd62fa7cc873009886716e07091a869edbc379fbf9c1121077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300701
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=194268 idim=480x480 ifmt=png ofsz=674 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 674
x-served-by: cache-sjc1000084-SJC, cache-sjc1000114-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914883,VS0,VE2
etag: "wUlyWlxio7aaQu5scBLaIYhCqH3vsIWHvFcT3bX98dI"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H3 200 image-20240528-195447.png
www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/ 800 B
0 131ms
131ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/image-20240528-195447.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

b7a9abff26f10f1da273ea00346283c5aaf8a44042085661d64d2eabb1d2a9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300714
x-cache: Miss from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=3004007 idim=1345x989 ifmt=png ofsz=800 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 800
x-served-by: cache-sjc10053-SJC, cache-sjc1000104-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320552.914867,VS0,VE2
etag: "D8DsvJ288YRVI170Gua2jkFVuVVxywSmBkX53XA927U"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H3 200 ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2
www.fastly.com/static/ 56 KB
0 46ms
45ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916790,VS0,VE2
etag: "f2a8ff0942c38a6325df9a0f60277e93"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56868
x-served-by: cache-sjc1000138-SJC, cache-sjc1000093-SJC, cache-fra-etou8220074-FRA

GET
H3 200 ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2
www.fastly.com/static/ 56 KB
0 86ms
86ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916125,VS0,VE2
etag: "3846fe18ab988be9b98be555ee4c964a"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57832
x-served-by: cache-sjc10039-SJC, cache-sjc1000145-SJC, cache-fra-etou8220074-FRA

GET
H3 200 ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2
www.fastly.com/static/ 59 KB
0 50ms
49ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916401,VS0,VE2
etag: "5d684e67bb303b33d0fc0303d91e76af"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59992
x-served-by: cache-sjc10079-SJC, cache-sjc10073-SJC, cache-fra-etou8220074-FRA

GET
H3 200 roboto.woff2
www.fastly.com/g-static/fonts/ 12 KB
0 86ms
85ms Font
font/woff2 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/roboto.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Sun, 02 Jun 2024 09:29:11 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.916738,VS0,VE2
etag: "d8ab6e6b16f310580e0570584c0ce6d4"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12312
x-served-by: cache-sjc1000144-SJC, cache-sjc1000106-SJC, cache-fra-etou8220074-FRA

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445c32c2df2239bda46c6e62b2a6de1eb0abb24b03675b4047a435c0c24c47ad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1

Request headers

Referer
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
0 40ms
40ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 09:29:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Tue, 10 Sep 2024 09:29:12 GMT

POST
H2 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
65 B 42ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-data.json Show response
www.fastly.com/page-data/ 50 B
248 B 40ms
40ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/app-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9792bfec70a56c776df59dac10da133724e4f66a1bb5e1be74f0704a0130466e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.436392,VS0,VE2
etag: "3f184d6abeff47de387766eef1d1c66e"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70
x-cache-hits: 1

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ 52 KB
247 B 42ms
41ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

da5ffaa3ecfb62fb9e1d58ed51468eee919fdcb3bdc24990f1c921c3390f78c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.436658,VS0,VE2
etag: "2ecdb848f10352f37f2b1b4ebf111bca"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12812
x-cache-hits: 1

POST
H/1.1 200
OK visitWebPage
025-xko-469.mktoresp.com/webevents/ 2 B
318 B 912ms
182ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://025-xko-469.mktoresp.com/webevents/visitWebPage?_mchNc=1717320552426&_mchCn=&_mchId=025-XKO-469&_mchTk=_mch-fastly.com-1717320552118-18437&_mchHo=www.fastly.com&_mchPo=&_mchRu=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 09:29:13 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 9350bc98-22d6-490f-89d5-cd85599a4803

GET
H2 200 core
rc-widget-frame.js.driftt.com/ Frame A7C9 0
0 370ms
370ms Document
text/html 18.66.192.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=c198e648-4f91-4280-b074-9d0e0e4dfb76&sessionStarted=1717320552.245&campaignRefreshToken=05d93699-b478-4259-9027-0bf5ce57b10c&pageLoadStartTime=1717320552282&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1717320600000/x2ugb2nh7dxy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-93.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Sun, 02 Jun 2024 09:29:12 GMT
etag: W/"6a5cea74d414ec151635bd2880abb1c3"
last-modified: Mon, 21 Aug 2023 14:57:03 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 ae6c2eb8d653982f5df6a91a4b14b518.cloudfront.net (CloudFront)
x-amz-cf-id: WE0Q0qdJ_ansk_Mjdjjy0Cyv8uA1UrxQGlhAJ8Fchgy4IR_02Io4nw==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: hIxJdEPbt_45OV8bTT9Ad1M7VE.ABA8G
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 21

GET
H3 200 43a66a61-c84aa95f2ddfba93c469.js Show response
www.fastly.com/ 16 KB
0 41ms
41ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/43a66a61-c84aa95f2ddfba93c469.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe8ee1e74a19f26f635bfd0127127df11580dede6ad1878cc864d3686bab6ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.163285,VS0,VE2
etag: "9c542dba9b59eb4a08ab445bed9e9901"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4424
x-served-by: cache-sjc1000089-SJC, cache-sjc10031-SJC, cache-fra-etou8220074-FRA

GET
H3 200 commons-d15e4fa94351ced85b96.js Show response
www.fastly.com/ 13 KB
0 40ms
40ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/commons-d15e4fa94351ced85b96.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0ba0a6dc3b6c35adbbfbe6986c9284b130a088b99194c538059986b46e4b982c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.163365,VS0,VE2
etag: "f8813d8fa5ac68732927c160f7fbdc88"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4955
x-served-by: cache-sjc10052-SJC, cache-sjc10043-SJC, cache-fra-etou8220074-FRA

GET
H3 200 component---src-templates-blog-post-js-866d3397ebbb89925494.js Show response
www.fastly.com/ 10 KB
0 42ms
42ms Script
text/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/component---src-templates-blog-post-js-866d3397ebbb89925494.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-94e7fd591bb71c05bae2.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

