GET
H2
|
302
|
Njc3LVRIUC00MTUAAAGTaTQNlhuD0S8qmA2vcExNA8r2RpxvxUVjVCtfUcQ3gKAvi-oIKqZJPzx95JZ-_6eRa8TOBuk=
em.snyk.io/
|
663 B
1 KB
|
283ms
143ms
|
Document
text/html |
104.17.74.206
CLOUDFLARENET
|
|
General
- Full URL
- https://em.snyk.io/Njc3LVRIUC00MTUAAAGTaTQNlhuD0S8qmA2vcExNA8r2RpxvxUVjVCtfUcQ3gKAvi-oIKqZJPzx95JZ-_6eRa8TOBuk=
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_ECDSA, AES_128_GCM
- Server
-
104.17.74.206
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self'; img-src 'self';script-src 'self' 'sha256-hVXV20ldG5NlzVVU/ERWXYzYumO9R4md8HzSwv9Kafk=';object-src 'none';form-action 'none';frame-src 'none';style-src 'self' |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
|
GET
H2
|
200
|
Primary Request
/
Show response
snyk.io/de/blog/preventing-broken-access-control-express-node-js/
Redirect Chain
-
https://snyk.io/blog/preventing-broken-access-control-express-node-js/?utm_campaign=em_240530_prospect-newsletter-dev&utm_medium=em-mkto&utm_source=snyk&utm_content=em-bd&mkt_tok=Njc3LVRIUC00MTUAAA...
-
https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIs...
|
192 KB
50 KB
|
266ms
266ms
|
Document
text/html |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Requested by
- Host: em.snyk.io
URL: https://em.snyk.io/Njc3LVRIUC00MTUAAAGTaTQNlhuD0S8qmA2vcExNA8r2RpxvxUVjVCtfUcQ3gKAvi-oIKqZJPzx95JZ-_6eRa8TOBuk=
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
Next.js
- Resource Hash
- cfaf5daaa91365b5c9c2649e8b2c8a69f60526cc13e94e0ee53987a20ec0cd7e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg
snyk.io/_ipx/w_16,q_75/
Redirect Chain
-
https://snyk.io/_next/image/?url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg&w=16&q=75
-
https://snyk.io/_ipx/w_16,q_75/https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg?q=75&url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload...
|
552 B
1023 B
|
426ms
335ms
|
Image
image/jpeg |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_ipx/w_16,q_75/https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg?q=75&url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg&w=16
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- dc06f1a42415c3cbd70218538d8b974a13cb9e7c4dacdb593b602ea93dd0b203
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'none' |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg
snyk.io/_ipx/w_580,q_75/
Redirect Chain
-
https://snyk.io/_next/image/?url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg&w=580&q=75
-
https://snyk.io/_ipx/w_580,q_75/https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg?q=75&url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fuploa...
|
10 KB
10 KB
|
425ms
333ms
|
Image
image/jpeg |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_ipx/w_580,q_75/https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg?q=75&url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1676482568%2Fblog-feature-pypi-spoof.jpg&w=580
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- e91befdaccc2e5a608772f3348a2fc7cf0b9796b61729866f35cf3889fc18c7d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'none' |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
7034897d38fa60a6.css
snyk.io/_next/static/css/
|
2 MB
187 KB
|
168ms
34ms
|
Stylesheet
text/css |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- f708217487f3589f72c73b6a0a26e8e4f0f090d3fc182fb68a08843ac7588e85
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
5878.7dc3347efd58889e.js
Show response
snyk.io/_next/static/chunks/
|
1006 KB
296 KB
|
427ms
294ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/5878.7dc3347efd58889e.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 4ab92a77bc82f016bc07077e9e2edaf0ac6d4fcb728513a7262947eb956ef6b1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
4911.d9d3741df720c84f.js
Show response
snyk.io/_next/static/chunks/
|
2 KB
4 KB
|
625ms
493ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/4911.d9d3741df720c84f.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- d04b60875801b24fbd834b5e398753ce8d1bed4b7fd088f036e4b51e1918692e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
7476.8a70c7ea70d905c0.js
Show response
snyk.io/_next/static/chunks/
|
2 KB
4 KB
|
626ms
494ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/7476.8a70c7ea70d905c0.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- f5e1177f54d9e8b82ee0233a71ce8283759686a8ecf1873e8cc8e173e455965f
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
webpack-f5fc64f68b97e4b2.js
Show response
snyk.io/_next/static/chunks/
|
8 KB
7 KB
|
627ms
495ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/webpack-f5fc64f68b97e4b2.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 9d2a4e4d243b08e10dd36683dab8034196a36fa8a61f069b9858b6fd87de8d75
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
framework-a2363dd3c3dbe572.js
Show response
snyk.io/_next/static/chunks/
|
138 KB
47 KB
|
671ms
539ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/framework-a2363dd3c3dbe572.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 3cbf94b3c4ff22d70092601e71023fc6b6f0372861a1ec0064f5fdcbd4f689e3
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
main-2cf6c236605d687e.js
Show response
snyk.io/_next/static/chunks/
|
100 KB
32 KB
|
672ms
540ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 3a2d3dd22d7b57fb8783c7e69d78d47fad013d2e0825a94d133ea8bf6ab9de89
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
_app-c45fc57b1a74dd93.js
Show response
snyk.io/_next/static/chunks/pages/
|
178 KB
50 KB
|
673ms
541ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/_app-c45fc57b1a74dd93.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- a6b1e026b4cdb9225e70604fdd621f962f0d10e47aa57bd55dc71ab9555bd2f8
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
4770-c9a483479417afd4.js
Show response
snyk.io/_next/static/chunks/
|
16 KB
6 KB
|
727ms
595ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/4770-c9a483479417afd4.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 8834b7e2036d22de66fd7772d67749bc27868adba7fa9cf6c04aa82eb970a086
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
2135-9f4f17ec10a17287.js
Show response
snyk.io/_next/static/chunks/
|
10 KB
6 KB
|
727ms
596ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/2135-9f4f17ec10a17287.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 7b027de798e9745d6ef8e8224b93ac137e866133f107fc4f03567e9314595ae4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
9633-2de487f3a4af578b.js
Show response
snyk.io/_next/static/chunks/
|
38 KB
13 KB
|
729ms
597ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/9633-2de487f3a4af578b.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 35872338abf542fbcea97d76e5ec09d133c9fad435d5a5eb8b791def883c96d9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
8376-45468083887a3a12.js
Show response
snyk.io/_next/static/chunks/
|
7 KB
5 KB
|
729ms
599ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/8376-45468083887a3a12.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 6bb775d2107e4b206cf383ef0e845880297438df8f1c196830e09d51fe117ffb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
1813-a9c27f9c487d2747.js
Show response
snyk.io/_next/static/chunks/
|
10 KB
7 KB
|
730ms
600ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/1813-a9c27f9c487d2747.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- d4480b59d7d5b224f77f50bdecef0faff3a43d90621569dc1a80f612114e5ea9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
%5Bslug%5D-890f3c9de5549323.js
Show response
snyk.io/_next/static/chunks/pages/blog/
|
13 KB
7 KB
|
851ms
722ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/blog/%5Bslug%5D-890f3c9de5549323.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- faff7a68a9c154e4ed460e9ba3784e3b86e6beffaf5235889bffb7b402b2d92b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
_buildManifest.js
Show response
snyk.io/_next/static/ZYH_yK2UhcZitXPhsX99n/
|
6 KB
5 KB
|
853ms
723ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/ZYH_yK2UhcZitXPhsX99n/_buildManifest.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- fb9f1d74b8f71b8284705d464b6aa398d93438b8335a820fd0a70a14af85f183
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
_ssgManifest.js
Show response
snyk.io/_next/static/ZYH_yK2UhcZitXPhsX99n/
|
703 B
3 KB
|
852ms
725ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/ZYH_yK2UhcZitXPhsX99n/_ssgManifest.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 700d036187022f62f94f76c1aec6e1dac0f258ea1bb3fa3d2dbfa43ba24951d1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
gtm.js
Show response
www.googletagmanager.com/
|
217 KB
71 KB
|
448ms
25ms
|
Script
application/javascript |
2a00:1450:4001:82f::2008
GOOGLE
|
|
General
- Full URL
- https://www.googletagmanager.com/gtm.js?id=GTM-T8QMQW9
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:82f::2008
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Google Tag Manager /
- Resource Hash
- 59909ca617be7138de23d9fdac89306a80a4db8cfc63dc57a727704c70bd939c
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
gtm.js
Show response
www.googletagmanager.com/
|
255 KB
88 KB
|
276ms
16ms
|
Script
application/javascript |
2a00:1450:4001:82f::2008
GOOGLE
|
|
|
GET
H2
|
200
|
22d7a014-b92d-4a73-ad20-7aebe461d6e2.js
Show response
j.6sc.co/j/
|
4 KB
5 KB
|
1630ms
462ms
|
Script
application/javascript |
2.17.100.210
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
wordmark-logo-color.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-logos/
|
7 KB
3 KB
|
805ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-logos/wordmark-logo-color.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- 4675a6b7617b6c822bb3ca4cb6109e349cdf88120763ad32fd76bc9b804586ac
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
code.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/
|
2 KB
1 KB
|
803ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/code.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- 905a6e55daa962eaf4191b6a13d22ab1072ed2c6ae57fae625e64281d4617eea
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
oss.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/
|
2 KB
1 KB
|
804ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/oss.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- ea7809760ed48c05ce98ff011046dd45dff75f0c0829f385e298c018ae4e4220
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
container.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/
|
2 KB
1 KB
|
802ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/container.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- fe2f4b1ea23905ddf0cd841ef1fef257138151c9db5a78b451f182fdf0ac66ad
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
iac.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/
|
2 KB
1 KB
|
812ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/iac.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- 3f76288d6fe9b9c1340ba0fe7fb295fb0988c143667b7b7a2c8a93ffdff68c39
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
apprisk.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/
|
2 KB
1 KB
|
809ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/product-logos/apprisk.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- eb8a6c0081e8b9e09b8896346277408227046a2f2a603395b2917b29ed4850bc
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
application-security.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/
|
2 KB
1 KB
|
447ms
47ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/application-security.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- fc2120c3800a4ef9d3d3c81bd0b80dc6100a5db404d2b6c163105676192e4996
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
