www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Submission: On April 10 via manual (April 10th 2024, 3:33:23 am UTC) from DE — Scanned from DE

Summary HTTP 181 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 21 domains to perform 181 HTTP transactions. The main IP is 45.60.76.225, located in United States and belongs to INCAPSULA, US. The main domain is www.imperva.com. The Cisco Umbrella rank of the primary domain is 308215.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 14th 2024. Valid for: a year.

This is the only time www.imperva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
120	45.60.76.225 45.60.76.225	19551 (INCAPSULA) (INCAPSULA)
6	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:811::201b	15169 (GOOGLE) (GOOGLE)
2	104.64.167.195 104.64.167.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2.17.147.176 2.17.147.176	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2603:1020:203... 2603:1020:203:3::489	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
2	216.58.206.72 216.58.206.72	15169 (GOOGLE) (GOOGLE)
2	104.64.124.188 104.64.124.188	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
1	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
3	18.66.192.97 18.66.192.97	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1	2a02:26f0:ab0... 2a02:26f0:ab00::214:8e41	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
1	142.250.74.206 142.250.74.206	15169 (GOOGLE) (GOOGLE)
181	27

120 45.60.76.225 (United States)

ASN19551 (INCAPSULA, US)

www.imperva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.71.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.imperva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.167.195 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-167-195.deploy.static.akamaitechnologies.com

www.brighttalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.17.147.176 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-147-176.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2603:1020:203:3::489 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

imperva.containers.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imperva.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.72 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.64.124.188 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-124-188.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.192.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-97.muc50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

727-wrl-406.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00::214:8e41 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
122	imperva.com www.imperva.com — Cisco Umbrella Rank: 308215 go.imperva.com	3 MB
9	6sc.co j.6sc.co — Cisco Umbrella Rank: 13194 c.6sc.co — Cisco Umbrella Rank: 18707 ipv6.6sc.co — Cisco Umbrella Rank: 13636 b.6sc.co — Cisco Umbrella Rank: 7470	21 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 474	138 KB
5	piwik.pro imperva.containers.piwik.pro imperva.piwik.pro	110 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	392 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 14935	26 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 15409	62 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 99	21 KB
3	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 4192 rs.fullstory.com — Cisco Umbrella Rank: 3983	73 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 452	934 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 78	69 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 8280	7 KB
2	google.de www.google.de — Cisco Umbrella Rank: 4622	126 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 195	405 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2227 www.google.com — Cisco Umbrella Rank: 5	317 B
2	brighttalk.com www.brighttalk.com — Cisco Umbrella Rank: 252897	6 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1395	17 KB
1	mktoresp.com 727-wrl-406.mktoresp.com	318 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 23909	203 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 927	295 B
1	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 672	2 KB
181	21

	Domain	Requested by
120	www.imperva.com	www.imperva.com
6	b.6sc.co	www.imperva.com
6	cdn.cookielaw.org	www.imperva.com
5	www.googletagmanager.com	www.imperva.com
4	imperva.piwik.pro	www.imperva.com imperva.piwik.pro
4	cdn.bizible.com	www.imperva.com cdn.bizible.com
3	js.driftt.com	www.imperva.com
3	www.google-analytics.com	www.imperva.com
2	bam.nr-data.net	www.imperva.com
2	www.youtube.com	www.imperva.com
2	munchkin.marketo.net	www.imperva.com
2	www.google.de	www.imperva.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.imperva.com
2	www.brighttalk.com	www.imperva.com www.brighttalk.com
2	edge.fullstory.com	www.imperva.com
2	go.imperva.com	www.imperva.com
1	js-agent.newrelic.com	www.imperva.com
1	ipv6.6sc.co	www.imperva.com
1	c.6sc.co	www.imperva.com
1	727-wrl-406.mktoresp.com	munchkin.marketo.net
1	cdn.bizibly.com	www.imperva.com
1	rs.fullstory.com	www.imperva.com
1	www.google.com	www.imperva.com
1	imperva.containers.piwik.pro	www.imperva.com
1	j.6sc.co	www.imperva.com
1	geolocation.onetrust.com	www.imperva.com
1	region1.analytics.google.com	www.googletagmanager.com
1	storage.googleapis.com	www.imperva.com
181	28

This site contains links to these domains. Also see Links.

Domain
cpl.thalesgroup.com
community.imperva.com
support.imperva.com
docs.imperva.com
partners.imperva.com
www.linkedin.com
twitter.com
www.facebook.com
status.imperva.com
www.youtube.com
www.glassdoor.com
soundcloud.com
vimeo.com

Subject Issuer	Validity	Valid
www.imperva.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2025-03-20`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
go.imperva.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-07`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-03-07` - `2024-06-05`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.brighttalk.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-22` - `2024-11-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
6sc.co R3	`2024-04-09` - `2024-07-08`	3 months	crt.sh
*.containers.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-01`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
*.piwik.pro GlobeSSL DV CA	`2024-01-02` - `2025-01-28`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Frame ID: BBA84189C00B1CD30B0487F1B7011FCD
Requests: 179 HTTP requests in this frame

Frame: https://www.brighttalk.com/service/player/en-US/theme/default/channel/12349/webcast/610956/standalone?commid=610956&reactPlayer=true&b=23644&embedUrl=https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Frame ID: 2912913F58B16F5D7B0A7D51C60FEDB9
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core?d=1&embedId=xrppvhbiz5n6&eId=xrppvhbiz5n6&region=US&forceShow=false&skipCampaigns=false&sessionId=17e71bd5-93aa-44dd-acec-3fc8792078ff&sessionStarted=1712719998.997&campaignRefreshToken=5800cd31-0b0d-44c7-acbb-4ded51c24edf&hideController=false&pageLoadStartTime=1712719997191&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F
Frame ID: 81C61AABE3415E8984DFEA9727410AD3
Requests: 1 HTTP requests in this frame

Frame: https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1712719997191
Frame ID: 7355EB6D985D345EE7A14CE719DD0411
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

How Web Applications Are Attacked Through APIs | Imperva

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

181
Requests

99 %
HTTPS

42 %
IPv6

21
Domains

28
Subdomains

27
IPs

6
Countries

3652 kB
Transfer

7318 kB
Size

38
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://cpl.thalesgroup.com/encryption/data-security-platform
Title: Data encryption and cryptographic solutions

Search URL Search Domain Scan URL

URL: https://community.imperva.com/home
Title: Community

Search URL Search Domain Scan URL

URL: https://support.imperva.com/
Title: Support Portal Login

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://partners.imperva.com/
Title: Partner Portal Login

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/bundle/articles/page/product-service-certifications.htm
Title: Imperva Certifications

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&text=How%20Web%20Applications%20Are%20Attacked%20Through%20APIs&hashtags=ImpervaResources

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F

Search URL Search Domain Scan URL

URL: https://status.imperva.com/
Title: System Status

Search URL Search Domain Scan URL

URL: https://docs.imperva.com/bundle/cloud-application-security/page/api/api.htm
Title: API Integration

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/imperva/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/imperva

Search URL Search Domain Scan URL

URL: https://twitter.com/imperva

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ImpervaChannel

Search URL Search Domain Scan URL

URL: https://www.glassdoor.com/Overview/Working-at-Imperva-EI_IE101738.11,18.htm

Search URL Search Domain Scan URL

URL: https://soundcloud.com/imperva

Search URL Search Domain Scan URL

URL: https://vimeo.com/user130735021

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

181 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ 260 KB
53 KB 9818ms
6726ms Document
text/html 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1311d7640b4c7f684b7bebcfd216631751f1eccd52f8ceb29896fa395fbe7711

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/html; charset=UTF-8
date: Wed, 10 Apr 2024 03:33:16 GMT
device-type: General
last-modified: Wed, 10 Apr 2024 03:33:16 GMT
link: <https://www.imperva.com/blog/wp-json/>; rel="https://api.w.org/" <https://www.imperva.com/blog/wp-json/wp/v2/posts/15879>; rel="alternate"; type="application/json" <https://www.imperva.com/blog/?p=15879>; rel=shortlink
referrer-policy: same-origin
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 14-36770840-36770846 2NNN RT(1712719990116 46) q(0 1 1 10) r(1 67) U18
x-pingback: https://www.imperva.com/blog/xmlrpc.php
x-slot: slot-2

GET
H2 200 strants-not-worstling-We-what-her-Lords-Thunderd Show response
www.imperva.com/ 229 KB
73 KB 59ms
59ms Script
text/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fecca5b47d34c154646087d5c532de8b2a2447d4fec77795600f89c687fb0aad

Security Headers

Name

Value

Content-Security-Policy

default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/javascript
access-control-allow-origin: *
x-iinfo: 14-36770840-36772555 NNNN CT(11 9 0) RT(1712719990116 6756) q(0 0 0 -1) r(0 1) U2
cache-control: private, max-age=60
server-timing: bon, total;dur=10.727296
content-length: 74484