15a056617d74788f1cd880c91661b8682a4dae8a7b732ed83f06a85e916a7951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320552.163605,VS0,VE2
etag: "0546bd48b28535f83eaa05b4df389a39"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3853
x-served-by: cache-sjc10050-SJC, cache-sjc10049-SJC, cache-fra-etou8220074-FRA

GET
H3 200 1727377946.json Show response
www.fastly.com/page-data/sq/d/ 61 B
247 B 42ms
42ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1727377946.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.480855,VS0,VE2
etag: "620acf1ee1d982fd3abfad3d91e15496"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-cache-hits: 1

GET
H3 200 1831612556.json Show response
www.fastly.com/page-data/sq/d/ 409 B
247 B 41ms
40ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1831612556.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.481387,VS0,VE1
etag: "d23265dab806df0bcfaeae0eb941f680"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 237
x-cache-hits: 2

GET
H3 200 2892375363.json Show response
www.fastly.com/page-data/sq/d/ 35 KB
248 B 46ms
45ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/2892375363.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

86bf1036789fc9768f23c81cdf61c486b86228a0eddbe232e86a99a96dac5d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.481269,VS0,VE3
etag: "808867d668fa9a7869d09468cd75a89c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10728
x-cache-hits: 1

GET
H3 200 3715587086.json Show response
www.fastly.com/page-data/sq/d/ 642 B
248 B 43ms
43ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3715587086.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.481235,VS0,VE2
etag: "062b895294b682a9dbc9adbe5d97f206"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 415
x-cache-hits: 1

GET
H3 200 3925522448.json Show response
www.fastly.com/page-data/sq/d/ 3 KB
247 B 44ms
43ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3925522448.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

516e05996b0e9d097fbe55f14bb7948f16a19d043950a88d086975b976593fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.481220,VS0,VE2
etag: "2aa5d94312606b8c9bf40c81d65812c5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1437
x-cache-hits: 1

GET
H3 200 433030069.json Show response
www.fastly.com/page-data/sq/d/ 316 B
248 B 43ms
42ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/433030069.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cc4abce21cb2be565c9d4ea8b3be9b942b42eee8770694e8a3415e09f0b39803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.481218,VS0,VE2
etag: "b81520dfa11dbb486b097182b19955a5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 212
x-cache-hits: 1

GET
H3 200 668095159.json Show response
www.fastly.com/page-data/sq/d/ 495 B
247 B 44ms
44ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/668095159.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320552.481195,VS0,VE3
etag: "fc1745b05e609a8bbab6bd072c2caf79"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 310
x-cache-hits: 1

GET
H3 200 image1.png
www.fastly.com/cimages/6pk8mg3yh2ee/799Q2Wy5RwY8pU1VwU36j4/f5a90ffa31cb91641d673baa3cb8d2b8/ 265 KB
265 KB 40ms
40ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/799Q2Wy5RwY8pU1VwU36j4/f5a90ffa31cb91641d673baa3cb8d2b8/image1.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

8e9a56ee211373fbeae846a6172d25f2bcb96429d02dc65ad6eb0d73b64146cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300703
x-cache: Miss from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=825356 idim=1999x1667 ifmt=png ofsz=271246 odim=1999x1667 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 271246
x-served-by: cache-sjc1000130-SJC, cache-sjc1000124-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.577714,VS0,VE2
etag: "HzSvyHQ5nn25mTk+Z19LZeNNWXBjgttAAlKkxIqP7Pg"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 11, 0

GET
H3 200 image2.png
www.fastly.com/cimages/6pk8mg3yh2ee/nIZWS4735NptEtMORBMJ1/a5a78ef796fc7784aa2cf30a7967c1fe/ 16 KB
16 KB 42ms
42ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/nIZWS4735NptEtMORBMJ1/a5a78ef796fc7784aa2cf30a7967c1fe/image2.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

486fe4a11df8e574321f4cd832688242e2fa48e1cb1c04e7b80cd6d78c77efb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300706
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=41066 idim=1423x476 ifmt=png ofsz=16076 odim=1423x476 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16076
x-served-by: cache-sjc10061-SJC, cache-sjc10066-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.578587,VS0,VE2
etag: "tXI+3ypbeFye/hI37+tFWjNVflc64yMcsggEEVviPQQ"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 8, 0

GET
H3 200 image4.png
www.fastly.com/cimages/6pk8mg3yh2ee/4s7KmtpIXSg3HHeXFCnEux/ad86950bc56566545050048bbadde89b/ 14 KB
15 KB 43ms
43ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4s7KmtpIXSg3HHeXFCnEux/ad86950bc56566545050048bbadde89b/image4.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

31d5f6da756ad666a6f55091582cc4d9880a4fd4d1812e658e808d405000b199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300705
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=46678 idim=1494x608 ifmt=png ofsz=14788 odim=1494x608 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14788
x-served-by: cache-sjc1000122-SJC, cache-sjc10077-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.578743,VS0,VE2
etag: "kuXzw9ra5QNnTVrMHYkToBICUQc+NRRDzH8ivXqMizs"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H3 200 image3.png
www.fastly.com/cimages/6pk8mg3yh2ee/3jNL1g1PBQ38gQx6M2B5Gj/717a904d22bd16535e5d29da5179918a/ 22 KB
23 KB 44ms
44ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/3jNL1g1PBQ38gQx6M2B5Gj/717a904d22bd16535e5d29da5179918a/image3.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a0bdaf167b258a7a6c20172a119cddb617f46c1de4b710f98b4cd33527ae3374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300713
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=62522 idim=1843x611 ifmt=png ofsz=22693 odim=1843x611 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22693
x-served-by: cache-sjc1000128-SJC, cache-sjc10053-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.579047,VS0,VE2
etag: "YifkjEuwmtkVyju6RQ0RF4h49mlIxFfKU1tGel5XdSU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 7, 0

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 2 KB
3 KB 41ms
40ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

