urlscan.io logo urlscan.io
SecurityTrails logo

www.vaadata.com Open in urlscan Pro
213.186.33.171  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Submission: On September 13 via api from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 5 countries across 8 domains to perform 46 HTTP transactions. The main IP is 213.186.33.171, located in France and belongs to OVH, FR. The main domain is www.vaadata.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on August 2nd 2019. Valid for: 2 years.
This is the only time www.vaadata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    213.186.33.171 (France)

ASN16276 (OVH, FR)
PTR: full-cdn-01.cluster015.hosting.ovh.net
www.vaadata.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    163.172.102.120 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-102-120.rev.poneytelecom.eu
api.plezi.co
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    51.15.13.14 (Haarlem, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 51-15-13-14.rev.poneytelecom.eu
files.plezi.co
4    147.75.102.197 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11
static.hotjar.com
script.hotjar.com
vars.hotjar.com
vc.hotjar.io
2    163.172.70.254 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-70-254.rev.poneytelecom.eu
app.plezi.co
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.213.50.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-50-60.eu-west-1.compute.amazonaws.com
in.hotjar.com
Domain Requested by
25 www.vaadata.com www.vaadata.com
5 api.plezi.co www.vaadata.com
api.plezi.co
4 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 app.plezi.co www.googletagmanager.com
1 vc.hotjar.io script.hotjar.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 files.plezi.co api.plezi.co
1 www.googletagmanager.com www.vaadata.com
1 fonts.googleapis.com www.vaadata.com
46 13
Subject Issuer Validity Valid
www.vaadata.com
Sectigo RSA Extended Validation Secure Server CA		 2019-08-02 -
2021-08-28		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.plezi.co
Gandi Standard SSL CA 2		 2019-05-06 -
2021-05-26		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
files.plezi.co
Let's Encrypt Authority X3		 2020-08-24 -
2020-11-22		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-08-16 -
2020-11-14		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-08-17 -
2020-11-15		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-08-15 -
2020-11-13		 3 months crt.sh
*.hotjar.com
Amazon		 2020-08-29 -
2021-09-28		 a year crt.sh
vc.hotjar.io
Let's Encrypt Authority X3		 2020-09-12 -
2020-12-11		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Frame ID: C53FE562448554053A943C6C7540E035
Requests: 47 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 86449B2DC47E4934AAD61150ED0D177F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i

Page Statistics

46
Requests

100 %
HTTPS

40 %
IPv6

8
Domains

13
Subdomains

11
IPs

5
Countries

696 kB
Transfer

1549 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/ 		54 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
d48b68f5cedcda6f32ecf2c78b447b1ba373b96b6472a0028da3aa713a8866c3

Request headers

:method
GET
:authority
www.vaadata.com
:scheme
https
:path
/blog/hardcoded-secret-leads-to-account-takeover/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 13 Sep 2020 12:33:32 GMT
content-type
text/html; charset=UTF-8
last-modified
Sun, 13 Sep 2020 08:55:54 GMT
cache-control
max-age=0
expires
Sun, 13 Sep 2020 12:33:32 GMT
vary
Accept-Encoding
x-request-id
951321165
content-encoding
br
x-cdn-pop
rbx1
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Cacheable
accept-ranges
bytes
css
fonts.googleapis.com/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26889b582579cb005772ee1452d696d68fffafd25bdd5996a43529973c4bcdee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Sep 2020 12:33:32 GMT
server
ESF
date
Sun, 13 Sep 2020 12:33:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Sep 2020 12:33:32 GMT
style.css
www.vaadata.com/blog/wp-content/themes/contentberg/ 		185 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/style.css?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
d83eed6701628b269f788242d350c53a9ab5a39ef529b47e7901cc26e0b3f50e