supply-chain-security.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/
|
2 KB
1 KB
|
399ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/supply-chain-security.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- 294b48ac51fed9d25d13b36ff6f26301fdd5006c70667265dd2a66d7735f5abb
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
ai-generated-code.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/
|
3 KB
2 KB
|
383ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/ai-generated-code.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- 123e1ebbdbff2399c1afc4c7e4fe127c7e73e29866886be2f7f82749cd2b5ef3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
zero-day.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/
|
2 KB
1 KB
|
383ms
0ms
|
Image
image/svg+xml |
2a02:26f0:3500:880::523
AKAMAI-ASN1
|
|
General
- Full URL
- https://res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/brand-icons/zero-day.svg
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_256_GCM
- Server
-
2a02:26f0:3500:880::523
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Cloudinary /
- Resource Hash
- d93d216e3091264953416f76db91334461e277b5487ba57018c70708872649a9
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=604800 |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
wave-mask-salmon-top.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/backgrounds/
|
581 B
867 B
|
1383ms
8ms
|
Image
image/svg+xml |
23.206.208.32
AKAMAI-AS
|
|
|
GET
H2
|
200
|
wave-mask-purple-top.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/backgrounds/
|
536 B
838 B
|
1382ms
7ms
|
Image
image/svg+xml |
23.206.208.32
AKAMAI-AS
|
|
|
GET
H2
|
200
|
wave-mask-space-top.svg
res.cloudinary.com/snyk/image/upload/snyk-mktg-brandui/backgrounds/
|
409 B
767 B
|
1382ms
8ms
|
Image
image/svg+xml |
23.206.208.32
AKAMAI-AS
|
|
|
GET
H2
|
200
|
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.35153fd3.woff2
snyk.io/_next/static/media/
|
49 KB
52 KB
|
570ms
279ms
|
Font
font/woff2 |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/media/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.35153fd3.woff2
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
brandui-general-icons.14eb437e.ttf
snyk.io/_next/static/media/
|
11 KB
9 KB
|
373ms
81ms
|
Font
font/ttf |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/media/brandui-general-icons.14eb437e.ttf
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 339a573d2e03e3272fdece432a83c6a2481b24dd5c49b7f6acbcd38e22e3eb82
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
poppins-v19-latin-ext_latin_devanagari-600.3d28cac7.woff2
snyk.io/_next/static/media/
|
49 KB
51 KB
|
933ms
642ms
|
Font
font/woff2 |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/media/poppins-v19-latin-ext_latin_devanagari-600.3d28cac7.woff2
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.8d2ce490.woff2
snyk.io/_next/static/media/
|
49 KB
52 KB
|
483ms
192ms
|
Font
font/woff2 |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/media/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.8d2ce490.woff2
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
poppins-v19-latin-ext_latin_devanagari-700.933eb8c3.woff2
snyk.io/_next/static/media/
|
48 KB
51 KB
|
651ms
363ms
|
Font
font/woff2 |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/media/poppins-v19-latin-ext_latin_devanagari-700.933eb8c3.woff2
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 4f73127335c22d96e1ee451f7b8ab5d5d6b9ba742735bb647e406e1945659bb6
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.4353dd7d.woff2
snyk.io/_next/static/media/
|
49 KB
52 KB
|
1266ms
978ms
|
Font
font/woff2 |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/media/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.4353dd7d.woff2
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
roboto-mono-v13-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.b3008d1c.woff2
snyk.io/_next/static/media/
|
37 KB
40 KB
|
308ms
20ms
|
Font
font/woff2 |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/media/roboto-mono-v13-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.b3008d1c.woff2
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/css/7034897d38fa60a6.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 0735372f56f4589605c7513431f4970be66099254878de7c38b61cb91aa8bd5e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1716388145%2Fben-smith.webp
snyk.io/_ipx/w_32,q_75/
Redirect Chain
-
https://snyk.io/_next/image/?url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1716388145%2Fben-smith.webp&w=32&q=75
-
https://snyk.io/_ipx/w_32,q_75/https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1716388145%2Fben-smith.webp?q=75&url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv171638814...
|
396 B
864 B
|
906ms
630ms
|
Image
image/webp |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_ipx/w_32,q_75/https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1716388145%2Fben-smith.webp?q=75&url=https%3A%2F%2Fres.cloudinary.com%2Fsnyk%2Fimage%2Fupload%2Fv1716388145%2Fben-smith.webp&w=32
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 6effc0cb73883f299fd153c46ff7f6bb0f689269e13002b78190d651797cdd39
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'none' |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
HEAD
H2
|
200
|
preventing-broken-access-control-express-node-js.json
snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/blog/
|
0
0
|
932ms
641ms
|
Fetch
application/json |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/blog/preventing-broken-access-control-express-node-js.json?slug=preventing-broken-access-control-express-node-js&mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
bundle.js
Show response
app.usercentrics.eu/browser-ui/latest/
|
623 KB
178 KB
|
987ms
0ms
|
Script
text/javascript |
2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...