4faf92a677fbcb1a072cdb917b2677de95bd0792e5b7f11af4a217070dc97014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300705
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=2487 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2487
x-served-by: cache-sjc10022-SJC, cache-sjc1000093-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.585014,VS0,VE2
etag: "P5Qd0qb2xphGdZSgPZ/Gf5BZy73qABUeiXfUbTsVzas"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 6, 0

GET
H3 200 simran.jpeg
www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/ 2 KB
2 KB 41ms
41ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/simran.jpeg?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3f54c4723e33e35c4cfe06daff86e15db90c44adfb6be3842a39cec26c5a7595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300708
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=200562 idim=1024x1024 ifmt=jpeg ofsz=1668 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1668
x-served-by: cache-sjc10035-SJC, cache-sjc10044-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.585526,VS0,VE2
etag: "V5JYSEbSi/hBGEJ3XXK/Y7dLuksvxavcbC+vbL3grWI"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 5, 0

GET
H3 200 image-20240528-184030.png
www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/ 1 KB
2 KB 42ms
42ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/image-20240528-184030.png?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5b34ba53714f9472819d51c98ccb08fa80a076eb569f9cfbdf54271fb6db97b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300701
x-cache: RefreshHit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=194268 idim=480x480 ifmt=png ofsz=1534 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1534
x-served-by: cache-sjc1000084-SJC, cache-sjc1000114-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.585881,VS0,VE2
etag: "fOlu28ujvlpv0PKj98f6O0kcmDe61IeqGQ3qCeGMF3g"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 5, 0

GET
H3 200 image-20240528-195447.png
www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/ 3 KB
3 KB 43ms
42ms Image
image/avif 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/image-20240528-195447.png?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5a022f06ae0b18465655eab62cc4b5ea4c81f640c5e98132a0428ea9e6e3534e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300714
x-cache: Miss from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=3004007 idim=1345x989 ifmt=png ofsz=2820 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2820
x-served-by: cache-sjc10053-SJC, cache-sjc1000104-SJC, cache-fra-etou8220074-FRA
server: Artisanal bits
x-timer: S1717320553.586203,VS0,VE2
etag: "5VMF9ZnUgLiFOgBnhDkQIQFkQL5z/Wru4WBYITvxNRc"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 5, 0

POST
H3 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
20 B 41ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 41 B
59 B 42ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

f6c83a74aa4aa2d60e9ef6f9ee780513bf38756e26f7f080809649810a4b4292

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 41 B
59 B 41ms
41ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

14cf42473db932b7eee95c86f2acad7a81251fe19ff8745476613ba34ea82864

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 41 B
59 B 42ms
40ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3374b3e0cd1e74e4dd36dd9cedb1dfd1f5c2a9327c581ff59e3fbadb4066827d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 02 Jun 2024 09:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2

200

embed.js Show response
fiddle.fastly.dev/
Redirect Chain

https://fiddle.fastlydemo.net/embed.js
https://fiddle.fastly.dev/embed.js

6 KB
3 KB

337ms
207ms

Script
application/javascript

2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fiddle.fastly.dev/embed.js
Protocol: H2
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 5b2cb114ad1f05c0b84daba4d01466ed5a782a5cae8a9f2841d918c022210207

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
content-encoding: gzip
age: 151
x-powered-by: Express
etag: W/"19db-49773873e8"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate
access-control-allow-credentials: true
vary: Accept
access-control-allow-headers: Content-Type
content-length: 2465

Redirect headers

date: Sun, 02 Jun 2024 09:29:12 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
location: https://fiddle.fastly.dev/embed.js
access-control-allow-origin: *
vary: Accept
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
retry-after: 0

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 22 KB
9 KB 128ms
38ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=4272646268
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d65a39715ffa728f57282b58ea27a40416ae37bacd2c2850c49291a1003ab35e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 02 Jun 2024 09:29:12 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 48469
x-cache: HIT
content-length: 8562
x-served-by: cache-fra-etou8220032-FRA
last-modified: Sat, 01 Jun 2024 20:01:23 GMT
server: Apache
x-timer: S1717320553.705752,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Jun 2024 20:01:23 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 139ms
53ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YmFgVUTeB0lXZXM9YgX19A==
age: 46157
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Thu, 30 May 2024 19:49:44 GMT
server: cloudflare
etag: 0x8DC80E1A7B58E98
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5d7ad16c-d01e-0020-6f75-b32da5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88d66aee6be22c65-FRA

GET
H3 200 bundle.js Show response
www.fastly.com/g-static/fastly-swiftype/ 23 KB
9 KB 40ms
40ms Script
application/javascript 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fastly-swiftype/bundle.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

2035a3c05a682cf60b1a965d16d52335489608ca1141d9e0b9b3f9c340901f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10020-SJC, cache-sjc10020-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320553.616896,VS0,VE1
etag: "a41be66ad83ae00d26b9bd8a3c9d4d0e"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9091
x-cache-hits: 0, 15, 0

GET
H2 200 d8606fe0-eb46-49e2-9118-e39304fc0f7b.json Show response
cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/ 5 KB
2 KB 143ms
66ms XHR
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/d8606fe0-eb46-49e2-9118-e39304fc0f7b.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b479ed0b2477c2cbddf91a0c9cea1b73c017f9bf787e31c6d9573b2eed9e0b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Jun 2024 09:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 42169
content-md5: agLfML9ZkE/EGDSFfL4/9A==
content-length: 1828
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 16:59:33 GMT
server: cloudflare
etag: 0x8DC36EC4E4A8439
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5f303b72-901e-0060-74d5-68451c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88d66aef3c20bb43-FRA
expires: Mon, 03 Jun 2024 09:29:12 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 157ms
72ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 88d66af02cb030c6-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 56ms
56ms Script
application/javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Jun 2024 09:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 47793
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:48 GMT
server: cloudflare
etag: 0x8D941124BEC2620
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d90e7eed-d01e-0095-1237-23d136000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88d66af0af572c65-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/31547220-4f5f-469a-a5e2-f49331357eb1/ 74 KB
18 KB 70ms
70ms Fetch
application/x-javascript 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/31547220-4f5f-469a-a5e2-f49331357eb1/en.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af0df8f9644b02cc51d21524c7983a00d9dbc2d3601739d8d6e001548cfe9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Jun 2024 09:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 40670
content-md5: 7MVxgQdel9Pwcf0B5uSSCg==
content-length: 18710
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 16:59:42 GMT
server: cloudflare
etag: 0x8DC36EC53B5D2F8
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dbe6a026-901e-0002-33ea-71873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88d66af14ef7bb43-FRA
expires: Mon, 03 Jun 2024 09:29:13 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 169ms
38ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67D4) /