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 84ms
33ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Pg1MHDpg+UGdovxhidM4Kg==
age: 43198
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6839
x-ms-lease-status: unlocked
last-modified: Mon, 08 Apr 2024 02:14:26 GMT
server: cloudflare
etag: 0x8DC57719D9DB136
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b2a5b94a-601e-0006-46cf-890a3c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 871facad890fa043-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
94 KB 96ms
42ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a547c99ae4a69cd1b5c3e522d451b87a4cd47d8f41e7daa0726b8a4793238629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95518
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Apr 2024 03:33:17 GMT

GET
H2 200 logo.svg
www.imperva.com/wp-content/uploads/2018/12/ 2 KB
3 KB 171ms
154ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2018/12/logo.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c05540d0695ed6129ef63ef5fb8f8528e9ab4fbd49ef3f4052b295a8be077b87

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 30 Dec 2018 09:40:17 GMT
x-cdn: Imperva
etag: "5c289281-7f3"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772581 2VNN RT(1712719990116 7597) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1002

GET
H2 200 icomoon.ttf
www.imperva.com/wp-content/themes/impv/dist/fonts/icomoon/ 4 KB
3 KB 88ms
79ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/icomoon/icomoon.ttf?ucf6ha

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a88fa03a7f8faca508e17fe76108c5cb812e152e7af22ab1c9c2c791cbaa924c

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-fd8"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772573 2CNN RT(1712719990116 6874) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
x-incap-sess-cookie-hdr: bKBvP+uH5jfQ7A+PQ1Cif30IFmYAAAAAtLjmg6AUAYfi+2ftgjbZig==
content-length: 2885

GET
H2 200 382BE0_0_0.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/fabricat/ 30 KB
30 KB 96ms
87ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/fabricat/382BE0_0_0.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bdaeb454f34af48fb87d4c74c39d5b7d6c26eb0a3b6dea349e3896634f71ddff

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-7670"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772575 2CNN RT(1712719990116 6881) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
x-incap-sess-cookie-hdr: S/5LXPu0hV7Q7A+PQ1Cif30IFmYAAAAAQ1nIiiREjOomqfa6c5g7Bg==
content-length: 30353

GET
H2 200 Inter-ExtraBold.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
106 KB 106ms
97ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-ExtraBold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0ef4267ef8c1d414d85062c3eca4a02270822af0e4dda820937a4577200d4d76

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-1a328"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 6897) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
x-incap-sess-cookie-hdr: 0sXVFEK55DvQ7A+PQ1Cif30IFmYAAAAAXORvX3PaSWQQe8GauslPyw==
content-length: 106427

GET
H2 200 Inter-Light.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 103 KB
102 KB 117ms
108ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Light.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0f7dfe72f016f723dffc551a4e3c0e17492acd9494d8d8392a53f6223c1eef83

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-19c54"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 6904) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
x-incap-sess-cookie-hdr: Sp1iAJ8g9QnQ7A+PQ1Cif30IFmYAAAAAvX+Tq/XsUl4UzoaqO6HXwQ==
content-length: 104597

GET
H2 200 Inter-Regular.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 98 KB
97 KB 127ms
119ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Regular.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-18810"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 6922) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
x-incap-sess-cookie-hdr: Wm64WLSZDQ7Q7A+PQ1Cif30IFmYAAAAALC0xhp4gkKJ4KcZ+ytRHVQ==
content-length: 99458

GET
H2 200 Inter-Medium.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 104 KB
103 KB 500ms
492ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Medium.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-19ff4"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772573 2VNN RT(1712719990116 6930) q(0 0 0 -1) r(4 4)
cache-control: max-age=0
x-incap-sess-cookie-hdr: C3GsZ4gA5UjQ7A+PQ1Cif30IFmYAAAAAGqZFzBVPsQZqj2WicximqA==
content-length: 105552

GET
H2 200 Inter-Bold.woff2
www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 525ms
517ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Bold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-1a288"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 6938) q(0 0 0 -1) r(4 4)
cache-control: max-age=0
x-incap-sess-cookie-hdr: V+i1Ww0SJSnQ7A+PQ1Cif30IFmYAAAAAFB22sn+L40I6Ajaw9lQzCg==
content-length: 106106

GET
H2 200 impv-vendors-cc6c6d3e07.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 113 KB
38 KB 140ms
131ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-vendors-cc6c6d3e07.min.js?ver=cc6c6d3e07

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0d5cc190ab17ffc4216e1bcf25e052261bbdc6a970d037d242dd9099d9e0b14a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-1c3da"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 6948) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 39097

GET
H2 200 impv-bt-vendors-c3619d0a8e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 51 KB
15 KB 151ms
143ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-bt-vendors-c3619d0a8e.min.js?ver=c3619d0a8e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8c3da68772482df35780186361a229c8c8e345d85ca905528b8026452387fb1a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-ca48"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 6958) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 15199

GET
H2 200 impv-import-collapse-9ceab1220e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 11 KB
6 KB 164ms
156ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-collapse-9ceab1220e.min.js?ver=9ceab1220e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c72c77d9577203f6f39747d43be9ff438e7a2307dcab86f44e1c126abc83b227

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-2ce1"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 6971) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 3903

GET
H2 200 impv-import-modal-component-eda69920e1.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 43 KB
13 KB 712ms
704ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-modal-component-eda69920e1.min.js?ver=eda69920e1

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5cff80f1e7a1f5a2ec26e2bb7e497e16987c36538a01883101482afabb044fff

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-ad5c"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772573 2VNN RT(1712719990116 7183) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 13165

GET
H2 200 impv-import-progress-bar-371a9013da.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 1 KB
700 B 635ms
627ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-progress-bar-371a9013da.min.js?ver=371a9013da

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

be4288cf3f5721ff4da854fdc5d9574c32ef032248b320fb61554f0be5c14111

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-4c9"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772575 2CNN RT(1712719990116 7190) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 580

GET
H2 200 impv-main-815cb9ded7.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 40 KB
11 KB 739ms
732ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-main-815cb9ded7.min.js?ver=815cb9ded7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e0cd6b0c598bdfc76e7fd1ed5514164b73380299ae62ac3cbcedc678ba5cb790

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-9fb4"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7200) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 11313

GET
H2 200 impv-marketo-upload-controller-3c4f096680.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 43 KB
13 KB 661ms
653ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-marketo-upload-controller-3c4f096680.min.js?ver=3c4f096680

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

fed4127db2f052dd15ae8947eab6b8284218919ee5471e1c25e0fc8edcafd329

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-adb9"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7207) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 13298

GET
H2 200 impv-page-hero-c8802dc7af.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 26 KB
8 KB 662ms
654ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-page-hero-c8802dc7af.min.js?ver=c8802dc7af

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

77f06ac180bf184778f65c62016b98bcf72c46a07c6b48ae4c3ca61c1d89801a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-697c"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 7212) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 8273

GET
H2 200 impv-new-design-header-27f539c0b0.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 77 KB
21 KB 767ms
760ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-new-design-header-27f539c0b0.min.js?ver=27f539c0b0

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0bfe0a14e701c455113de0aa82cbd885a9b996eeded51638699e0edb229d4425

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-132b3"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772577 2VNN RT(1712719990116 7219) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 21796

GET
H2 200 impv-blog-single-7772e0aa89.min.js Show response
www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/ 136 KB
38 KB 664ms
656ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/impv-blog-single-7772e0aa89.min.js?ver=7772e0aa89

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

93065f7f13b59b43e639a57b95be8d2274039a09a178181be67d96c854ec4a14

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: "660c345d-21fd1"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 7225) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 38722

GET
H2 200 impv-blog-inner-awesome-4f6eab1915.min.js Show response
www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/ 96 KB
25 KB 662ms
655ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/js/impv-blog-inner-awesome-4f6eab1915.min.js?ver=4f6eab1915

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef5a68453b5c1305a6a490dd8f111de1bfb17f946eb2c4f30fa4370d9550a518

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: "660c345d-17f24"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7231) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 25756

GET
H2 200 impv-vendors-623fff4c79.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 148 KB
21 KB 160ms
154ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f2241497f521d0bd10d9991cda8bab016a4809a48eceb3ad4b8a27df8c21b654

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-25077"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 6977) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 21600

GET
H2 200 impv-main-47a90affff.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 109 KB
13 KB 546ms
539ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-main-47a90affff.min.css?ver=47a90affff

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8435bb28fa650eaa8b3b37aa761b6bec783644870c0a2c57a23d4de005f0b59e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-1b3b8"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772577 2VNN RT(1712719990116 6989) q(0 0 0 -1) r(4 4)
cache-control: max-age=0
content-length: 11579

GET
H2 200 impv-import-layout-header-new-design-37fb4f88eb.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 36 KB
6 KB 556ms
549ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-layout-header-new-design-37fb4f88eb.min.css?ver=37fb4f88eb

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

511b414688342e5d4c291c08b48327770b6f081bc5b03dfbeb12062039be8516

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-907d"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772581 2VNN RT(1712719990116 6995) q(0 0 0 -1) r(4 4)
cache-control: max-age=0
content-length: 6408

GET
H2 200 impv-import-layout-footer-new-design-d1d6f1be28.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 14 KB
3 KB 182ms
176ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-layout-footer-new-design-d1d6f1be28.min.css?ver=d1d6f1be28