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:54 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
30388
x-request-id
395509871
expires
Wed, 08 Sep 2021 08:23:54 GMT
style.min.css
www.vaadata.com/blog/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:54 GMT
content-encoding
br
last-modified
Tue, 01 Sep 2020 22:03:38 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
7390
x-request-id
395509872
expires
Wed, 08 Sep 2021 08:23:54 GMT
style.css
www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/ 		812 B
544 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/style.css?ver=1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:54 GMT
content-encoding
br
last-modified
Wed, 02 Sep 2020 22:21:38 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
232
x-request-id
395509873
expires
Wed, 08 Sep 2021 08:23:54 GMT
lightbox.css
www.vaadata.com/blog/wp-content/themes/contentberg/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/lightbox.css?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1963
x-request-id
395509874
expires
Wed, 08 Sep 2021 08:23:55 GMT
font-awesome.min.css
www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/font-awesome.min.css?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
6265
x-request-id
395509875
expires
Wed, 08 Sep 2021 08:23:55 GMT
style.css
www.vaadata.com/blog/wp-content/themes/contentberg-child/ 		204 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg-child/style.css?ver=5.5.1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
2e62c54f36fc3c4eb12ea5db0ce0e6c81f0e44c48811f37800937bedefbe47e9

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 07:22:24 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
119
x-request-id
395509876
expires
Wed, 08 Sep 2021 08:23:55 GMT
jquery.js
www.vaadata.com/blog/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 09:43:50 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
32734
x-request-id
395509877
expires
Wed, 08 Sep 2021 08:23:55 GMT
frontend.js
www.vaadata.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/ 		232 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.25
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
84f7bdd9d518f244e12254d2dab2827a56fa1c0be95dd685178105518fdd94d2

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 29 Nov 2019 09:36:07 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
121
x-request-id
395509878
expires
Wed, 08 Sep 2021 08:23:55 GMT
scripts
api.plezi.co/api/v1/web_forms/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
65e2776f1cb652ff1bc3a80afac34270625e46637edbddbb3528bd92aad99ce0

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Runtime
0.012628
Date
Sun, 13 Sep 2020 12:33:32 GMT
Server
nginx/1.10.3
ETag
W/"65e2776f1cb652ff1bc3a80afac34270"
Vary
Origin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-Request-Id
8885cf25-3dfc-479e-ac2a-8a3d4844c3cd
X-UA-Compatible
IE=Edge,chrome=1
magnific-popup.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/magnific-popup.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
7031
x-request-id
395509879
expires
Wed, 08 Sep 2021 08:23:55 GMT
jquery.fitvids.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/jquery.fitvids.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
94a82b1a138fa5d52f95bca894904e57a7ba5d89275712792e34c6192aeaddba

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
760
x-request-id
395509880
expires
Wed, 08 Sep 2021 08:23:55 GMT
imagesloaded.min.js
www.vaadata.com/blog/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Wed, 12 Aug 2020 14:39:54 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1727
x-request-id
395509881
expires
Wed, 08 Sep 2021 08:23:55 GMT
object-fit-images.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/object-fit-images.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:55 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1298
x-request-id
395509882
expires
Wed, 08 Sep 2021 08:23:55 GMT
theme.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/theme.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
c2b0faa7c4968fb61ab3fda817bedc47c98a7650ed26e424cbb34c8923c1057d

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:17:41 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
12719
x-request-id
87031982
expires
Wed, 08 Sep 2021 08:17:41 GMT
theia-sticky-sidebar.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/theia-sticky-sidebar.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:56 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1737
x-request-id
395509884
expires
Wed, 08 Sep 2021 08:23:56 GMT
jquery.slick.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/jquery.slick.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:56 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
9618
x-request-id
395509885
expires
Wed, 08 Sep 2021 08:23:56 GMT
jarallax.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/jarallax.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
a8680939292053c808260c3dfa05f9257b6940c0da273f26ad3fc969e53f84f3

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:56 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4853
x-request-id
395509886
expires
Wed, 08 Sep 2021 08:23:56 GMT
wp-embed.min.js
www.vaadata.com/blog/wp-includes/js/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:56 GMT
content-encoding
br
last-modified
Thu, 23 Apr 2020 07:08:09 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
669
x-request-id
395509887
expires
Wed, 08 Sep 2021 08:23:56 GMT
lazyload.min.js
www.vaadata.com/blog/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:56 GMT
content-encoding
br
last-modified
Thu, 03 Sep 2020 22:15:29 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
2562
x-request-id
395509888
expires
Wed, 08 Sep 2021 08:23:56 GMT
gtm.js
www.googletagmanager.com/ 		123 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
010dbd6b50c8a4d96c4f4474f576b175806a6d6a7842026fc6d5fee43876fb63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 12:33:32 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44206
x-xss-protection
0
last-modified
Sun, 13 Sep 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Sep 2020 12:33:32 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
221df4eb53ffff5f1205cb5d06f6fd82f40d2dba1eb7ae0818b0e2f5d9a61f74