Resource Hash

72b5a8a2135c12c11678be3c99e786370b9d1deab9d0b4d4a614b7a541ef825f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 30 May 2024 09:40:58 GMT
server: ECS (frb/67D4)
age: 44029
etag: "de267d7975b2da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H/1.1 204
No content scout.js Show response
www.fastly-insights.com/static/ 0
676 B 122ms
38ms Script
text/html 151.101.66.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Served-By: cache-fra-etou8220053-FRA
Date: Sun, 02 Jun 2024 09:29:13 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
Server: Varnish
X-Timer: S1717320553.326053,VS0,VE1
X-Cache: HIT
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Connection: close
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 3997.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
1 KB 197ms
109ms Script
text/javascript 2606:4700:4400::ac40:90e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3997.js?p=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/&e=

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d8e3f99e6ac157c0bf9665cd34a729c8f78e45a908890e231e24fe1867b5e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-disposition: inline
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cf-ray: 88d66af25a6f03f0-FRA

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 165ms
101ms Script
application/javascript 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
x-amz-version-id: 4TVPkf0eH3kVl0Vjj3KPZI_FUiecs6et
via: 1.1 61954eaa5e77bcffc1d48963f5835828.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
content-encoding: gzip
x-amz-cf-pop: MRS52-P5
age: 22484
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 06:37:27 GMT
server: cloudflare
etag: W/"5c7228fc2640a4dfce48217428980fe3"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 88d66af22e0d44f2-TXL
x-amz-cf-id: Up1Gp_QexnotQz-InQOnJlAzXTYTFlKk56aPadrplKNx-YcatWr2Ow==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 167ms
77ms Script
text/javascript 2606:4700:4400::ac40:973c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:973c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 63557
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 88d66af25d5dbc03-FRA
expires: Sun, 02 Jun 2024 09:49:13 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 10 KB
3 KB 57ms
57ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFloatingFlat.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Jun 2024 09:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: p9XkcRT860KFc2nbQOJsvw==
age: 56219
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2675
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:43 GMT
server: cloudflare
etag: 0x8D9411248A2F288
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d6bff88b-401e-005c-4e30-246cdb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88d66af1cfcebb43-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/ 47 KB
12 KB 56ms
55ms Fetch
application/json 2606:4700::6813:b134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/otPcCenter.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded43a6af1e4e0a061fe1c97703f45cc4af82fc367de436789f6c70e5077b0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 02 Jun 2024 09:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2vE4qrHr6kOuPbyrvQ8Ntg==
age: 56218
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11533
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:44 GMT
server: cloudflare
etag: 0x8D94112496CA8BA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fe20d632-501e-007f-3580-22f618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88d66af1cfcfbb43-FRA

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 531ms
488ms Preflight 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: Yu44li0KvHcESbA=
cf-cache-status: DYNAMIC
cf-ray: 88d66af30fc46a76-TXL
date: Sun, 02 Jun 2024 09:29:13 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 f94680c3a1fc159ee44d04d5ded8c264.cloudfront.net (CloudFront)
x-amz-cf-id: RlBEb4du6HI9JG-KRrnIPftpQ-Jb-VVcm658A7oqa99GkuhmPNYAsg==
x-amz-cf-pop: TXL50-P5
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 199 B
552 B 481ms
481ms Fetch
application/json 172.64.150.44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.150.44 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 494bf1044c50472cfb7d49beef6f66dd747519f0e0571fdb28618e35c8dfa460

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 9b339613e91679908663
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.fastly.com/
visited_url: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/

Response headers

date: Sun, 02 Jun 2024 09:29:14 GMT
via: 1.1 cb57cede178698c2e5ad0ff8b98673a4.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: TXL50-P5
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: Yu44qi0tPHcESbA=
server: cloudflare
etag: W/"c7-SkMitUWP5s8wEHvEkGWei5DpxMI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 88d66af61e6c6a76-TXL
x-amz-cf-id: BkChLsCRNWxh8JSGeiVK6bR2lrLEaEM4E4iyBmSwlggh1tocgj0jbQ==

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
440 B 152ms
151ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=4982510&r=1717320553393&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&version=2.4
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 4982510
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPqLt8kO8O9a-7BRPrhNjEnErcAKeoCvrYpY44ouCucBxX-6khsW7PRmTc8n5sneIxQAeAM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Sun, 02 Jun 2024 10:29:13 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 232ms
141ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=4982510&r=1717320553393&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 02 Jun 2024 09:29:13 GMT
expires: Sun, 02 Jun 2024 09:29:13 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPp1HP1AUiilDko8ChoJJSs4FGyWAdRRMLXLEBb0axkWI0l-SxFWSggva9BLJyUFMSRoK1E

GET
H2 200 ipv
cdn.bizible.com/ 43 B
306 B 37ms
37ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_h=-1906410348&_biz_u=1f79bb93636b4b3fe847d310dd4ede09&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_t=1717320553398&_biz_i=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&_biz_n=0&rnd=531599&cdn_o=a&_biz_z=1717320553398

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BA) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 02 Jun 2024 09:29:13 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 31 May 2024 21:15:25 GMT
server: ECS (frb/67BA)
age: 130428
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 48ms
38ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=1f79bb93636b4b3fe847d310dd4ede09&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_t=1717320553399&_biz_i=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&rnd=787490&cdn_o=a&_biz_z=1717320553399