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2ebabe1c299e39a1080c22169799148e969b4f0ad36340ec6aee4b3ed815a7eb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-38ab"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7000) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2551

GET
H2 200 impv-import-progress-bar-4f1acdc252.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 999 B
455 B 206ms
200ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-progress-bar-4f1acdc252.min.css?ver=4f1acdc252

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3172dc80c6e01ee4da30bb7958bea4576ecdb4d450f4a09168e66ffe894d0949

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-3e7"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7008) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 351

GET
H2 200 impv-import-share-buttons-3c80c0f892.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 3 KB
962 B 214ms
208ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-3c80c0f892.min.css?ver=3c80c0f892

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d29be7e9fce0240c7a41b5b271afdcf389dae25c88f9b2eeeff24842784b9da8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-bfe"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7014) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 858

GET
H2 200 impv-import-tile_cards-c2a5bd96b9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 9 KB
2 KB 214ms
209ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-tile_cards-c2a5bd96b9.min.css?ver=c2a5bd96b9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

32c64c63b2b52bcc0f6ee7f41e3dc3bae3e9b07f8bbbf84671c318b74f1b77b9

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-2354"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7020) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 2060

GET
H2 200 impv-import-collapse-59a23b016c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 683 B
472 B 224ms
219ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-collapse-59a23b016c.min.css?ver=59a23b016c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1201de885b688f12d49f204e83fc09ce059ecf797b355e3fae644539a26af244

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-2ab"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7034) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 344

GET
H2 200 impv-import-box-library-layout-35b34a5b30.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 22 KB
4 KB 223ms
218ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-box-library-layout-35b34a5b30.min.css?ver=35b34a5b30

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2953b84b525efe8f1e83cfa4c993ce9b300774552b147acb2d5c17b202f67213

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-56f0"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7043) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 3589

GET
H2 200 impv-import-related-cards-6ed99151e4.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 20 KB
4 KB 238ms
232ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-related-cards-6ed99151e4.min.css?ver=6ed99151e4

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

33ca6e07d0173128bddbe60c2632d050a923e353ca244c8b72f89a9adb9eb436

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-4e2a"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7049) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 4073

GET
H2 200 impv-blog-main-6c33702890.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 18 KB
5 KB 596ms
591ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-main-6c33702890.min.css?ver=6c33702890

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

29ddbc7c5ee98f7a9a84f12ed4fac82d97a0127de386353564fee88ebb008125

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
referrer-policy: same-origin
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
etag: W/"660c345d-4802"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-2
x-iinfo: 14-36770840-36772579 2NNN RT(1712719990116 7054) q(0 0 0 -1) r(4 4)
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
cache-control: max-age=0

GET
H2 200 impv-blog-inner-03daf72ea5.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 29 KB
5 KB 247ms
242ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-03daf72ea5.min.css?ver=03daf72ea5

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

14f218b835f87e84b3acdfc88a6c13f4eab52058ac5d001b518b714d4265105f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: W/"660c345d-741a"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7059) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 5002

GET
H2 200 impv-blog-inner-awesome-57abb52709.min.css
www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/ 51 KB
11 KB 354ms
349ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-awesome-57abb52709.min.css?ver=57abb52709

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

34f804b0962777487f838ad41824b5b2efac2a2ddbc906ce83d482d45c31d715

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: W/"660c345d-ca40"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7064) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 8873

GET
H2 200 forms2-theme-glow.css
go.imperva.com/js/forms2/css/ 3 KB
1 KB 293ms
34ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.imperva.com/js/forms2/css/forms2-theme-glow.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 05 Mar 2024 19:24:48 GMT
server: cloudflare
age: 5249
etag: "860123-d92-612eecb9f6000"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 871facaee9682c2e-FRA
content-length: 952
expires: Wed, 10 Apr 2024 07:33:17 GMT

GET
H2 200 forms2.css
go.imperva.com/js/forms2/css/ 13 KB
3 KB 307ms
48ms Stylesheet
text/css 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.imperva.com/js/forms2/css/forms2.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.17.71.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 05 Mar 2024 19:24:48 GMT
server: cloudflare
age: 5249
etag: "16e1c55-3437-612eecb9f6000"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 871facaee9692c2e-FRA
content-length: 2623
expires: Wed, 10 Apr 2024 07:33:17 GMT

GET
H2 200 impv-import-benefits-section-2bc17139e9.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 12 KB
2 KB 453ms
448ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-benefits-section-2bc17139e9.min.css?ver=2bc17139e9

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1c5a824e76c257d0d80730f8fa5ecd292f868f6d711612225b3e3cffa2335fad

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-2efa"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7069) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 2346

GET
H2 200 impv-import-carousel-25dddd017d.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1 KB 454ms
450ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-carousel-25dddd017d.min.css?ver=25dddd017d

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

11c49b3de0d29902106ba961bfd658b60943ff5a6aebbdb84fb5a71d837f3123

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-ecd"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7076) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 946

GET
H2 200 impv-import-cases-section-47baa6657c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 7 KB
2 KB 551ms
546ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-cases-section-47baa6657c.min.css?ver=47baa6657c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

025cc6517481d481a9204fd763b915871854a4d54b9634843020bf30948a0f5f

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-1a57"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7084) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 1497

GET
H2 200 impv-import-hero_section-e18316acf4.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1019 B 600ms
596ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-hero_section-e18316acf4.min.css?ver=e18316acf4

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a54f347a323cc9b7d405444751908944155cdbd50910a3f2e2b2aa73dfe88cb7

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-e98"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772573 2VNN RT(1712719990116 7088) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 915

GET
H2 200 impv-import-heros-c7e358bd79.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 47 KB
7 KB 630ms
625ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-heros-c7e358bd79.min.css?ver=c7e358bd79

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8dc10cb3d04fc9ae6c689c05c96df3f8cd96ed973a8735c0918551fabe3cff1d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-bb1b"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7093) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 7181

GET
H2 200 impv-import-logos_section-97238874d7.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 2 KB
557 B 546ms
542ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-logos_section-97238874d7.min.css?ver=97238874d7

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e87fdfba924f8be5ac5df3763aa8e84b1b4d813e87b029c343f51fc218c26c28

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-6b4"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 7098) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 452

GET
H2 200 impv-import-message_section-9dceaf4492.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 1 KB
527 B 549ms
545ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-message_section-9dceaf4492.min.css?ver=9dceaf4492

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

65f088faec558ce0131e258fb36accced15a7ab999416312d9d6e58d32569c86

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-5cb"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 7103) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 411

GET
H2 200 impv-import-page-tabs-30d6487978.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 11 KB
4 KB 655ms
652ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-page-tabs-30d6487978.min.css?ver=30d6487978

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

84753e5282482f8f00338058509c3e3b92da49a91309ed30273975cdce989031

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-2df5"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7115) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 2096

GET
H2 200 impv-import-pagination-3820d4c90e.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 5 KB
1 KB 555ms
551ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-pagination-3820d4c90e.min.css?ver=3820d4c90e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

02a5ffe4365f65acb73ab862a060513d00d3fa2a0a6daa4b38670b4118a852d5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-137b"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 7119) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 1159

GET
H2 200 impv-import-quote_section-e9f78b498a.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 18 KB
3 KB 654ms
650ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-quote_section-e9f78b498a.min.css?ver=e9f78b498a

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5755a49b2a8ced97cc096160b7b822dfe5f0fbe6f03ccc76d3b4b02a6461e046

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-4897"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772581 2VNN RT(1712719990116 7129) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 2870

GET
H2 200 impv-import-round_filters-8d1b29afee.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 8 KB
2 KB 556ms
552ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-round_filters-8d1b29afee.min.css?ver=8d1b29afee

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3f9b804bf0a80e939b00167e70064895ce600b862cdd1d0eb8269763bd98dee0

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-1f1c"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 7133) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 1658

GET
H2 200 impv-import-search_form-6b996aacbb.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 14 KB
3 KB 656ms
653ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-search_form-6b996aacbb.min.css?ver=6b996aacbb

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

85fcd9458c2c585266ac90353442dd2edec3160b65e2e8fd5c5e39cfe9cfd741

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-38fa"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772577 2VNN RT(1712719990116 7139) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 2726

GET
H2 200 impv-import-tiles_section-20b642e07c.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 4 KB
1 KB 596ms
592ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-tiles_section-20b642e07c.min.css?ver=20b642e07c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

720db8ff50e5cf3a5d38c99b3c65ffc8426721384343448e59ee9d8e36e10fc3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-11f7"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7145) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 967

GET
H2 200 impv-import-web_testimonials_section-75288470c8.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 13 KB
4 KB 689ms
686ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-web_testimonials_section-75288470c8.min.css?ver=75288470c8

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

96ee59eab1bfbaad9d975ffa1065e65085a86de74b8f78e8a477fed645e6be78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772579 2NNN RT(1712719990116 7150) q(0 3 3 -1) r(4 4)
content-length: 1743
referrer-policy: same-origin
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
etag: W/"660c345e-32bc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-slot: slot-2
cache-control: max-age=0