|
|
|
GET
H2
|
200
|
msschemaloader_min.js
Show response
schema.milestoneinternet.com/schema/js/
|
2 KB
1 KB
|
1449ms
376ms
|
Script
application/javascript |
2606:4700:4400::ac40:9306
CLOUDFLARENET
|
|
|
GET
H2
|
404
|
script.js
snyk.io/de/_vercel/insights/
Redirect Chain
-
https://snyk.io/_vercel/insights/script.js
-
https://snyk.io/de/_vercel/insights/script.js
|
0
0
|
474ms
85ms
|
Script
text/html |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/de/_vercel/insights/script.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
Next.js
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
6si.min.js
Show response
j.6sc.co/
|
66 KB
18 KB
|
339ms
0ms
|
Script
application/javascript |
2.17.100.210
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
de.json
Show response
snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/
|
68 KB
17 KB
|
996ms
640ms
|
Fetch
application/json |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de.json
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 51dcaa452f3e23e06d0505631012c6f95386ad990f72e6f606edc184be0d55a6
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
plans.json
Show response
snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/
|
109 KB
19 KB
|
998ms
642ms
|
Fetch
application/json |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/plans.json?slug=plans
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 649c42225446e49a8ad2114e128a5c2fd9e12254486529c6d2d75b935be9ec58
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
schedule-a-demo.json
Show response
snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/
|
22 KB
7 KB
|
1154ms
798ms
|
Fetch
application/json |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/schedule-a-demo.json
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- f381680edc50911e87e826a8d1f9861b54646d94e43d6bd8bfbb2e6573551925
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
blog.json
Show response
snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/
|
2 B
411 B
|
1156ms
800ms
|
Fetch
application/json |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/data/ZYH_yK2UhcZitXPhsX99n/de/blog.json
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
POST
H3
|
200
|
landing
pagead2.googlesyndication.com/pagead/
|
42 B
64 B
|
356ms
150ms
|
Ping
image/gif |
142.250.185.66
GOOGLE
|
|
General
- Full URL
- https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=765645483.1717090051&url=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F&dma_cps=-&dma=1&npa=1>m=45He45m0n81W4LKKNLv9131853231za200zb896252831
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4LKKNL&l=dataLayer
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
142.250.185.66
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- fra16s48-in-f2.1e100.net
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'none'; object-src 'none' |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
getuidj
Show response
secure.adnxs.com/
|
11 B
692 B
|
908ms
0ms
|
XHR
application/json |
185.89.210.82
ASN-APPNEX
|
|
|
GET
H2
|
200
|
/
Show response
c.6sc.co/
|
7 B
187 B
|
776ms
0ms
|
XHR
text/html |
2.17.100.210
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
/
Show response
ipv6.6sc.co/
|
20 B
303 B
|
910ms
0ms
|
XHR
text/html |
2a02:26f0:ab00::214:8e70
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
details
Show response
epsilon.6sense.com/v3/company/
|
725 B
702 B
|
288ms
33ms
|
XHR
application/json |
76.223.9.105
AMAZON-02
|
|
|
OPTIONS
H2
|
200
|
details
epsilon.6sense.com/v3/company/
Frame
|
0
0
|
963ms
0ms
|
Preflight
|
76.223.9.105
AMAZON-02
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
258 B
|
811ms
11ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
258 B
|
743ms
0ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%2250d389da3b3e04f03e03d1239ba98024%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22disableCookies%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEpsilonKey%5C%22%2C%5C%22value%5C%22%3A%5C%22d1c26e37d31beca9d3895cf47f60178e5fae9d81%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIPv6Ping%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableIgnorePageUrlHash%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableRetargeting%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setWhiteListFields%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCustomMetatags%5C%22%2C%5C%22value%5C%22%3A%5C%22%5B%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22storeTagId%5C%22%2C%5C%22value%5C%22%3A%5C%2222d7a014-b92d-4a73-ad20-7aebe461d6e2%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setCompanyDetailsExpiration%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableMapCookieCapture%5C%22%2C%5C%22value%5C%22%3A%5C%22false%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22enableCompanyDetails%5C%22%2C%5C%22value%5C%22%3A%5C%22%5Btrue%2Cnull%2C3%5D%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
3739-24f7ea508ecf5b00.js
snyk.io/_next/static/chunks/
|
0
6 KB
|
450ms
0ms
|
Other
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/3739-24f7ea508ecf5b00.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
index-75d421c215794344.js
snyk.io/_next/static/chunks/pages/
|
0
5 KB
|
414ms
0ms
|
Other
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/index-75d421c215794344.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
schedule-a-demo-7a038bd4c4a57c49.js
snyk.io/_next/static/chunks/pages/
|
0
5 KB
|
450ms
0ms
|
Other
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/schedule-a-demo-7a038bd4c4a57c49.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
5742-a42b6cfd50f20d39.js
snyk.io/_next/static/chunks/
|
0
7 KB
|
447ms
0ms
|
Other
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/5742-a42b6cfd50f20d39.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
blog-9d7740f5551fdb14.js
snyk.io/_next/static/chunks/pages/
|
0
10 KB
|
432ms
0ms
|
Other
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/blog-9d7740f5551fdb14.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
%5B...slug%5D-26f7e24647fcb7fb.js
snyk.io/_next/static/chunks/pages/
|
0
5 KB
|
772ms
325ms
|
Other
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/%5B...slug%5D-26f7e24647fcb7fb.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
404
|
schema.json
Show response
schema.milestoneinternet.com/schema/snyk.io/de/blog/preventing-broken-access-control-express-node-js/
|
215 B
440 B
|
396ms
325ms
|
XHR