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 02 Jun 2024 09:29:13 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 31 May 2024 21:15:27 GMT
server: ECS (frb/6752)
age: 130427
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 152ms
151ms Ping
text/html 2606:4700:4400::ac40:90e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/3997.js?p=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary77Taa3H7Sv1fLDhY

Response headers

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
322 B 146ms
146ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=1f79bb93636b4b3fe847d310dd4ede09&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.05.23

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6711) /

Resource Hash

613e049273c93de0c741ca1faec88402bf13768930dfc57449f62182521ed52c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (frb/6711)
etag: 07EB540C
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 215

GET
H2 200 u
cdn.bizible.com/ 43 B
86 B 37ms
37ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A025-XKO-469%26token%3A_mch-fastly.com-1717320552118-18437&_biz_u=1f79bb93636b4b3fe847d310dd4ede09&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_t=1717320553399&_biz_i=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&_biz_n=1&rnd=287397&cdn_o=a&_biz_z=1717320553500

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 02 Jun 2024 09:29:13 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 31 May 2024 21:15:27 GMT
server: ECS (frb/6752)
age: 130427
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
BLOB 200
OK c05dccd7-8eff-41d2-9598-8dbaaee43213
https://www.fastly.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.fastly.com/c05dccd7-8eff-41d2-9598-8dbaaee43213
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 90 KB
27 KB 186ms
118ms Script
application/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 3595
x-guploader-uploadid: ABPtcPrcAsMkmacpoag3X1OuaPhGa7WmJyUqWu6-xWCFjBZNkCW9mPj5SO_WdXQzCQIC_kJbj7wtFpsPrw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 10:14:37 GMT
server: cloudflare
etag: W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash: crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation: 1715854477710382
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91778
cf-ray: 88d66af99ac570c1-WAW
expires: Sun, 02 Jun 2024 09:29:19 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6299150f29472f008e962d64/ 5 KB
3 KB 596ms
538ms Fetch
text/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6299150f29472f008e962d64/?iszitag=true

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f0810cec806f3c15adfd715833817c7f7b7c8d33da8231833bbe83b83443b9b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
_vtok: ODAuMjU1LjcuMTE4
_zitok: 64547d02f1828555606e1717320554
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.fastly.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 88d66afb5a903500-WAW

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/6299150f29472f008e962d64/ Frame 0
0 282ms
214ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6299150f29472f008e962d64/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.fastly.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88d66af99d5535c0-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Jun 2024 09:29:14 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 223ms
223ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.fastly.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88d66afabf6b35c0-WAW
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 02 Jun 2024 09:29:14 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 1 KB
868 B 230ms
230ms Fetch
application/json 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bd58fb1b94d374ef18c0e16aa6195840e8bb260688f27f5213cabfffbce08e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer 0876aa5470a86ba07cc173e261b45c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.fastly.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"57f-BKxc2TDCb77Ei9i+fPt+5W78Gls"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 88d66afc1bd63500-WAW

GET
H3 200 favicon.ico
www.fastly.com/ 15 KB
2 KB 41ms
41ms Other
image/vnd.microsoft.icon 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1fa9b91552d947e9e6d0bb911aae5db85840bad624723e604bb154c7d6794814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000114-SJC, cache-sjc1000143-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320555.869606,VS0,VE2
etag: "41cf3edea9e6ee1d6916fa0a7e5e98f7"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/vnd.microsoft.icon
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2057
x-cache-hits: 0, 3, 0

GET ip.json
api.company-target.com/api/v2/ 0
0

GET
BLOB 200
OK 1a192d4a-acec-4679-9f92-86f4ad3b7480 Show response
https://www.fastly.com/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fastly.com/1a192d4a-acec-4679-9f92-86f4ad3b7480
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0810cec806f3c15adfd715833817c7f7b7c8d33da8231833bbe83b83443b9b6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 5367
Content-Type: text/javascript

GET
H2 200 data.js Show response
tags.clickagy.com/ 36 KB
13 KB 167ms
49ms Script
text/javascript 2600:9000:237d:6c00:4:8491:f2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95

Requested by

Host: www.fastly.com
URL: blob:https://www.fastly.com/1a192d4a-acec-4679-9f92-86f4ad3b7480

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:6c00:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f39119c613a7b1189e7f4ab5a887d2f0d02d6e049ca73db5a05561526f46aed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3UgkqRNMVlhsjmEQXKndI4WYIM8oGRsR
content-encoding: gzip
via: 1.1 66a008dd3c1b49635fc036a68872758c.cloudfront.net (CloudFront)
date: Sun, 02 Jun 2024 04:29:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P2
age: 28654
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 May 2024 15:18:13 GMT
server: AmazonS3
etag: W/"55e11e01d3474d5bc19d85efaa1648ce"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-amz-cf-id: nklgAy7AebNWsptkQOwgjWzLPPUCJlMLjf4zvv4Y46YAx2HUAa4wJA==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 154ms
45ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.fastly.com
URL: blob:https://www.fastly.com/1a192d4a-acec-4679-9f92-86f4ad3b7480
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 04:46:20 GMT
Content-Encoding: gzip
Via: 1.1 826a64379fff05f157845c418fee53d2.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 May 2024 04:42:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 16976
x-amz-server-side-encryption: AES256
ETag: W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: ho0lhrwtMg0103XMFO0hnV_dIMl6rQxQEySCsosoJ3Y0u6_u-PG4qg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
102 KB 73ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

79d746eae7f8a92569719873a8adf91f0b6d1ed6e7d451fb93a7fd0f873c790a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 02 Jun 2024 09:29:15 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 449B 0
0 165ms
54ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=siw7zzj&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&upid=srcqgs0&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Sun, 02 Jun 2024 09:29:15 GMT
server: Kestrel