GET
H2 200 impv-import-read-next-section-44fb9fe415.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 13 KB
2 KB 601ms
598ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-read-next-section-44fb9fe415.min.css?ver=44fb9fe415

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4aef0e07111798b1a34d6d447e22b83080f3a0bc3f8cba65a536460121ea4a32

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-3458"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772573 2CNN RT(1712719990116 7157) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 1781

GET
H2 200 impv-import-stycky-pagination-a572a14521.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 1 KB
641 B 604ms
601ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-stycky-pagination-a572a14521.min.css?ver=a572a14521

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3cce4475cf10e16d044494898f8ea352a7852252609164b9ee0ed7c18fdda7ea

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-497"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772573 2CNN RT(1712719990116 7162) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 513

GET
H2 200 impv-import-see-how-we-can-help-banner-efb116bf58.min.css
www.imperva.com/blog/wp-content/themes/impv/dist/css/ 6 KB
1 KB 605ms
602ms Stylesheet
text/css 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-see-how-we-can-help-banner-efb116bf58.min.css?ver=efb116bf58

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

19dacd1b053b27b37690f754cb92fcf60d2ab9e6ae065c8f4d69e914171224ee

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: W/"660c345e-16d5"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/css
x-iinfo: 14-36770840-36772573 2CNN RT(1712719990116 7177) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 1158

GET
H2 200 impv-import-page-tabs-0c223d8bd6.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 1 KB
660 B 90ms
74ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-page-tabs-0c223d8bd6.min.js?ver=0c223d8bd6

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

513d397da9e7d8bb90ac27ec17e78f9a4c5490a9b506846a42ccecc6503b0ca4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-40c"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7604) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 553

GET
H2 200 impv-import-search-window-366eb3374e.min.js Show response
www.imperva.com/blog/wp-content/themes/impv/dist/js/ 857 B
644 B 192ms
176ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/js/impv-import-search-window-366eb3374e.min.js?ver=366eb3374e

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5dc69b358f9db055e7cc13e75cd82bff68f8548a10b5f12d67c0e4682c6f06d4

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-359"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7611) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 496

GET
H2 200 imperva-a-thales-company-light.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 8 KB
3 KB 755ms
755ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/imperva-a-thales-company-light.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 04 Dec 2023 06:00:20 GMT
x-cdn: Imperva
etag: "656d6af4-21a6"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7240) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 3400

GET
H2 200 application-performance-icon.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 2 KB
1 KB 646ms
646ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/application-performance-icon.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

242961abafaf0f9f71d93dbfef73f3ce3573d1a7eb193c2301916f76295d8f8e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:02:43 GMT
x-cdn: Imperva
etag: "63dfef43-8c7"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 7247) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 1023

GET
H2 200 application-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 2 KB
930 B 40ms
40ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/application-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f2a6ab5d73300a5d6dfdb80988511d6159e3e63a574a7aec57b25d516e9e6cb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:52:15 GMT
x-cdn: Imperva
etag: "63dffadf-6f0"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 7530) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 799

GET
H2 200 data-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 5 KB
4 KB 71ms
55ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/data-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

08ebe79e85ad2185d2d6136020e8a5e210b120f18e7f888fa2688b7dc589073d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:21:09 GMT
x-cdn: Imperva
etag: "63e0d495-1366"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772575 2CNN RT(1712719990116 7583) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 1818

GET
H2 200 network-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
2 KB 73ms
56ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/network-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

924c77f09e3343d5e33569b1bf5d498d26dc31b5ef00b99ea59e89953da42c86

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:28:17 GMT
x-cdn: Imperva
etag: "63e0d641-dea"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772573 2CNN RT(1712719990116 7588) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1565

GET
H2 200 cdn.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 203ms
187ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cdn.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

37978492749251dbeab1f130ebbc19a190d4c77887c1d2e919c0830858d8953d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:45:32 GMT
x-cdn: Imperva
etag: "63dff94c-d4e"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772573 2VNN RT(1712719990116 7621) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1362

GET
H2 200 waiting-room.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 217ms
201ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/waiting-room.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63b6594d3b25f2fb489e20a56dc4134520399bf34380abb0c2a5ae82631f2f0a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:46:49 GMT
x-cdn: Imperva
etag: "63dff999-e2c"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7629) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1197

GET
H2 200 waf.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 121ms
105ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/waf.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

88ce1403cc1906c46cdbaf38a96b3d30842c04fc8c6c93a4e4b0d57cd4f86360

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:55:07 GMT
x-cdn: Imperva
etag: "63dffb8b-f11"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7635) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1352

GET
H2 200 advanced-bot-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
2 KB 139ms
124ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/advanced-bot-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5ac23e65f56d87a6e399a571e99f008a360d3e8de6fbe3c5de92464ae93d419b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:56:14 GMT
x-cdn: Imperva
etag: "63dffbce-1033"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 7646) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1765

GET
H2 200 api-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 6 KB
2 KB 138ms
123ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/api-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6010e83fe72ef2cd176adaca67ac9c6e3d9c92a159199eeeaf782a3331f2a0d5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:03:25 GMT
x-cdn: Imperva
etag: "63dffd7d-16f0"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7652) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 2238

GET
H2 200 ddos-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 251ms
236ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/ddos-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6c6e1030b23653adf9efc4d7cea424664bb37b95ff72d0cfbc6237806ec676df

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:04:37 GMT
x-cdn: Imperva
etag: "63dffdc5-e14"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772577 2VNN RT(1712719990116 7664) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 1370

GET
H2 200 client-side-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 9 KB
5 KB 249ms
234ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/client-side-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

76fea9e6dfec1fb360e9e76af8ecb7057cd1f7806ab67555c52a77fdb730079e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:05:56 GMT
x-cdn: Imperva
etag: "63dffe14-244e"
vary: Accept-Encoding
x-slot: slot-2
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 14-36770840-36772579 2NNN RT(1712719990116 7669) q(0 1 1 -1) r(2 2)
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 runtime-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 8 KB
3 KB 189ms
174ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/runtime-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7aa92f916531c82fc0110c402faacc2fd5b1e2c0b8bb85448e898f8144a2b7d9

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:06:58 GMT
x-cdn: Imperva
etag: "63dffe52-21d9"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 7680) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 2849

GET
H2 200 serverless-protection.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
2 KB 298ms
283ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/serverless-protection.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

4715b778c68a28824f2bd8d54e0a761a279d40b71f5def3be36aeabfc014ec45

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:08:21 GMT
x-cdn: Imperva
etag: "63dffea5-1082"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7688) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1604

GET
H2 200 attack-analytics.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 299ms
284ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/attack-analytics.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b43cb8a4c12407c7253b29667f3d47ea80f3d080616d896b546bbba7146802e8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 19:08:48 GMT
x-cdn: Imperva
etag: "63dffec0-c27"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772581 2VNN RT(1712719990116 7701) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 1277

GET
H2 200 data-security-fabric.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 7 KB
5 KB 328ms
313ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/data-security-fabric.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d8fc31bf912e9e3fc7f2107ff41f6287a93cbb6414ee4497519a4416616e829

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:26:44 GMT
x-cdn: Imperva
etag: "63e0d5e4-1c5a"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772573 2VNN RT(1712719990116 7711) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 3189

GET
H2 200 icon_data_security.3b69d8d2-2-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
1 KB 337ms
324ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_data_security.3b69d8d2-2-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d1e9b122158ad5d4c0d60b7c0f552dc1392e60dcaf649c3827582bf4319e88f3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:23:46 GMT
x-cdn: Imperva
etag: "65736d42-8d3"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7718) q(0 0 0 -1) r(2 2)
cache-control: max-age=0
content-length: 968

GET
H2 200 icon_multicloud.5be4b003-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
1 KB 360ms
348ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_multicloud.5be4b003-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e0ca2c05025cef9c01b466b3d0f40d6064e5fa2da6a2d10230dc9fbc0f523961

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:24:19 GMT
x-cdn: Imperva
etag: "65736d63-861"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772577 2VNN RT(1712719990116 7733) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 968

GET
H2 200 Data-Risk-Analytics_black.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
3 KB 369ms
356ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/Data-Risk-Analytics_black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f2562c9a71dd954899c607befc794d81e8353bd20df9b1b8b516f9d140a96641

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772579 2NNN RT(1712719990116 7742) q(0 1 1 -1) r(2 2)
content-length: 1219
last-modified: Fri, 08 Dec 2023 19:24:55 GMT
etag: "65736d87-b2c"
vary: Accept-Encoding
x-slot: slot-2
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 icon_brief.4af47836.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
956 B 324ms
312ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_brief.4af47836.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3dabd756c34ec4ab838c2232c13156e3b8918bf1911b34f206718e9cf6963791

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:25:44 GMT
x-cdn: Imperva
etag: "65736db8-8d4"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772581 2CNN RT(1712719990116 7751) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 817

GET
H2 200 icon_discover_classify.ca96a429.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
1 KB 397ms
385ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_discover_classify.ca96a429.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc880ae1ec3a729f651a2c6aae829de1a1c61c461187730b401018260a172e2b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:26:10 GMT
x-cdn: Imperva
etag: "65736dd2-d7b"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7759) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 1332