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f723231b1a6583adfb3540ce455ae45e18842b72b377e18069691f5e5e947b3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOjCneDtsqEr0keqCMhbCc6CsTYl4BO.woff2
fonts.gstatic.com/s/ubuntumono/v10/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntumono/v10/KFOjCneDtsqEr0keqCMhbCc6CsTYl4BO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3268fe4c9e41569f32915d6dfd564ed9fbadc7d04783bce8c396f4f5d6760218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 09:23:41 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:42:13 GMT
server
sffe
age
443391
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11952
x-xss-protection
0
expires
Wed, 08 Sep 2021 09:23:41 GMT
bg_header_blog.jpg
www.vaadata.com/blog/wp-content/uploads/2019/11/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/uploads/2019/11/bg_header_blog.jpg
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
54cdd844398c2a8e1971177ef3ac0d9ce1ad2e571abaaa72118b7f055423c3bb

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:57 GMT
last-modified
Tue, 26 Nov 2019 13:14:26 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
229968
x-request-id
395509890
expires
Wed, 06 Jan 2021 08:23:57 GMT
fontawesome-webfont.woff2
www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/font-awesome.min.css?ver=1.5.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin
https://www.vaadata.com
Referer
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/font-awesome.min.css?ver=1.5.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:23:57 GMT
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
status
200
cache-control
max-age=2592000
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
71896
x-request-id
395509889
expires
Thu, 08 Oct 2020 08:23:57 GMT
KFO-CneDtsqEr0keqCMhbC-BL9H1tY1keXO0.woff2
fonts.gstatic.com/s/ubuntumono/v10/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntumono/v10/KFO-CneDtsqEr0keqCMhbC-BL9H1tY1keXO0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a021cbdbc297ba45d8cc18f88d585ae95de222cc196c3178092277446e2e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 09:42:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 04:32:20 GMT
server
sffe
age
442269
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11760
x-xss-protection
0
expires
Wed, 08 Sep 2021 09:42:23 GMT
nKKU-Go6G5tXcr4uPhWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v7/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr4uPhWnVaFrNlJz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58f9ed8694ac4d0956a3490c73a8e49a328925d116af2de017ca81da9ae881e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 14:23:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:19:30 GMT
server
sffe
age
425396
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10252
x-xss-protection
0
expires
Wed, 08 Sep 2021 14:23:36 GMT
nKKZ-Go6G5tXcraVGwCKd6xB.woff2
fonts.gstatic.com/s/kanit/v7/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraVGwCKd6xB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8ec3d8ae26b96c75fe42bfac331be8933084cfc66062136126e5b20a2d05dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 10:30:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:36:45 GMT
server
sffe
age
439368
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10472
x-xss-protection
0
expires
Wed, 08 Sep 2021 10:30:44 GMT
form-en
files.plezi.co/p/5e667155e317a753730829e1/content_web_forms/5e7ddeced59cbc3560d055f1/html_files/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://files.plezi.co/p/5e667155e317a753730829e1/content_web_forms/5e7ddeced59cbc3560d055f1/html_files/form-en?_=1600000412435
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.13.14 Haarlem, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-13-14.rev.poneytelecom.eu
Software
nginx /
Resource Hash
2960d6102fa2e4510b08dd5304a4e2140c48153ddcc7af605511f9ded363ba37

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Sep 2020 12:33:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Sep 2020 07:35:50 GMT
Server
nginx
ETag
W/"5f55e2d6-1546"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
logo_vaadata_web.png
www.vaadata.com/blog/wp-content/uploads/2019/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/uploads/2019/10/logo_vaadata_web.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
e51c68893bd6fd3cf5dac09a78c555a29515ee359f3f39be7f11579199aa8bd1

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:31:58 GMT
last-modified
Fri, 25 Oct 2019 10:36:47 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4183
x-request-id
208470250
expires
Wed, 06 Jan 2021 08:31:58 GMT
Pancake-300x157.jpg
www.vaadata.com/blog/wp-content/uploads/2020/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/uploads/2020/09/Pancake-300x157.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
a45a0a1007db11f84f3aa862fb4a22daa299c94ea5a1345f840d4e0caf74fee8