POST
H2 204 collect
region1.analytics.google.com/g/ 0
245 B 161ms
72ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ETDRC9QJ6S&gtm=45je45t0v872918845z8810839359za200zb810839359&_p=1717320552308&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=105552233.1717320555&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&sid=1717320555&sct=1&seg=0&dl=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&dr=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&dt=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-W9FKFHD&ep.gtm_container_version=332&ep.data_link_id=&ep.data_link_id_lookup=unbucketed_link&up.db_sid=(Non-Company%20Visitor)&up.db_company_name=(Non-Company%20Visitor)&up.db_website=(Non-Company%20Visitor)&up.db_industry=(Non-Company%20Visitor)&up.db_sub_industry=(Non-Company%20Visitor)&up.db_employee_range=(Non-Company%20Visitor)&up.db_revenue_range=(Non-Company%20Visitor)&up.db_audience=no%20data%20available&up.db_audience_segment=no%20data%20available&up.db_city=(Non-Company%20Visitor)&up.db_state=(Non-Company%20Visitor)&up.db_country_name=(Non-Company%20Visitor)&up.db_priority_account=(Non-Company%20Visitor)&tfd=3275
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 02 Jun 2024 09:29:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 147ms
48ms Ping
text/plain 2a00:1450:400c:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ETDRC9QJ6S&cid=105552233.1717320555&gtm=45je45t0v872918845z8810839359za200zb810839359&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 02 Jun 2024 09:29:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 111ms
63ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ETDRC9QJ6S&cid=105552233.1717320555&gtm=45je45t0v872918845z8810839359za200zb810839359&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=119166863

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 02 Jun 2024 09:29:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
506 B 360ms
120ms XHR
application/json 18.207.58.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.58.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-58-146.compute-1.amazonaws.com
Software: Aorta/20240530.acb4bdf79 /
Resource Hash: f492f26defb58daa62856b2b19d9d7dce2e3d4e1b409f76a32a5834d8e6ccdc9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
server: Aorta/20240530.acb4bdf79
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: e3a76acbbf84
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET
H2

451

420246.gif
idsync.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
https://pixel-sync.sitescout.com/connectors/clickagy/usersync?cookieQ=1&redir=https%3A%2F%2Faorta.clickagy.com%2Fpixel.gif%3Fclkgypv%3Dpxl%26ch%3D5%26cm%3D%7BuserId%7D
https://aorta.clickagy.com/pixel.gif?clkgypv=pxl&ch=5&cm=42a89b82-5a75-4d65-8a8b-dc65b9ea7ae4-665c3b6b-5553
https://idsync.rlcdn.com/420246.gif?partner_uid=c:e69c34ed160fa7c44916263282be062c

0
98 B

125ms
47ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:e69c34ed160fa7c44916263282be062c
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Sun, 02 Jun 2024 09:29:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sun, 02 Jun 2024 09:29:16 GMT
server: Aorta/20240530.acb4bdf79
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:e69c34ed160fa7c44916263282be062c
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: f1c5aed15de5
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
326 B 375ms
117ms XHR
text/plain 34.224.237.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.224.237.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-237-84.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/fastly-security-research-team/ 0
9 KB 197ms
197ms Other
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/fastly-security-research-team/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000095-SJC, cache-sjc1000132-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320556.619458,VS0,VE158
etag: "8cbf325a5e2a6391a24925164e9331df"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8855
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/matthew-mathur/ 0
7 KB 193ms
193ms Other
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/matthew-mathur/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10040-SJC, cache-sjc10032-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320556.619767,VS0,VE154
etag: "15a3d21557ec983a5ddc89d61103d174"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6609
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/simran-khalsa/ 0
7 KB 192ms
192ms Other
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/simran-khalsa/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000135-SJC, cache-sjc10052-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717320556.619699,VS0,VE153
etag: "66705393aee790012c1a14262a5d9dd0"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7222
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/simran-khalsa/ 24 KB
0 0ms
0ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastly.com/page-data/blog/simran-khalsa/page-data.json
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Artisanal bits /
Resource Hash: 625766f2ec8260b6783b29d9d69a033946e54fd2acfe24299f6ec4ee49c2a4c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000135-SJC, cache-sjc10052-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320556.619699,VS0,VE153
etag: "66705393aee790012c1a14262a5d9dd0"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7222
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/matthew-mathur/ 21 KB
0 0ms
0ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastly.com/page-data/blog/matthew-mathur/page-data.json
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Artisanal bits /
Resource Hash: 716887bcc0d4f04f4b3e8e98f9ceb7bdd9c8048cfceed242ecb64b93026a36e8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10040-SJC, cache-sjc10032-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320556.619767,VS0,VE154
etag: "15a3d21557ec983a5ddc89d61103d174"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6609
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/fastly-security-research-team/ 32 KB
0 0ms
0ms XHR
application/json 151.101.193.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastly.com/page-data/blog/fastly-security-research-team/page-data.json
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-581006721eb7e73b827b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.193.57 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Artisanal bits /
Resource Hash: e58f5aca440878bff4b3853127aa8d492ef51b20dd518d7c22f76ab9ea91604a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000095-SJC, cache-sjc1000132-SJC, cache-fra-etou8220074-FRA
date: Sun, 02 Jun 2024 09:29:15 GMT
content-encoding: gzip
server: Artisanal bits
x-timer: S1717320556.619458,VS0,VE158
etag: "8cbf325a5e2a6391a24925164e9331df"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8855
x-cache-hits: 0, 0, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 025-xko-469.mktoresp.com
URL: https://025-xko-469.mktoresp.com/webevents/visitWebPage?_mchNc=1717320552119&_mchCn=&_mchId=025-XKO-469&_mchTk=_mch-fastly.com-1717320552118-18437&_mchHo=www.fastly.com&_mchPo=&_mchRu=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=

Domain: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=c198e648-4f91-4280-b074-9d0e0e4dfb76&sessionStarted=1717320552.245&campaignRefreshToken=05d93699-b478-4259-9027-0bf5ce57b10c&pageLoadStartTime=1717320551718&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F