GET
H2 200 cloud-data-security.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 3 KB
1 KB 435ms
423ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cloud-data-security.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f505512f270809bc07274043af94b12df1c40a727917863590c288de39b3d9fc

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:27:34 GMT
x-cdn: Imperva
etag: "63e0d616-d80"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772573 2VNN RT(1712719990116 7764) q(0 1 1 -1) r(3 3)
cache-control: max-age=0
content-length: 1362

GET
H2 200 icon_coverage_black.845bc853-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 5 KB
2 KB 433ms
422ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_coverage_black.845bc853-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

20b0ae65f9b8f7bf3638714c157445fa3e0aef502864c93eb550f88f16f55917

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:28:42 GMT
x-cdn: Imperva
etag: "65736e6a-1387"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772581 2VNN RT(1712719990116 7770) q(0 1 1 -1) r(3 3)
cache-control: max-age=0
content-length: 2172

GET
H2 200 icon_protect_data_black.c2346606.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 5 KB
2 KB 442ms
431ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_protect_data_black.c2346606.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

caf5734ae4166937cfbc7aeb501797b357daff07085043a0688764b7120c8aea

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:29:22 GMT
x-cdn: Imperva
etag: "65736e92-127f"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7775) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 1882

GET
H2 200 icon_integrate_black.fbdab592-1.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 2 KB
1003 B 372ms
361ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_integrate_black.fbdab592-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

45d5183688616d1f2731c59e3b1330ef5ecd0aeb63c875321fc4a12757e0424a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:29:56 GMT
x-cdn: Imperva
etag: "65736eb4-71c"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772577 2CNN RT(1712719990116 7782) q(0 2 2 -1) r(2 2)
cache-control: max-age=0
content-length: 849

GET
H2 200 icon_unify_black.fe30fb89.svg
www.imperva.com/blog/wp-content/uploads/2023/12/ 3 KB
1 KB 471ms
460ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/12/icon_unify_black.fe30fb89.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9b2c624a45d0935f9b6a6c34ace88f60da27db9db482ceca3067554f4de19f6b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 08 Dec 2023 19:30:26 GMT
x-cdn: Imperva
etag: "65736ed2-b5e"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772577 2VNN RT(1712719990116 7792) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
content-length: 1220

GET
H2 200 ddos-protection-1.svg
www.imperva.com/blog/wp-content/uploads/2023/02/ 4 KB
1 KB 383ms
373ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/ddos-protection-1.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f718bffcdd41642b71ca3b768a29cdf3584c0cb45941f70105076bb67bd61f6

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:31:10 GMT
x-cdn: Imperva
etag: "63e0d6ee-e06"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7800) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
content-length: 1365

GET
H2 200 Blog-image-16a.png.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2022/04/ 79 KB
81 KB 508ms
497ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2022/04/Blog-image-16a.png.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

df637a6f8da956afa19f1d003a9686756e28534895fcea712d901f20238a82eb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772579 2NNN RT(1712719990116 7805) q(0 1 1 -1) r(2 2) U18
referrer-policy: same-origin
last-modified: Wed, 20 Apr 2022 13:53:32 GMT
etag: "6260105c-13bac"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-2
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 091ebf04-8283-4c90-a26c-86623781f703.json Show response
cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/ 4 KB
2 KB 83ms
39ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/091ebf04-8283-4c90-a26c-86623781f703.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0bf6a4ee3d2efc3e49a3a705b3b1530ea8a1dd295cf42f18972e3100350ead8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 35727
content-md5: gFTd45fYgTDS2Dcaa+ogsg==
content-length: 1642
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 15:04:52 GMT
server: cloudflare
etag: 0x8DBB9EAF165DE56
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d42dfe1e-f01e-0004-393a-23b484000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 871facae09154d61-FRA
expires: Thu, 11 Apr 2024 03:33:17 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 258 KB
71 KB 77ms
22ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1ffbe029a1392b23256c1a9f442f89da0d38049488777d46ef0a35eae62575cf

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 02:56:53 GMT
content-encoding: br
age: 2184
x-guploader-uploadid: ABPtcPq7XReJINcl6sCo5gn8x2GtAO9zw4tz7JqMF2uYLQsKI3qq8AIRD_YFhRUGI89QHQdPv1CNFXIMRg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71892
last-modified: Mon, 08 Apr 2024 14:54:53 GMT
server: UploadServer
etag: "c43f6e804a1a934ab608caa8c37582ec"
vary: Accept-Encoding
x-goog-generation: 1712588093179508
x-goog-hash: crc32c=i4azZg==, md5=xD9ugEoak0q2CMqow3WC7A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 71892
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 10 Apr 2024 03:56:53 GMT

GET
H2 200 workbox-window.prod.mjs Show response
storage.googleapis.com/workbox-cdn/releases/6.1.1/ 3 KB
2 KB 193ms
22ms Script
application/javascript 2a00:1450:4001:811::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/workbox-cdn/releases/6.1.1/workbox-window.prod.mjs
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 3846421d9c73536b2869ff117ea84f6b0e6b764406b34523836d47d306ae4fed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:26:51 GMT
content-encoding: gzip
age: 386
x-guploader-uploadid: ABPtcPqawhEEUayMjdVxvYDt_vqiX2PYJosmS8_kdVxe_yBHcPt_loz916toCgdbfFm-zDXhqizgT5c2bA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1299
last-modified: Mon, 22 Feb 2021 19:16:41 GMT
server: UploadServer
etag: "ce7ffaa7ad1f21523b407426d8cbecd6"
vary: Accept-Encoding
x-goog-generation: 1614021401665338
x-goog-hash: crc32c=eSkeUw==, md5=zn/6p60fIVI7QHQm2Mvs1g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1299
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 10 Apr 2025 03:26:51 GMT

GET
H2 200 player-embed.js Show response
www.brighttalk.com/clients/js/player-embed/ 18 KB
6 KB 462ms
310ms Script
application/javascript 104.64.167.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighttalk.com/clients/js/player-embed/player-embed.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.167.195 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-167-195.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f9a7b6edc189c2f1569f1b80e4a8f6a4ce2ec7d3a8afbad3061ca6840057d627

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
last-modified: Wed, 27 Mar 2024 10:11:16 GMT
etag: W/"49e1-18e7f647ef1"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 6298

GET
H2 200 shutterstock_1071270287-11-1.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2024/01/ 49 KB
50 KB 492ms
482ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2024/01/shutterstock_1071270287-11-1.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bc8c33c1e543b78d1a82aee5791610a0e2a1c1c9aa85faaf652fffc6f10cd691

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Wed, 17 Jan 2024 18:42:20 GMT
x-cdn: Imperva
etag: "65a81f8c-c58c"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/jpeg
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7817) q(0 1 1 -1) r(2 2) U18
cache-control: max-age=0
content-length: 50522

GET
H2 200 shutterstock_1071270287-13.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2016/05/ 148 KB
151 KB 567ms
557ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2016/05/shutterstock_1071270287-13.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3fbb573ce3936701801a8b5ad6117b3f4f3ea0c26cd4b151491705b3a4fac876

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Wed, 27 Dec 2023 14:24:37 GMT
x-cdn: Imperva
etag: "658c33a5-25179"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/jpeg
x-iinfo: 14-36770840-36772573 2VNN RT(1712719990116 7824) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 151945

GET
H2 200 app-security.jpg
www.imperva.com/wp-content/themes/impv-blog/dist/imgs/default-thumbnail/ 228 KB
226 KB 294ms
286ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/themes/impv-blog/dist/imgs/default-thumbnail/app-security.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a4ece158ace5ec017660f79c3fa9474ab8d0fd2dc4869c56790ab138d19ef30c

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: "660c345d-391d0"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/jpeg
x-iinfo: 14-36770840-0 0CNN RT(1712719990116 7831) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 231459

GET
H2 200 is-web-scraping-illegal.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2019/11/ 101 KB
101 KB 575ms
567ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2019/11/is-web-scraping-illegal.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2551100dd20777b6798972d9d31e2eb9cd31e9734e02ee8a36e3839f4fc7b99b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Fri, 28 Aug 2020 16:18:06 GMT
x-cdn: Imperva
etag: "5f492e3e-1926a"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/webp
x-iinfo: 14-36770840-36772577 2VNN RT(1712719990116 7835) q(0 2 2 -1) r(3 3)
cache-control: max-age=0
content-length: 103076

GET
H2 200 blog-post-page-version-1.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2023/11/ 140 KB
140 KB 655ms
648ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2023/11/blog-post-page-version-1.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

36d0a0db6a324090d185a56ee594653c0b4ff51e6601a82a59fa5249a369a6b5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 07 Nov 2023 12:29:20 GMT
x-cdn: Imperva
etag: "654a2da0-2308f"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/jpeg
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7842) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 143523

GET
H2 200 DB-Ransomware-Blog.jpg
www.imperva.com/blog/wp-content/uploads/sites/9/2023/10/ 292 KB
292 KB 697ms
690ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2023/10/DB-Ransomware-Blog.jpg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c86cdecb22fbcb95d04702eb9bb1456488357cc957efe24f794a46595ddb5b38