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Sep 2020 02:23:07 GMT
last-modified
Tue, 08 Sep 2020 15:23:03 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
6112
x-request-id
641597560
expires
Sun, 10 Jan 2021 02:23:07 GMT
en.png
www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 		600 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:31:58 GMT
last-modified
Wed, 02 Sep 2020 22:21:34 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
600
x-request-id
208470251
expires
Wed, 06 Jan 2021 08:31:58 GMT
fr.png
www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 		268 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 08:31:58 GMT
last-modified
Wed, 02 Sep 2020 22:21:34 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
268
x-request-id
208470252
expires
Wed, 06 Jan 2021 08:31:58 GMT
hotjar-1662220.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1662220.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash
ae5a720441f8025d4c414a1ff58f6f63f9e42454a4bb9c6b57f9cd7a132161c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 12:33:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjarjs
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
cache-control
max-age=60
etag
W/bdb989514b2b1aa575f2880792ea3f15
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.018
accept-ranges
bytes
section-io-id
5a5e532ec271118b626b4ed352add974
section-origin-responded
true
ossleads_analytics.js
app.plezi.co/scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.plezi.co/scripts/ossleads_analytics.js?tenant=5e667155e317a753730829e1&tw=5e667158e317a75373082a91
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.70.254 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-70-254.rev.poneytelecom.eu
Software
nginx/1.15.3 /
Resource Hash
582cd36e867ee95560fec823a4eb00c95b5393b842298b7190f0b4804e64bd72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime
0.028020
date
Sun, 13 Sep 2020 12:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.15.3
etag
W/"b33bd150dcc517804f5e1e362231f8f7"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
ae0e476d-9332-4cc6-97c7-5a986c1cf57b
x-ua-compatible
IE=Edge,chrome=1
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
4672
date
Sun, 13 Sep 2020 11:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Sun, 13 Sep 2020 13:15:40 GMT
collect
www.google-analytics.com/j/ 		1 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&aip=1&a=1076180154&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vaadata.com%2Fblog%2Fhardcoded-secret-leads-to-account-takeover%2F&ul=en-us&de=UTF-8&dt=Pancake%20hardcoded%20secret%20leads%20to%20account%20takeover&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1963153986&gjid=2016062105&cid=226830551.1600000413&tid=UA-31545818-3&_gid=283008101.1600000413&_r=1&gtm=2wg920NLGTLWC&z=1995318609
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Sep 2020 12:33:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.vaadata.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.8ee8cc2007768327a36f.js
script.hotjar.com/ 		360 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8ee8cc2007768327a36f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1662220.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash
e27356012307cbbb467b5fa1310a74a7b2b9a0a05b32bc950e63f64d59457e4b

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 12:33:32 GMT
content-encoding
br
age
26682
status
200
section-io-cache
Hit
content-length
71735
last-modified
Fri, 11 Sep 2020 13:16:37 GMT
etag
"35fa3521cc9f97992b3f310d81685df2"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.103
section-io-id
8dec2ac38fa5095e382fdd9b4143b758
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
form_config
api.plezi.co/api/v1/web_forms/scripts/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/api/v1/web_forms/scripts/form_config
Protocol
HTTP/1.1
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.vaadata.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.10.3
Date
Sun, 13 Sep 2020 12:33:32 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Access-Control-Expose-Headers
Access-Control-Max-Age
1728000
Access-Control-Allow-Headers
content-type
X-UA-Compatible
IE=Edge,chrome=1
form_config
api.plezi.co/api/v1/web_forms/scripts/ 		81 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/api/v1/web_forms/scripts/form_config
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
073f2aa0f92ac5c1df438281179dcb7db59c217b7435a26c12595b91d558355d

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Runtime
0.215981
Date
Sun, 13 Sep 2020 12:33:32 GMT
Server
nginx/1.10.3
ETag
W/"073f2aa0f92ac5c1df438281179dcb7d"
Vary
Origin
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Access-Control-Max-Age
1728000
Connection
keep-alive
X-Request-Id
47629f61-fdc9-4e23-a3dd-d5632b9c9a9e
X-UA-Compatible
IE=Edge,chrome=1
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 8644 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1662220.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/