Domain: api.company-target.com
URL: https://api.company-target.com/api/v2/ip.json?key=qoeMC7SDKL4xjEnvU1wA5OqhPHghHKmcXtCYge6F&page=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&page_title=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&referrer=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fastly.com/blog	1969-12-31 23:59:59	Name: DriftPlaybook Value: B
.fastly.com/	1970-01-21 06:38:00	Name: _mkto_trk Value: id:025-XKO-469&token:_mch-fastly.com-1717320552118-18437
www.fastly.com/	1970-01-20 21:02:02	Name: drift_campaign_refresh Value: 05d93699-b478-4259-9027-0bf5ce57b10c
www.fastly.com/	1970-01-20 21:02:02	Name: lux_uid Value: 171732055273153794
.fastly.com/	1970-01-21 05:47:36	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sun+Jun+02+2024+11%3A29%3A13+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.20.0&isIABGlobal=false&hosts=&consentId=839a738f-7046-422b-a8b4-ec3cb3de3f74&interactionCount=0&landingPath=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&groups=req%3A1%2Cfuncs%3A1%2Cadv%3A0
.techtarget.com/	1970-01-20 21:02:02	Name: __cf_bm Value: kKKpNX8nJ1vC9E0w4gPmYu_7kGm8Ayw4IjZPYor0BhM-1717320553-1.0.1.1-Mt8Z3WWcooCknKKdLBFGFYwaal6OGK_YGCs3qgfFM_hBZuCDTqV02za9USkKoFKXBmDp6FZnBDNUJOvOoq6rYw
.fastly.com/	1970-01-21 05:47:36	Name: _biz_uid Value: 1f79bb93636b4b3fe847d310dd4ede09
.fastly.com/	1970-01-21 05:47:36	Name: _biz_nA Value: 2
.g2crowd.com/	1970-01-20 21:02:02	Name: __cf_bm Value: 8.xjAU2s6451_hTiETPLxDjoO.iNeMYa76W4uhKpQ1Y-1717320553-1.0.1.1-QreLQv0_88IHcsy8yeW.AaRnzQKeZ.9k8cPuCgVF.KQpUJQBCdTIrHXA9ltgpMMaM3iG7RzqLnBm9iKTQXwnnQ
.bizible.com/	1970-01-21 05:47:36	Name: _BUID Value: 1f79bb93636b4b3fe847d310dd4ede09
.bizibly.com/	1970-01-21 05:47:36	Name: _BUID Value: 0c5ce2d8a02a6f12ac2d0e54c9137319
.fastly.com/	1970-01-21 05:47:36	Name: _biz_pendingA Value: %5B%5D
.fastly.com/	1970-01-21 05:47:36	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.www.fastly.com/	1970-01-21 05:47:36	Name: _zitok Value: 64547d02f1828555606e1717320554
.zoominfo.com/	1970-01-20 21:02:02	Name: __cf_bm Value: 2EsXUpCL0rl6vUaU_2ymI9GXbQtAjFyfySNz_LYpc0M-1717320554-1.0.1.1-7jeerjvxpizCe9Dc0i0PhmNPmegA8dqIrV0qY67dnucnHc3kPZax6HpHtuksgix5vjkpKrb_qbd0i15Bwd43qQ
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: mjT4JE1Tz_r3EnBoyeafDE5a2gmFqLxaD4Qmn7C.H_0-1717320554563-0.0.1.1-604800000
www.fastly.com/	1970-01-21 06:38:00	Name: drift_aid Value: 1740c406-0223-4128-9376-38cc8e9d8c18
www.fastly.com/	1970-01-21 06:38:00	Name: driftt_aid Value: 1740c406-0223-4128-9376-38cc8e9d8c18
.fastly.com/	1970-01-21 06:38:00	Name: _ga Value: GA1.1.105552233.1717320555
.fastly.com/	1970-01-21 06:38:00	Name: _ga_ETDRC9QJ6S Value: GS1.1.1717320555.1.0.1717320555.60.0.0
.sitescout.com/	1970-01-21 05:47:36	Name: ssi Value: 42a89b82-5a75-4d65-8a8b-dc65b9ea7ae4#1717320555950

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:e69c34ed160fa7c44916263282be062c Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