application/xml |
172.64.147.6
CLOUDFLARENET
|
|
General
- Full URL
- https://schema.milestoneinternet.com/schema/snyk.io/de/blog/preventing-broken-access-control-express-node-js/schema.json?t=2661
- Requested by
- Host: schema.milestoneinternet.com
URL: https://schema.milestoneinternet.com/schema/js/msschemaloader_min.js
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
172.64.147.6
San Francisco, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 3b3ea55cbf2f64036a99a9ccce10a1bc6f3ef10c5f4e27315c89ef0313c949b3
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
|
OPTIONS
H3
|
200
|
schema.json
schema.milestoneinternet.com/schema/snyk.io/de/blog/preventing-broken-access-control-express-node-js/
Frame
|
0
0
|
381ms
233ms
|
Preflight
|
172.64.147.6
CLOUDFLARENET
|
|
General
- Full URL
- https://schema.milestoneinternet.com/schema/snyk.io/de/blog/preventing-broken-access-control-express-node-js/schema.json?t=2661
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
172.64.147.6
San Francisco, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
260 B
|
394ms
129ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A31%20GMT%22%2C%22timeSpent%22%3A%221007%22%2C%22totalTimeSpent%22%3A%221007%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
259 B
|
325ms
95ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=ipv6&q=%7B%22address%22%3A%222a01%3A4a0%3A1338%3A92%3A%3A12%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
5742-a42b6cfd50f20d39.js
Show response
snyk.io/_next/static/chunks/
|
13 KB
0
|
100ms
100ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/5742-a42b6cfd50f20d39.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- acb5a7831761f4c644ff4deba2e8f693fcd45cfd6b795cf6ecdf304d61e96759
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
3739-24f7ea508ecf5b00.js
Show response
snyk.io/_next/static/chunks/
|
10 KB
0
|
101ms
101ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/3739-24f7ea508ecf5b00.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 1a893edcd8ec8649b3e96f47776eb2dbd8f420161e332ad8fa7689d00d4a03ea
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
blog-9d7740f5551fdb14.js
Show response
snyk.io/_next/static/chunks/pages/
|
22 KB
0
|
102ms
102ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/blog-9d7740f5551fdb14.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 1dac8ff928f0f8bf75ed0a1d5dbbb113ec41033413dab51ca4ce64f6e3459ee7
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
index-75d421c215794344.js
Show response
snyk.io/_next/static/chunks/pages/
|
5 KB
0
|
79ms
79ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/index-75d421c215794344.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 58b0f53c6ed0a334e59c54930026fdcb3bd711f7440fbdd29ddcf9805ce163fa
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
schedule-a-demo-7a038bd4c4a57c49.js
Show response
snyk.io/_next/static/chunks/pages/
|
5 KB
0
|
81ms
81ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/schedule-a-demo-7a038bd4c4a57c49.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 67913522a9a14f12dc24b99250b2ddb0d1444ae44dcd6b37f9a98834b8518aea
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
destination
Show response
www.googletagmanager.com/gtag/
|
276 KB
94 KB
|
230ms
165ms
|
Script
application/javascript |
142.250.181.232
GOOGLE
|
|
|
GET
H2
|
200
|
FLMnthfCCTbMOO.json
Show response
api.usercentrics.eu/ruleSet/
|
370 B
797 B
|
137ms
69ms
|
Fetch
application/json |
2600:1901:0:c07c::
GOOGLE
|
|
|
OPTIONS
H2
|
200
|
FLMnthfCCTbMOO.json
api.usercentrics.eu/ruleSet/
Frame
|
0
0
|
593ms
54ms
|
Preflight
text/html |
2600:1901:0:c07c::
GOOGLE
|
|
General
- Full URL
- https://api.usercentrics.eu/ruleSet/FLMnthfCCTbMOO.json
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:1901:0:c07c::
Kansas City, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
UploadServer /
- Resource Hash
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=7776000 |
|
GET
H2
|
200
|
%5B...slug%5D-26f7e24647fcb7fb.js
Show response
snyk.io/_next/static/chunks/pages/
|
5 KB
0
|
88ms
88ms
|
Script
application/javascript |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/_next/static/chunks/pages/%5B...slug%5D-26f7e24647fcb7fb.js
- Requested by
- Host: snyk.io
URL: https://snyk.io/_next/static/chunks/main-2cf6c236605d687e.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 1f4da43d51613c3d659200b2579ceae91b6f859316f9c93bafecb373ca23ea6e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
259 B
|
221ms
124ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A32%20GMT%22%2C%22timeSpent%22%3A%221015%22%2C%22totalTimeSpent%22%3A%222022%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Requested by
- Host: snyk.io
URL: https://snyk.io/de/blog/preventing-broken-access-control-express-node-js/?mkt_tok=Njc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ&utm_campaign=em_240530_prospect-newsletter-dev&utm_content=em-bd&utm_medium=em-mkto&utm_source=snyk
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
favicon.ico
snyk.io/
|
15 KB
6 KB
|
159ms
100ms
|
Other
image/vnd.microsoft.icon |
2a02:26f0:e8:ab2::ecd
AKAMAI-ASN1
|
|
General
- Full URL
- https://snyk.io/favicon.ico
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2a02:26f0:e8:ab2::ecd
London, United Kingdom,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- Software
-
Netlify /
- Resource Hash
- 51529e0966473c5bd68677b91f609c6ca6436674a3a9d4a7f1cc81064ea2cf1f
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self';base-uri 'none';child-src 'none';script-src 'self' ;script-src-elem 'self' 'unsafe-inline' blob: https://snyk.io https://*.snyk.io https://*.netlify.app https://*.dev.snyk.io https://*.usercentrics.eu cdn.segment.com bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com www.google.com www.google-analytics.com *.googletagmanager.com www.googleadservices.com googleads.g.doubleclick.net https://*.doubleclick.net/ ssl.google-analytics.com https://www.gstatic.com https://widget.intercom.io https://js.intercomcdn.com https://assets.trendemon.com https://trackingapi.trendemon.com 479-bcc-915.mktoweb.com munchkin.marketo.net https://platform.twitter.com fast.wistia.com www.gartner.com https://cdnjs.cloudflare.com https://connect.facebook.net https://snap.licdn.com https://vercel.live/ https://netlify-cdp-loader.netlify.app https://js.zi-scripts.com https://schema.milestoneinternet.com https://tracking.intentsify.io;connect-src 'self' https://*.snyk.io https://*.dev.snyk.io https://*.usercentrics.eu https://677-thp-415.mktoresp.com *.segment.com *.segment.io https://res.cloudinary.com https://bat.bing.