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 17 Oct 2023 14:30:48 GMT
x-cdn: Imperva
etag: "652e9a98-49161"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/jpeg
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7848) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 298997

GET
H2 200 shape.svg
www.imperva.com/wp-content/uploads/2020/12/ 1 KB
718 B 335ms
327ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2020/12/shape.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Wed, 02 Dec 2020 15:09:03 GMT
x-cdn: Imperva
etag: "5fc7ae0f-53f"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-0 0CNN RT(1712719990116 7863) q(0 -1 -1 -1) r(1 -1)
cache-control: max-age=0
content-length: 591

GET
H2 200 logo-imperva-a-thales-company.svg
www.imperva.com/blog/wp-content/themes/impv/img/ 8 KB
3 KB 755ms
748ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/img/logo-imperva-a-thales-company.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-21a6"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7875) q(0 4 4 -1) r(5 5)
cache-control: max-age=0
content-length: 3400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 41ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-114236658-1&l=dataLayer&cx=c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecd393344d2673e5e8d45de969025bb1ff9d5bb937a9cdfb9498768c5c55bcc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72132
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 03:33:17 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 119ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7LFBNHR6BF&gtm=45je4480v9116219100za200&_p=1712719997076&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=354021102.1712719997&ul=en-us&sr=800x600&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1712719997&sct=1&seg=0&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&dt=How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=10102
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 119ms
28ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7LFBNHR6BF&cid=354021102.1712719997&gtm=45je4480v9116219100za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LFBNHR6BF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp_report
www.imperva.com/ 0
67 B 240ms
240ms Other
text/plain 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/csp_report

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 0
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/plain

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 81ms
34ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7LFBNHR6BF&cid=354021102.1712719997&gtm=45je4480v9116219100za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1880755482

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 121ms
37ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept: application/json
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 871facaee8969f15-FRA
access-control-allow-headers: Content-Type

GET
H2 200 Group-2554.svg
www.imperva.com/wp-content/uploads/2021/03/ 782 B
540 B 355ms
349ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2021/03/Group-2554.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

23656e9957f57d4dc83395e4d3583e0320990e1274f97c133e2afd39d15a0d39

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 01 Mar 2021 15:32:23 GMT
x-cdn: Imperva
etag: "603d0907-30e"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-0 0CNN RT(1712719990116 7893) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 405

GET
H2 200 _Incapsula_Resource Show response
www.imperva.com/ 142 KB
20 KB 352ms
346ms Script
application/javascript 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1567270415

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

a895bc8e5152a2401fa1cb4838d58e7fc0577dc511e9fffbeaf817c4866e433c

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20469

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/ 407 KB
98 KB 39ms
33ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/otBannerSdk.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 12zQcT/rVMicuxojEvnp3g==
age: 29502
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 100389
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:15 GMT
server: cloudflare
etag: 0x8DB3FB51FD9A927
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 28d3babc-501e-0022-05ac-12fc9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 871facb1cbe7a043-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
71 KB 51ms
45ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KF4BJ8

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05e0a282e5a38f83607fb38ec83d496da9a00e2d7825ee5a772ae4c56ed88661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72237
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 03:33:17 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 65 KB
18 KB 189ms
42ms Script
application/javascript 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

df4d1ff8adb72502d1b262d0a8af4c3c902ff5e37e442861f5a9fed51d75d18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Apr 2024 21:38:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "6615b567-102f4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 17825
expires: Wed, 10 Apr 2024 03:33:17 GMT

GET
H2 200 5601c189-ca1e-4728-80a2-9f7d7e128eb9.js Show response
imperva.containers.piwik.pro/ 303 KB
82 KB 110ms
31ms Script
application/javascript 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva.containers.piwik.pro/5601c189-ca1e-4728-80a2-9f7d7e128eb9.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f0cb9d628c5a8d2838b78b09c99a8f920e78d59007b1458fec779fd594d6abc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
referrer-policy: origin
etag: W/"e3b84521e96e2398-a36e67fa3e2bf738"
vary: Accept-Encoding, Cookie
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate
x-robots-tag: none
x-cached: HIT

GET
H2 200 cdn-report-background.jpeg
www.imperva.com/blog/wp-content/uploads/2023/02/ 24 KB
24 KB 647ms
647ms Image
image/jpeg 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/cdn-report-background.jpeg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bd97a1ba1726d0e2dc8aa6e3628a2eb68032b2a3607c4d9239d0bd56b6e75b1e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Sun, 05 Feb 2023 18:03:04 GMT
x-cdn: Imperva
etag: "63dfef58-5e22"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/jpeg
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 7914) q(0 3 3 -1) r(3 3)
cache-control: max-age=0
content-length: 24063

GET
H2 200 navbar-promotion-channel-program.png
www.imperva.com/blog/wp-content/uploads/2023/06/ 33 KB
34 KB 744ms
744ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/06/navbar-promotion-channel-program.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8e768be304cb57069ff9e61716ff1dd571e7d88f1dc18f00852a8fda9d0cd22a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772579 2NNN RT(1712719990116 7921) q(0 3 3 -1) r(4 4)
referrer-policy: same-origin
last-modified: Wed, 07 Jun 2023 12:23:03 GMT
etag: "648076a7-851c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
x-slot: slot-2
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 customers-application-security-banner.png
www.imperva.com/blog/wp-content/uploads/2023/02/ 29 KB
29 KB 766ms
766ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/customers-application-security-banner.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

596f24a4c1ca10df756d9b6293582a99f10d1becd6cbb50f3e8a8c74f4d17505

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 10:50:06 GMT
x-cdn: Imperva
etag: "63e0db5e-7387"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/png
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7927) q(0 3 3 -1) r(4 4)
cache-control: max-age=0
content-length: 29608

GET
H2 200 Blog-banner.png
www.imperva.com/blog/wp-content/uploads/2023/02/ 104 KB
106 KB 727ms
727ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/02/Blog-banner.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b160daffaa522a02b24a9c260a50bc4c5ff7b081162f517fe343255f5d7ac5c2

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Mon, 06 Feb 2023 11:00:29 GMT
x-cdn: Imperva
etag: "63e0ddcd-19e17"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/png
x-iinfo: 14-36770840-36772575 2CNN RT(1712719990116 7933) q(0 4 4 -1) r(4 4)
cache-control: max-age=0
content-length: 106065

GET
H2 200 esg-nevbar.png
www.imperva.com/blog/wp-content/uploads/2023/07/ 53 KB
55 KB 832ms
831ms Image
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2023/07/esg-nevbar.png

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d37b4b075815b666679e52c8064db9533be103d107c15f861db348ea48b4865b

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Thu, 06 Jul 2023 11:19:05 GMT
x-cdn: Imperva
etag: "64a6a329-d366"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/png
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7940) q(0 4 4 -1) r(5 5)
cache-control: max-age=0
content-length: 54161

GET
H2 200 linkedin-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 744 B
515 B 839ms
839ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/linkedin-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-3c80c0f892.min.css?ver=3c80c0f892

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7662f910f71930fd17446eedb1e9670446fb6d6959e51a8049dbd0bad3bc0bd8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-3c80c0f892.min.css?ver=3c80c0f892
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
content-encoding: gzip
etag: "660c345e-2e8"
vary: Accept-Encoding
x-slot: slot-2
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 14-36770840-36772579 2NYN RT(1712719990116 7946) q(0 4 4 -1) r(5 5)
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 twitter-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 1 KB
748 B 767ms
766ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/twitter-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-3c80c0f892.min.css?ver=3c80c0f892

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

99eeeee64d67dfe14216184c5c639eb0a251618f620dd12818cd21290ac7aaa7

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-3c80c0f892.min.css?ver=3c80c0f892
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-47e"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 7951) q(0 4 4 -1) r(4 4)
cache-control: max-age=0
content-length: 610

GET
H2 200 facebook-black.svg
www.imperva.com/blog/wp-content/themes/impv/dist/imgs/ 894 B
598 B 862ms
861ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/imgs/facebook-black.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-3c80c0f892.min.css?ver=3c80c0f892

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

7fd2e4240a153a2c752737589c0edc9833390bfa287647b41f56315ef7b7cd2d

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-import-share-buttons-3c80c0f892.min.css?ver=3c80c0f892
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-37e"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 7958) q(0 4 4 -1) r(5 5)
cache-control: max-age=0
content-length: 486

GET
H2 200 Inter-Regular.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 98 KB
99 KB 403ms
402ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Regular.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-18810"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772573 2CNN RT(1712719990116 7964) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
x-incap-sess-cookie-hdr: wr/uLxOgm2zQ7A+PQ1Cif34IFmYAAAAAeQ/AZW5S2sIRZTTlTLhaZA==
content-length: 99458

GET
H2 200 Inter-Medium.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 104 KB
103 KB 508ms
507ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Medium.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-19ff4"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772581 2VNN RT(1712719990116 7969) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
x-incap-sess-cookie-hdr: rLPsHb2aVTfQ7A+PQ1Cif34IFmYAAAAAsN/8reSVyojhtIW8kcuwbg==
content-length: 105552