Response headers

status
200
date
Sun, 13 Sep 2020 12:33:32 GMT
content-type
text/html
content-length
851
last-modified
Mon, 17 Aug 2020 18:24:17 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.045
section-origin-responded
true
age
2285556
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
cc8f6874a5eac1581707a98664b2b770
create_hit
app.plezi.co/analytics/ 		43 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.plezi.co/analytics/create_hit?key_hit=5e667155e317a753730829e1-1600000412-185.217.171.12&hit=true&tenant=5e667155e317a753730829e1&tw=5e667158e317a75373082a91&referer=&visitor=6686660260972159160000041243510688&visit=8653399477984565160000041243535814&title=Pancake%20hardcoded%20secret%20leads%20to%20account%20takeover&tracking_version=3&gclid=&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&cid=&utm_plz_email_id=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.70.254 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-70-254.rev.poneytelecom.eu
Software
nginx/1.15.3 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 12:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
a85eede6-e67d-4284-b8a1-dc58f7380dbb
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.020483
server
nginx/1.15.3
x-frame-options
SAMEORIGIN
etag
W/"07fff40b5dd495aca2ac4e1c3fbc60aa"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private
visit-data
in.hotjar.com/api/v2/client/sites/1662220/ 		178 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1662220/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8ee8cc2007768327a36f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.50.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-50-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sun, 13 Sep 2020 12:33:32 GMT
content-encoding
br
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
disposable_emails.js
api.plezi.co/web_forms/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/web_forms/disposable_emails.js
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
572f521fbff37d72209638d9f7b3a967fe185d6bea1a8807d35abc35a8798f05

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Sep 2020 12:33:32 GMT
Last-Modified
Thu, 10 Sep 2020 12:16:31 GMT
Server
nginx/1.10.3
ETag
"5f5a191f-2672"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9842
X-UA-Compatible
IE=Edge,chrome=1
validate.min.js
api.plezi.co/web_forms/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/web_forms/validate.min.js
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
2fb6f1a14208e969b14b6f7f40b947c6288bd66501f250e9de815628f2c21ebf

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Sep 2020 12:33:32 GMT
Last-Modified
Thu, 10 Sep 2020 12:16:31 GMT
Server
nginx/1.10.3
ETag
"5f5a191f-3908"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14600
X-UA-Compatible
IE=Edge,chrome=1
1662220
vc.hotjar.io/sessions/ 		0
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/1662220?s=0.25
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8ee8cc2007768327a36f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sun, 13 Sep 2020 12:33:34 GMT
access-control-allow-origin
*
section-io-id
79c7742022a8c4aac0a78b39df36b4b0
section-origin-responded
true

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer object| Sphere_Plugin undefined| $ function| jQuery function| EvEmitter function| imagesLoaded function| objectFitImages object| Bunyad object| Bunyad_Theme object| Bunyad_Share_Float object| Bunyad_Pagination function| jarallax object| wp object| lazyLoadOptions object| jQuery112405030902307723393 function| LazyLoad object| i18n_calendar object| i18nValidations object| mitch_form object| mitchFormDocCookies function| mitchFormUniqueID function| mitchFormGetParameterByName object| cookieVisitor object| cookieVisit string| visit string| visitor string| baseDomain boolean| secure function| escapeRegex function| mitchFormIncludes function| mitchFormXHR function| mitchFormGetHTML function| createElementsFromHTML function| fetchForm function| initForm function| selectInputsSetup function| fetchFormConfig function| setupForm function| mimicJsonform function| jsFieldsSetup function| fetchDisposableEmails function| dateValidationSetup function| disposableEmailsValidationSetup function| lengthValidationSetup function| formatContainsValidationSetup function| formatNotContainsValidationSetup function| requiredValidationSetup function| emailValidationSetup function| urlValidationSetup function| numericalityValidationSetup function| translateMessage function| validationSetup function| validateMultipleSelect function| errorPrefix function| validateForm function| execute function| fillFormField function| smartFill object| 5e667158e317a75373082a8f object| google_tag_manager function| hj object| _hjSettings undefined| cookie_consent_set string| cookie_consent_performance object| elConsentPerformance object| elConsentSave object| google_tag_data string| GoogleAnalyticsObject function| ga function| fadeOut object| cookie_bar object| container string| lang_page object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| tw string| tenant number| trackingVersion string| trackingId string| hit object| docCookies function| queryString function| getUniqueID function| generateUUID function| imgCreate function| createPixel function| extractHostname function| getDomain object| lastChild string| disposableEmailsRegex function| validate object| formats object| constraint