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io *.google-analytics.com *.analytics.google.com *.googletagmanager.com *.g.doubleclick.net *.google.com fast.wistia.com https://embed-cloudfront.wistia.com https://distillery.wistia.com https://boards-api.greenhouse.io https://secure.adnxs.com https://cdn.linkedin.oribi.io https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://storage.googleapis.com https://*.googlesyndication.com https://js.zi-scripts.com https://*.zoominfo.com https://vercel.live/ https://ingesteer.services-prod.nsvcs.net https://677-thp-415.mktoutil.com https://schema.milestoneinternet.com;style-src 'self' 'unsafe-inline' 479-bcc-915.mktoweb.com *.snyk.io www.gartner.com cdn.segment.io fonts.googleapis.com;img-src 'self' data: https://res.cloudinary.com https://*.usercentrics.eu https://bat.bing.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://static.intercomassets.com https://*.intercomcdn.com https://messenger-apps.intercom.io www.google-analytics.com www.googleadservices.com googleads.g.doubleclick.net www.google.com www.google.co.uk www.googletagmanager.com https://*.trendemon.com https://img.youtube.com https://i.ytimg.com fast.wistia.com https://syndication.twitter.com https://embed-ssl.wistia.com www.gartner.com https://reviews.static.gartner.com https://www.linkedin.com https://px.ads.linkedin.com https://px4.ads.linkedin.com https://www.facebook.com;frame-src 'self' *.snyk.io https://res.cloudinary.com 479-bcc-915.mktoweb.com bid.g.doubleclick.net *.doubleclick.net www.google.com www.youtube.com https://*.6sense.com https://*.6sc.co https://linkedin.com https://*.linkedin.com https://i.ytimg.com https://platform.twitter.com www.gartner.com https://www.facebook.com https://app.netlify.com https://player.simplecast.com https://app.usercentrics.eu https://vercel.live/;form-action 'self' https://www.facebook.com;frame-ancestors 'self' https://resources.snyk.io https://app.contentful.com https://www.linkedin.com;font-src 'self' data: fast.wistia.com www.gartner.com https://fonts.intercomcdn.com;media-src 'self' blob: https://res.cloudinary.com https://js.intercomcdn.com;worker-src 'self' blob:;manifest-src 'self';object-src https://res.cloudinary.com; |
Strict-Transport-Security |
max-age=31536000; preload |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
languages.json
Show response
api.usercentrics.eu/settings/HJ-Jgu0__ikv-k/latest/
|
56 B
93 B
|
171ms
87ms
|
Fetch
application/json |
35.241.3.184
GOOGLE
|
|
|
OPTIONS
H3
|
200
|
languages.json
api.usercentrics.eu/settings/HJ-Jgu0__ikv-k/latest/
Frame
|
0
0
|
213ms
101ms
|
Preflight
text/html |
35.241.3.184
GOOGLE
|
|
General
- Full URL
- https://api.usercentrics.eu/settings/HJ-Jgu0__ikv-k/latest/languages.json
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
35.241.3.184
Kansas City, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- 184.3.241.35.bc.googleusercontent.com
- Software
-
UploadServer /
- Resource Hash
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=7776000 |
|
GET
H3
|
200
|
en.json
Show response
api.usercentrics.eu/settings/HJ-Jgu0__ikv-k/latest/
|
36 KB
8 KB
|
194ms
99ms
|
Fetch
application/json |
35.241.3.184
GOOGLE
|
|
|
OPTIONS
H3
|
200
|
en.json
api.usercentrics.eu/settings/HJ-Jgu0__ikv-k/latest/
Frame
|
0
0
|
327ms
211ms
|
Preflight
text/html |
35.241.3.184
GOOGLE
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
260 B
|
324ms
0ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A34%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A33%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223023%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
cross-domain-bridge.html
app.usercentrics.eu/browser-sdk/4.35.2/
Frame 88F7
|
0
0
|
1009ms
350ms
|
Document
text/html |
2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...
|
|
General
- Full URL
- https://app.usercentrics.eu/browser-sdk/4.35.2/cross-domain-bridge.html
- Requested by
- Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:1901:0:5987::
Kansas City, United States,
ASN396982
(GOOGLE-CLOUD-PLATFORM, US),
- Reverse DNS
- Software
-
UploadServer /
- Resource Hash
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=7776000 |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
259 B
|
213ms
83ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A35%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A34%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%224027%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
POST
H2
|
204
|
collect
region1.google-analytics.com/g/
|
0
249 B
|
365ms
62ms
|
Ping
text/plain |
2001:4860:4802:32::36
GOOGLE
|
|
General
- Full URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-X9SH3KP7B4>m=45je45m0v879460793z89131853231za200zb9131853231&_p=1717090048029&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&cid=317392943.1717090056&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1717090054&sct=1&seg=0&dl=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&dr=https%3A%2F%2Fem.snyk.io%2F&dt=Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk&en=undefined&_fv=1&_nsi=1&_ss=1&up.confidence_6si=NA&up.company_name_6si=(Non-company%20Visit)&up.country_6si=Germany&up.state_6si=Berlin&up.city_6si=Berlin&up.country_iso_code_6si=DE&up.geoIP_country_6si=Germany&up.geoIP_state_6si=Berlin&up.geoIP_city_6si=Berlin&up.company_match_6si=Non-actionable%20Match&up.additional_comment_6si=There%20is%20no%20valid%20B2B%20use%20case%20as%20this%20was%20matched%20to%20something%20other%20than%20a%20company%20name%2Fdomain%20(i.e.%20bot%2C%20host%2C%20noisy%20signal%2C%20etc.)&up.industry_v2_6si=&up.segment_ids_6si=false&up.segment_names_6si=false&tfd=8847
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-X9SH3KP7B4&l=dataLayer&cx=c
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2001:4860:4802:32::36
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
260 B
|
402ms
80ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A36%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A35%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%225027%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
1px.png
app.usercentrics.eu/session/
|
489 B
819 B
|
296ms
0ms
|
Image
image/png |
2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...