GET
H2 200 Inter-Bold.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/ 105 KB
104 KB 513ms
513ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/InterWeb/Inter-Bold.woff2

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-1a288"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 7974) q(0 1 1 -1) r(2 2)
cache-control: max-age=0
x-incap-sess-cookie-hdr: ILyqbwmBpkjQ7A+PQ1Cif34IFmYAAAAAU6P3dam2PsiAdNrNUyKQfQ==
content-length: 106106

GET
H2 200 fontello.woff2
www.imperva.com/blog/wp-content/themes/impv/dist/fonts/fontello/ 2 KB
3 KB 414ms
414ms Font
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impv/dist/fonts/fontello/fontello.woff2?6965835

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

190c977f5cfffc6ef67ef2bba456e93cd32fd179dfbe76bc066ef943fce85446

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv/dist/css/impv-vendors-623fff4c79.min.css?ver=623fff4c79
Origin: https://www.imperva.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-978"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36772573 2CNN RT(1712719990116 7983) q(0 1 1 -1) r(1 1)
cache-control: max-age=0
x-incap-sess-cookie-hdr: Z2a6FdEdAAjQ7A+PQ1Cif34IFmYAAAAAPvnsQHDX81a77IPuvXklnQ==
content-length: 2452

GET
H2 200 JO.corp_-36x36.jpg.webp
www.imperva.com/blog/wp-content/uploads/sites/9/2021/03/ 1 KB
3 KB 920ms
920ms Image
image/webp 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/sites/9/2021/03/JO.corp_-36x36.jpg.webp

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

28f9f564ab0d8e9c5210dc12f201f8fe050d596264d717edbeb10040117ba234

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772579 2NNN RT(1712719990116 8005) q(0 4 4 -1) r(5 5) U18
content-length: 1186
referrer-policy: same-origin
last-modified: Sun, 21 Mar 2021 12:54:52 GMT
etag: "6057421c-4a2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
x-slot: slot-2
cache-control: max-age=0
accept-ranges: bytes

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 87ms
21ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 10 Apr 2024 01:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6875
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 10 Apr 2024 03:38:42 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/76ec43e5-0519-49c8-abbd-3a014a11c1ea/ 113 KB
23 KB 44ms
44ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/091ebf04-8283-4c90-a26c-86623781f703/76ec43e5-0519-49c8-abbd-3a014a11c1ea/en.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30f890a763ef761e59cf09a86be14e655e72a5231f76b32fd6a0e6114264b329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 81948
content-md5: +1Hlg87bcMDnScZwyCRcdQ==
content-length: 23140
x-ms-lease-status: unlocked
last-modified: Wed, 20 Sep 2023 15:04:56 GMT
server: cloudflare
etag: 0x8DBB9EAF3D17A5A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ddd14160-101e-008a-2c58-796232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 871facb23b4a4d61-FRA
expires: Thu, 11 Apr 2024 03:33:17 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/Y5R7X/v1/ 4 KB
1 KB 121ms
121ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/Y5R7X/v1/web
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71b1a3e3da3d092a081225f5b6272e4ccfe9b32d81575fb33a015a1a22dbb7d9

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPoKnnNksD3aaWvadyAiPvSwWyJy-FS8Rc_FybTHAjma6aJWWjzaEmR_DttwBRbFXcbmxw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1198
last-modified: Wed, 21 Jun 2023 11:08:06 GMT
server: UploadServer
etag: "ec2c68ea8d76de6f93aa55d2dd62e952"
x-goog-generation: 1687345685956137
x-goog-hash: crc32c=DuKRaA==, md5=7Cxo6o123m+TqlXS3WLpUg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1198
accept-ranges: bytes
content-type: application/json
expires: Wed, 10 Apr 2024 03:48:17 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 13 KB
3 KB 31ms
31ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otFlat.json

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: QSeDXFW8Ey6Sps1UWSFoNg==
age: 34277
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3020
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:07 GMT
server: cloudflare
etag: 0x8DB3FB51B21D3A6
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 559b483f-201e-0028-60a6-21582b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 871facb2db824d61-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202303.1.0/assets/ 21 KB
4 KB 31ms
31ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202303.1.0/assets/otCommonStyles.css

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 10 Apr 2024 03:33:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 34277
x-ms-lease-status: unlocked
last-modified: Tue, 18 Apr 2023 02:32:19 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 0d8297c8-101e-0041-58cd-216167000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 871facb2db844d61-FRA

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 230ms
30ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA7) /

Resource Hash

5f9fac8d51134fcba0174a1c8d00d921b09bcfa2159cab80c016d9c0c0e8453c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 04 Apr 2024 16:22:12 GMT
server: ECS (amb/6BA7)
age: 22816
etag: "42f0b43fac86da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25391

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 38ms
37ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991406091

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7f5e7b50024632c020c281e469f675b3a08f935f42e148e2f90c1a01c8e6b580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80422
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 03:33:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 38ms
38ms Script
application/javascript 216.58.206.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-991406091&l=dataLayer&cx=c

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

60dae1ca6da53f32bd509ba4404bcaa80b9a90539c553678b8af30d320e06c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80452
x-xss-protection: 0
last-modified: Wed, 10 Apr 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 10 Apr 2024 03:33:17 GMT

GET
H2 200 ppms.js Show response
imperva.piwik.pro/ 81 KB
28 KB 112ms
46ms Script
application/javascript 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva.piwik.pro/ppms.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

90c1259c518e899ef16d991aad8e9a079e275295bdc623a764e0e5872c719404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Thu, 22 Feb 2024 12:09:16 GMT
referrer-policy: origin
etag: W/"65d7396c-1449d"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
expires: Wed, 10 Apr 2024 09:33:18 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 243ms
48ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 03:33:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 112ms
48ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a993cfc76804905cd8a6e680e876b0dd8646063a0683b5cf3fbcd42453e7ffc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 10 Apr 2024 03:33:18 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 27ms
27ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1492395696&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&ul=en-us&de=UTF-8&dt=How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva&sd=24-bit&sr=800x600&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=344223181&gjid=795061190&cid=354021102.1712719997&tid=UA-114236658-1&_gid=675934094.1712719998&_r=1&gtm=457e4480z89116219100za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=150569161

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 29ms
29ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114236658-1&cid=354021102.1712719997&jid=344223181&gjid=795061190&_gid=675934094.1712719998&npa=1&_u=YADAAUAAAAAAACAAI~&z=1828074413

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 10 Apr 2024 03:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 155ms
31ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=354021102.1712719997&jid=344223181&npa=1&_u=YADAAUAAAAAAACAAI~&z=1960468334

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp_report
www.imperva.com/ 0
67 B 169ms
168ms Other
text/plain 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/csp_report

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 0
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/plain

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 32ms
31ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=354021102.1712719997&jid=344223181&npa=1&_u=YADAAUAAAAAAACAAI~&z=1960468334

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 page Show response
rs.fullstory.com/rec/ 75 B
273 B 239ms
142ms XHR
text/plain 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rs.fullstory.com/rec/page

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

58.194.186.35.bc.googleusercontent.com

Software

Resource Hash

d3cfdc0aeea2b41a0bf11c2ed24e615f84abd0d9495e5c66fb328540819b9cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
via: 1.1 google
x-content-type-options: nosniff
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/45986ce4/www-widgetapi.vflset/ 216 KB
67 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/45986ce4/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

240bec4f5eb6f06d9e04895bc0f3bae9f097cd6e97e0395dddeed14fe1ee4754

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 00:32:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10874
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68432
x-xss-protection: 0
last-modified: Mon, 08 Apr 2024 04:16:19 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 10 Apr 2025 00:32:04 GMT

POST
H2 202 ppms.php
imperva.piwik.pro/ 0
0 32ms
32ms Ping
text/html 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://imperva.piwik.pro/ppms.php
Requested by: Host: imperva.piwik.pro
URL: https://imperva.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2 200 standalone
www.brighttalk.com/service/player/en-US/theme/default/channel/12349/webcast/610956/ Frame 2912 0
0 401ms
306ms Document
text/html 104.64.167.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.brighttalk.com/service/player/en-US/theme/default/channel/12349/webcast/610956/standalone?commid=610956&reactPlayer=true&b=23644&embedUrl=https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Requested by: Host: www.brighttalk.com
URL: https://www.brighttalk.com/clients/js/player-embed/player-embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.167.195 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-167-195.deploy.static.akamaitechnologies.com
Software: / Next.js
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2817
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 03:33:18 GMT
etag: "rzqti63eqi67o"
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 xrppvhbiz5n6.js Show response
js.driftt.com/include/1712720100000/ 221 KB
62 KB 427ms
348ms Script
application/javascript 18.66.192.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1712720100000/xrppvhbiz5n6.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-97.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