3 Cookies

Domain/Path Name / Value
.www.vaadata.com/ Name: cookie_consent_performance
Value: 1
.vaadata.com/ Name: visitor
Value: 6686660260972159160000041243510688---5e667155e317a753730829e1
.vaadata.com/ Name: visit
Value: 8653399477984565160000041243535814

1 Console Messages

Source Level URL
Text
console-api log URL: https://app.plezi.co/scripts/ossleads_analytics.js?tenant=5e667155e317a753730829e1&tw=5e667158e317a75373082a91(Line 115)
Message:
vaadata.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.plezi.co
app.plezi.co
files.plezi.co
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
vc.hotjar.io
www.google-analytics.com
www.googletagmanager.com
www.vaadata.com
147.75.102.197
163.172.102.120
163.172.70.254
213.186.33.171
2a00:1450:4001:814::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::2003
51.15.13.14
52.213.50.60
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
010dbd6b50c8a4d96c4f4474f576b175806a6d6a7842026fc6d5fee43876fb63
073f2aa0f92ac5c1df438281179dcb7db59c217b7435a26c12595b91d558355d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
221df4eb53ffff5f1205cb5d06f6fd82f40d2dba1eb7ae0818b0e2f5d9a61f74
26889b582579cb005772ee1452d696d68fffafd25bdd5996a43529973c4bcdee
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c
2960d6102fa2e4510b08dd5304a4e2140c48153ddcc7af605511f9ded363ba37
29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476
2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee
2e62c54f36fc3c4eb12ea5db0ce0e6c81f0e44c48811f37800937bedefbe47e9
2fb6f1a14208e969b14b6f7f40b947c6288bd66501f250e9de815628f2c21ebf
3268fe4c9e41569f32915d6dfd564ed9fbadc7d04783bce8c396f4f5d6760218
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
54cdd844398c2a8e1971177ef3ac0d9ce1ad2e571abaaa72118b7f055423c3bb
572f521fbff37d72209638d9f7b3a967fe185d6bea1a8807d35abc35a8798f05
582cd36e867ee95560fec823a4eb00c95b5393b842298b7190f0b4804e64bd72
58f9ed8694ac4d0956a3490c73a8e49a328925d116af2de017ca81da9ae881e1
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b
65e2776f1cb652ff1bc3a80afac34270625e46637edbddbb3528bd92aad99ce0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
84f7bdd9d518f244e12254d2dab2827a56fa1c0be95dd685178105518fdd94d2
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8f723231b1a6583adfb3540ce455ae45e18842b72b377e18069691f5e5e947b3
94a82b1a138fa5d52f95bca894904e57a7ba5d89275712792e34c6192aeaddba
9a021cbdbc297ba45d8cc18f88d585ae95de222cc196c3178092277446e2e467
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a45a0a1007db11f84f3aa862fb4a22daa299c94ea5a1345f840d4e0caf74fee8
a8680939292053c808260c3dfa05f9257b6940c0da273f26ad3fc969e53f84f3
ae5a720441f8025d4c414a1ff58f6f63f9e42454a4bb9c6b57f9cd7a132161c0
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b8ec3d8ae26b96c75fe42bfac331be8933084cfc66062136126e5b20a2d05dc6
c2b0faa7c4968fb61ab3fda817bedc47c98a7650ed26e424cbb34c8923c1057d
d48b68f5cedcda6f32ecf2c78b447b1ba373b96b6472a0028da3aa713a8866c3
d83eed6701628b269f788242d350c53a9ab5a39ef529b47e7901cc26e0b3f50e
e27356012307cbbb467b5fa1310a74a7b2b9a0a05b32bc950e63f64d59457e4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51c68893bd6fd3cf5dac09a78c555a29515ee359f3f39be7f11579199aa8bd1
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869