|
|
|
GET
H3
|
200
|
translations-en.json
Show response
api.usercentrics.eu/translations/
|
7 KB
2 KB
|
245ms
89ms
|
Fetch
application/json |
35.241.3.184
GOOGLE
|
|
|
OPTIONS
H3
|
200
|
translations-en.json
api.usercentrics.eu/translations/
Frame
|
0
0
|
263ms
129ms
|
Preflight
text/html |
35.241.3.184
GOOGLE
|
|
|
GET
H2
|
200
|
en
Show response
aggregator.service.usercentrics.eu/aggregate/
|
130 KB
15 KB
|
128ms
36ms
|
Fetch
application/json |
2600:1901:0:256b::
GOOGLE-CLOUD-PLAT...
|
|
General
- Full URL
- https://aggregator.service.usercentrics.eu/aggregate/en?templates=5wiCjoxM2-lK6w@1.1.0,8eIqa_sKr@8.1.1,9V8bg4D63@9.6.8,9y-4-D2PG@3.3.1,BJ59EidsWQ@25.7.28,BJTzqNi_i-m@5.3.8,BJz7qNsdj-7@15.8.19,Bklbg5NodobQ@5.0.1,D1_CKTzWP@3.1.2,EzB86P_wyadMk7@1.0.0,F-REmjGq7@3.2.1,H1Vl5NidjWX@40.17.44,HkIVcNiuoZX@6.3.4,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,Hkx754i_iWm@8.3.6,HyP_q4sdobm@10.4.6,JQ2XQxIk@9.6.9,M6Q7giJoz@1.4.3,O97xcRJFR@1.0.1,RjdrEL9m_3yDF1@1.1.0,S1_9Vsuj-Q@15.7.21,S1hmcVouiZm@6.2.2,S1zkWcVi_oWm@4.2.0,SJ1aqNjOs-m@5.3.0,Sk9kb5VoOi-7@5.1.3,Skj79NodobQ@8.1.3,Sy7BcNo_ib7@4.2.4,Sy7BxqEo_oZQ@4.2.0,T2cdx4BaraTNyk@1.1.0,XL7559yNs@1.0.2,XMw_UprlvWcclQ@1.1.0,Zg13UhOEBh3AmO@1.1.0,dsS7z9Hv4@1.1.4,i2pWBF3hFDo2UV@1.0.0,jzMEq56vW@1.4.3,r1HocEjOiWm@7.2.1,rJJjcVouoZ7@8.3.6,rVtviIuJYcqyxp@1.0.1,rk-nqEj_o-m@8.6.4,rkBBg94sdiW7@9.2.3,ryDQcVoOoZQ@8.2.4,v2l1mAAn044OOH@1.1.0,zNbf2ZXwPBfmb2@1.3.0
- Requested by
- Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/bundle.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:1901:0:256b::
Kansas City, United States,
ASN396982
(GOOGLE-CLOUD-PLATFORM, US),
- Reverse DNS
- Software
-
Google Frontend /
- Resource Hash
- ea968b348b72688a19a64d879b2eaf5197f57f53f9cc5709a26ac93bf26144a8
|
OPTIONS
H2
|
204
|
en
aggregator.service.usercentrics.eu/aggregate/
Frame
|
0
0
|
411ms
0ms
|
Preflight
text/html |
2600:1901:0:256b::
GOOGLE-CLOUD-PLAT...