025-xko-469.mktoresp.com
aorta.clickagy.com
api.company-target.com
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.speedcurve.com
client-registry.mutinycdn.com
fiddle.fastly.dev
fiddle.fastlydemo.net
geolocation.onetrust.com
hemsync.clickagy.com
ibc-flow.techtarget.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
js.zi-scripts.com
munchkin.marketo.net
o1025883.ingest.sentry.io
pixel-sync.sitescout.com
rc-widget-frame.js.driftt.com
region1.analytics.google.com
stats.g.doubleclick.net
tags.clickagy.com
tracking.g2crowd.com
trk.techtarget.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.fastly-insights.com
www.fastly.com
www.google.de
www.googletagmanager.com
025-xko-469.mktoresp.com
api.company-target.com
rc-widget-frame.js.driftt.com
104.16.118.43
108.138.40.116
142.250.186.35
15.197.193.217
151.101.193.57
151.101.65.91
151.101.66.217
151.101.66.91
152.195.15.58
172.64.150.44
18.207.58.146
18.66.192.93
192.28.147.68
2001:4860:4802:34::36
2600:9000:237d:6c00:4:8491:f2c0:93a1
2606:4700:4400::6812:2089
2606:4700:4400::ac40:90e1
2606:4700:4400::ac40:973c
2606:4700::6813:b134
2a00:1450:4001:82f::2008
2a00:1450:400c:c0d::9d
2a04:4e42:600::313
2a04:4e42::729
34.111.208.231
34.120.195.249
34.224.237.84
34.36.216.150
35.244.174.68
54.230.228.8
88.221.60.75
0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f
0ba0a6dc3b6c35adbbfbe6986c9284b130a088b99194c538059986b46e4b982c
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4
10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d
13992cc34551fe0f87641b400b3c0b44d2342de47610eccf6e8a80c0b7e5f376
14ab9cffba365eab7420a6e75f65bfe85308431fbeb48fb308d21c9b426a5242
14cf42473db932b7eee95c86f2acad7a81251fe19ff8745476613ba34ea82864
15a056617d74788f1cd880c91661b8682a4dae8a7b732ed83f06a85e916a7951
17fec48aa0d675502c93181d7307ca32e12378e24c21eec53a9f40d604017493
1a951a913aded15ba2df0b9d208bcbf7f3dc3fbddf6cffd7c660bfdcb7e80026
1ba7f7e31ef37d69f9541a2af99984deed19867ab8f8a24d53da8c5b47b47cd9
1fa9b91552d947e9e6d0bb911aae5db85840bad624723e604bb154c7d6794814
2035a3c05a682cf60b1a965d16d52335489608ca1141d9e0b9b3f9c340901f1d
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3109a1a489eb6cf9429c02f62539fbfeac0a730ac3e25b157afc28def5689b03
31d5f6da756ad666a6f55091582cc4d9880a4fd4d1812e658e808d405000b199
3374b3e0cd1e74e4dd36dd9cedb1dfd1f5c2a9327c581ff59e3fbadb4066827d
37bb2fe07156e83bf66ed1214d5f27cae6bdd70549affa70372b82a9c6689ba7
37e8818124561754e1c997013c3bfebfa1e87ec9338148293f7d3870d8e2ae83
3f54c4723e33e35c4cfe06daff86e15db90c44adfb6be3842a39cec26c5a7595
40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445c32c2df2239bda46c6e62b2a6de1eb0abb24b03675b4047a435c0c24c47ad
486fe4a11df8e574321f4cd832688242e2fa48e1cb1c04e7b80cd6d78c77efb0
494bf1044c50472cfb7d49beef6f66dd747519f0e0571fdb28618e35c8dfa460
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4faf92a677fbcb1a072cdb917b2677de95bd0792e5b7f11af4a217070dc97014
516e05996b0e9d097fbe55f14bb7948f16a19d043950a88d086975b976593fc0
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a022f06ae0b18465655eab62cc4b5ea4c81f640c5e98132a0428ea9e6e3534e
5b2cb114ad1f05c0b84daba4d01466ed5a782a5cae8a9f2841d918c022210207
5b34ba53714f9472819d51c98ccb08fa80a076eb569f9cfbdf54271fb6db97b2
5cc5c15991ca00035f86af72fc4e7fa535af6208351b654d5b875af761ca4319
613e049273c93de0c741ca1faec88402bf13768930dfc57449f62182521ed52c
625766f2ec8260b6783b29d9d69a033946e54fd2acfe24299f6ec4ee49c2a4c7
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
716887bcc0d4f04f4b3e8e98f9ceb7bdd9c8048cfceed242ecb64b93026a36e8
72b5a8a2135c12c11678be3c99e786370b9d1deab9d0b4d4a614b7a541ef825f
773f7d8838ae33fd62fa7cc873009886716e07091a869edbc379fbf9c1121077
79d746eae7f8a92569719873a8adf91f0b6d1ed6e7d451fb93a7fd0f873c790a
7af0df8f9644b02cc51d21524c7983a00d9dbc2d3601739d8d6e001548cfe9ef
86bf1036789fc9768f23c81cdf61c486b86228a0eddbe232e86a99a96dac5d71
8d8e3f99e6ac157c0bf9665cd34a729c8f78e45a908890e231e24fe1867b5e0f
8e9a56ee211373fbeae846a6172d25f2bcb96429d02dc65ad6eb0d73b64146cf
93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2
9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69
9792bfec70a56c776df59dac10da133724e4f66a1bb5e1be74f0704a0130466e
9ccaa9c19f55a6620ce82fa5494a062817ceb3cd72fdf58c59114e409aafd96a
a0bdaf167b258a7a6c20172a119cddb617f46c1de4b710f98b4cd33527ae3374
a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b479ed0b2477c2cbddf91a0c9cea1b73c017f9bf787e31c6d9573b2eed9e0b28
b7a9abff26f10f1da273ea00346283c5aaf8a44042085661d64d2eabb1d2a9a4
b9561116be07dfb5c239a4ff5c9414c8ffc316835e8122265b4c2b73321e04f3
bd58fb1b94d374ef18c0e16aa6195840e8bb260688f27f5213cabfffbce08e67
c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4
c76a9cb437eb62c4dd5a2ff9f6d2e3835a73dacee48687c63735220e081b8265
cc4abce21cb2be565c9d4ea8b3be9b942b42eee8770694e8a3415e09f0b39803
cd182f3a350ac2d27a4ec5de75d7f39315f31c83db302387deaa56cd48f08fe0
d65a39715ffa728f57282b58ea27a40416ae37bacd2c2850c49291a1003ab35e
d83f00e53d435070c5a0d3ff2fa641dbe8c407d9fc754403da515ca52fc4ea0b
d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97
da5ffaa3ecfb62fb9e1d58ed51468eee919fdcb3bdc24990f1c921c3390f78c8
ded43a6af1e4e0a061fe1c97703f45cc4af82fc367de436789f6c70e5077b0eb
e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f5aca440878bff4b3853127aa8d492ef51b20dd518d7c22f76ab9ea91604a
e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a
e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde
ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0810cec806f3c15adfd715833817c7f7b7c8d33da8231833bbe83b83443b9b6
f39119c613a7b1189e7f4ab5a887d2f0d02d6e049ca73db5a05561526f46aed3
f492f26defb58daa62856b2b19d9d7dce2e3d4e1b409f76a32a5834d8e6ccdc9
f6c83a74aa4aa2d60e9ef6f9ee780513bf38756e26f7f080809649810a4b4292
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe8ee1e74a19f26f635bfd0127127df11580dede6ad1878cc864d3686bab6ee2

www.fastly.com Open in urlscan Pro 2a04:4e42:600::313 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

95 %HTTPS

33 %IPv6

27 Domains

33 Subdomains

30 IPs

4 Countries

1709 kBTransfer

7616 kBSize

21 Cookies

24 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fastly.com Open in urlscan Pro
2a04:4e42:600::313 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

95 %
HTTPS

33 %
IPv6

27
Domains

33
Subdomains

30
IPs

4
Countries

1709 kB
Transfer

7616 kB
Size

21
Cookies

139 HTTP transactions
6 data transactions