|
|
General
- Full URL
- https://aggregator.service.usercentrics.eu/aggregate/en?templates=5wiCjoxM2-lK6w@1.1.0,8eIqa_sKr@8.1.1,9V8bg4D63@9.6.8,9y-4-D2PG@3.3.1,BJ59EidsWQ@25.7.28,BJTzqNi_i-m@5.3.8,BJz7qNsdj-7@15.8.19,Bklbg5NodobQ@5.0.1,D1_CKTzWP@3.1.2,EzB86P_wyadMk7@1.0.0,F-REmjGq7@3.2.1,H1Vl5NidjWX@40.17.44,HkIVcNiuoZX@6.3.4,HkPBYFofN@10.3.1,Hko_qNsui-Q@14.5.15,HkocEodjb7@52.11.41,Hkx754i_iWm@8.3.6,HyP_q4sdobm@10.4.6,JQ2XQxIk@9.6.9,M6Q7giJoz@1.4.3,O97xcRJFR@1.0.1,RjdrEL9m_3yDF1@1.1.0,S1_9Vsuj-Q@15.7.21,S1hmcVouiZm@6.2.2,S1zkWcVi_oWm@4.2.0,SJ1aqNjOs-m@5.3.0,Sk9kb5VoOi-7@5.1.3,Skj79NodobQ@8.1.3,Sy7BcNo_ib7@4.2.4,Sy7BxqEo_oZQ@4.2.0,T2cdx4BaraTNyk@1.1.0,XL7559yNs@1.0.2,XMw_UprlvWcclQ@1.1.0,Zg13UhOEBh3AmO@1.1.0,dsS7z9Hv4@1.1.4,i2pWBF3hFDo2UV@1.0.0,jzMEq56vW@1.4.3,r1HocEjOiWm@7.2.1,rJJjcVouoZ7@8.3.6,rVtviIuJYcqyxp@1.0.1,rk-nqEj_o-m@8.6.4,rkBBg94sdiW7@9.2.3,ryDQcVoOoZQ@8.2.4,v2l1mAAn044OOH@1.1.0,zNbf2ZXwPBfmb2@1.3.0
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:1901:0:256b::
Kansas City, United States,
ASN396982
(GOOGLE-CLOUD-PLATFORM, US),
- Reverse DNS
- Software
-
Google Frontend /
- Resource Hash
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
260 B
|
228ms
0ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A37%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A36%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%226028%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
OPTIONS
H2
|
204
|
3
consent-api.service.consent.usercentrics.eu/consent/uw/
Frame
|
0
0
|
352ms
40ms
|
Preflight
text/html |
2600:1901:0:1e38::
|
|
General
- Full URL
- https://consent-api.service.consent.usercentrics.eu/consent/uw/3
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:1901:0:1e38::
-, ,
ASN
(),
- Reverse DNS
- Software
-
Google Frontend /
- Resource Hash
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=7776000 |
|
POST
H2
|
201
|
3
Show response
consent-api.service.consent.usercentrics.eu/consent/uw/
|
0
88 B
|
110ms
66ms
|
Fetch
text/html |
2600:1901:0:1e38::
|
|
|
GET
H2
|
200
|
uct
uct.service.usercentrics.eu/
|
35 B
279 B
|
699ms
19ms
|
Image
image/gif |
34.95.108.180
|
|
|
GET
H2
|
200
|
analytics.min.js
Show response
cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/
|
103 KB
28 KB
|
261ms
44ms
|
Script
text/javascript |
99.86.8.175
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
260 B
|
192ms
81ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A38%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A37%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%227028%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
settings
Show response
cdn.segment.com/v1/projects/UspolAZH46ZIH3mN3bdf7rx63q24gitb/
|
4 KB
2 KB
|
264ms
18ms
|
Fetch
application/json |
99.86.8.175
|
|
|
GET
H2
|
200
|
ajs-destination.bundle.ed53a26b6edc80c65d73.js
Show response
cdn.segment.com/analytics-next/bundles/
|
9 KB
3 KB
|
64ms
46ms
|
Script
application/javascript |
99.86.8.175
|
|
|
GET
H2
|
200
|
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Show response
cdn.segment.com/analytics-next/bundles/
|
2 KB
1 KB
|
75ms
33ms
|
Script
application/javascript |
99.86.8.175
|
|
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
260 B
|
227ms
226ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A39%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A38%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%228028%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
258 B
|
183ms
182ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A40%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A39%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%229029%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
257 B
|
448ms
443ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A41%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A40%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%2210029%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
260 B
|
132ms
132ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A44%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A41%20GMT%22%2C%22timeSpent%22%3A%223000%22%2C%22totalTimeSpent%22%3A%2213029%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
img.gif
b.6sc.co/v1/beacon/
|
43 B
259 B
|
143ms
142ms
|
Image
image/gif |
2.17.100.210
AKAMAI-ASN1
|
|
General
- Full URL
- https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=bda8e6dd-daca-404f-8bd1-a0af8e69b247&session=c40114f5-da20-4b16-8785-083467623c06&event=active_time_track&q=%7B%22currentTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A47%20GMT%22%2C%22lastTrackTime%22%3A%22Thu%2C%2030%20May%202024%2017%3A27%3A44%20GMT%22%2C%22timeSpent%22%3A%223001%22%2C%22totalTimeSpent%22%3A%2216030%22%7D&isIframe=false&m=%7B%22description%22%3A%22In%20this%20article%2C%20you%27ll%20learn%20more%20about%20broken%20access%20control%20in%20Node.js%20applications%20and%20strategies%20to%20prevent%20such%20vulnerabilities%20when%20building%20web%20applications%20based%20on%20the%20Express%20web%20framework.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Preventing%20broken%20access%20control%20in%20express%20Node.js%20applications%20%7C%20Snyk%22%7D&cb=&r=https%3A%2F%2Fem.snyk.io%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Fde%2Fblog%2Fpreventing-broken-access-control-express-node-js%2F%3Fmkt_tok%3DNjc3LVRIUC00MTUAAAGTaTQNlkoQ1KwUjAhj8zUYV2KcKXa33otFqDaGiFTDOMM5VSxFM0q1pLoHE4iBoQJNtmnvRVn99L_OtJrn87VHxj0aHco1nIszfBCkiRJhCg3N2NQ%26utm_campaign%3Dem_240530_prospect-newsletter-dev%26utm_content%3Dem-bd%26utm_medium%3Dem-mkto%26utm_source%3Dsnyk&pageViewId=9a78d66c-6698-47d6-8e39-981631d3a580&an_uid=0&webTagId=22d7a014-b92d-4a73-ad20-7aebe461d6e2&v=1.1.20
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2.17.100.210
Frankfurt am Main, Germany,
ASN20940
(AKAMAI-ASN1, NL),
- Reverse DNS
- a2-17-100-210.deploy.static.akamaitechnologies.com
- Software
-
nginx/1.14.0 (Ubuntu) /
- Resource Hash
- dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|