28e132ea525a5b852dc1a77fcadc939ba1b70d68f321dd2ddeedc4b8a8cb93ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ECpAIUHXvnHr64vvrQweEad8ZWUjBUSY
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
date: Wed, 10 Apr 2024 03:33:18 GMT
via: 1.1 fb542039f97bb702c0e68d2142c449aa.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 28
last-modified: Thu, 04 Apr 2024 20:13:54 GMT
server: istio-envoy
etag: W/"d320e83a1b98d0793815b4e22b96825b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 4TDKo7TjOLxyByNZyhL9IBWsPdVVt7_hEhenexrmFkCSLONRvoqjoQ==

GET
H2 200 shape.svg
www.imperva.com/wp-content/uploads/2020/12/ 1 KB
741 B 46ms
46ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/wp-content/uploads/2020/12/shape.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Wed, 02 Dec 2020 15:09:03 GMT
x-cdn: Imperva
etag: "5fc7ae0f-53f"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-0 0CNN RT(1712719990116 8049) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=0
content-length: 591

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 146 B
365 B 623ms
623ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate: 402762@nr=0-1-322172-969995084-46cf803a6e2b98bf----1712719998177
traceparent: 00-59fdfac4186c2c7f63abeed50d0e7ed0-46cf803a6e2b98bf-01
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiI0NmNmODAzYTZlMmI5OGJmIiwidHIiOiI1OWZkZmFjNDE4NmMyYzdmNjNhYmVlZDUwZDBlN2VkMCIsInRpIjoxNzEyNzE5OTk4MTc3LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772821 NNNN CT(92 204 0) RT(1712719990116 8054) q(0 1 4 -1) r(6 6) U12
content-length: 121
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-2
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 bg-dots01.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 34 KB
12 KB 501ms
500ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dots01.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-03daf72ea5.min.css?ver=03daf72ea5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5d3a7fd1356e747fac0fbffe52717d1f839d20da639548280999b2efb245c7ed

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-03daf72ea5.min.css?ver=03daf72ea5
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: "660c345d-8650"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36772575 2VNN RT(1712719990116 8062) q(0 4 4 -1) r(5 5)
cache-control: max-age=0
content-length: 12665

GET
H2 200 bg-dots02.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 18 KB
7 KB 413ms
412ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dots02.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-03daf72ea5.min.css?ver=03daf72ea5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6c8d043959c8141f082282f3e70f8ccceec0405e72f60c5dcdbb005e31550107

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-03daf72ea5.min.css?ver=03daf72ea5
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: "660c345d-4823"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 8075) q(0 4 4 -1) r(4 4)
cache-control: max-age=0
content-length: 7260

GET
H2 200 bg-dotted03.svg
www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/ 34 KB
13 KB 508ms
507ms Image
image/svg+xml 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impv-blog/src/imgs/bg-dotted03.svg

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-03daf72ea5.min.css?ver=03daf72ea5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8be60165f00625f3116094377a58246b598c01d24bb7e27d2983733a27e53ff3

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/wp-content/themes/impv-blog/dist/css/impv-blog-inner-03daf72ea5.min.css?ver=03daf72ea5
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
last-modified: Tue, 02 Apr 2024 16:37:49 GMT
x-cdn: Imperva
etag: "660c345d-8985"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/svg+xml
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 8082) q(0 4 4 -1) r(5 5)
cache-control: max-age=0
content-length: 12907

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 49ms
49ms Script
application/x-javascript 104.64.124.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.64.124.188 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-64-124-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 03:33:18 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Fri, 19 Jul 2024 03:33:18 GMT

GET
H2 200 _Incapsula_Resource
www.imperva.com/ 1 B
122 B 37ms
36ms Image
text/plain 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6146860534472771

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
cache-control: no-cache, no-store
x-content-type-options: nosniff
x-robots-tag: noindex
content-length: 1
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: text/plain

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 146 B
620 B 573ms
573ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate: 402762@nr=0-1-322172-969995084-f9a4140122599b7f----1712719998214
traceparent: 00-4472aa292e5e63d76583e56956b95a70-f9a4140122599b7f-01
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiJmOWE0MTQwMTIyNTk5YjdmIiwidHIiOiI0NDcyYWEyOTJlNWU2M2Q3NjU4M2U1Njk1NmI5NWE3MCIsInRpIjoxNzEyNzE5OTk4MjE0LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772825 NNNN CT(91 196 0) RT(1712719990116 8107) q(0 0 3 -1) r(5 5) U12
content-length: 121
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-2
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 geo Show response
www.imperva.com/wp-json/geoLocationData/v1/ 146 B
2 KB 570ms
570ms XHR
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-json/geoLocationData/v1/geo

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
tracestate: 402762@nr=0-1-322172-969995084-34f7bc493d180bd3----1712719998218
traceparent: 00-77551012bea968452ce49e6448c5bfa0-34f7bc493d180bd3-01
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyMjE3MiIsImFwIjoiOTY5OTk1MDg0IiwiaWQiOiIzNGY3YmM0OTNkMTgwYmQzIiwidHIiOiI3NzU1MTAxMmJlYTk2ODQ1MmNlNDllNjQ0OGM1YmZhMCIsInRpIjoxNzEyNzE5OTk4MjE4LCJ0ayI6IjQwMjc2MiJ9fQ==
Accept: */*
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
X-Requested-With: XMLHttpRequest
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-36770840-36772827 NNNN CT(90 198 0) RT(1712719990116 8132) q(0 0 3 -1) r(5 5) U12
content-length: 121
referrer-policy: same-origin
allow: GET, POST
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-slot: slot-2
x-robots-tag: noindex
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link: <https://www.imperva.com/wp-json/>; rel="https://api.w.org/"

GET
H2 200 ipv
cdn.bizible.com/ 43 B
305 B 29ms
28ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=&_biz_h=-417244810&_biz_u=91ba7c05f6b44bd6ee71d82a4f3a5d72&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&_biz_t=1712719998156&_biz_i=How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva&_biz_n=0&rnd=975424&cdn_o=a&_biz_z=1712719998235

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B77) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:18 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Mon, 08 Apr 2024 02:02:26 GMT
server: ECS (amb/6B77)
age: 178252
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
203 B 38ms
28ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=91ba7c05f6b44bd6ee71d82a4f3a5d72&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&_biz_t=1712719998237&_biz_i=How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva&rnd=135229&cdn_o=a&_biz_z=1712719998237

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7E) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:18 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Mon, 08 Apr 2024 09:34:34 GMT
server: ECS (amb/6B7E)
age: 151124
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51cc5cc0737cbfcc7c7e35a142af498e9784a6bf6fb14815834d8b934b2319f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 84 B
295 B 340ms
339ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=91ba7c05f6b44bd6ee71d82a4f3a5d72&_biz_h=-417244810&cdn_o=a&jsVer=4.24.04.04

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBB) /

Resource Hash

6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (amb/6BBB)
etag: EFEDFBC3
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 186

POST
H/1.1 200
OK visitWebPage
727-wrl-406.mktoresp.com/webevents/ 2 B
318 B 679ms
107ms Ping
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://727-wrl-406.mktoresp.com/webevents/visitWebPage?_mchNc=1712719998331&_mchCn=&_mchId=727-WRL-406&_mchTk=_mch-imperva.com-1712719998330-94411&_mchHo=www.imperva.com&_mchPo=&_mchRu=%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 10 Apr 2024 03:33:18 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 5954c427-1729-4cc6-9f32-d7538d9f3e05

POST
H2 200 strants-not-worstling-We-what-her-Lords-Thunderd Show response
www.imperva.com/ 735 B
914 B 69ms
69ms Fetch
application/json 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd?d=www.imperva.com

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/strants-not-worstling-We-what-her-Lords-Thunderd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ebcbb9fc249de57aa7cbb9553b91868b32164fb3081ca1a7d91c81cc28434acd

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain; charset=utf-8
Accept: application/json; charset=utf-8
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:17 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
content-encoding: gzip
x-cdn: Imperva
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/json
access-control-allow-origin: *
x-iinfo: 14-36770840-36772555 PNYN RT(1712719990116 8404) q(0 0 0 -1) r(0 0) U6
cache-control: no-cache, no-store
server-timing: bon, total;dur=6.412203

POST
H2 202 ppms.php
imperva.piwik.pro/ 0
0 51ms
50ms Ping
text/html 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://imperva.piwik.pro/ppms.php
Requested by: Host: imperva.piwik.pro
URL: https://imperva.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H2 200 / Show response
c.6sc.co/ 7 B
193 B 52ms
43ms XHR
text/html 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-147-176.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 23 B
314 B 101ms
22ms XHR
text/html 2a02:26f0:ab00::214:8e41
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00::214:8e41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b8587bd86363574b1501f9b1612ba563d25ec14dba7d3f31efdab950dc5f8a11

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:19 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.imperva.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2001:1b60:2:240:3247::7
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1712719999039_34901565_73415125_24_868_20_43_219";dur=1
content-length: 23
expires: Wed, 10 Apr 2024 03:33:19 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 256ms
248ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=fb3eaf9d-2223-45dc-8d0e-86eea5123e90&session=9b15a38f-4343-44b0-8aba-a553a1dd6966&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A17%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&pageViewId=7e39284b-d144-40a9-8035-10d3a4f6e79c&v=1.1.16

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 257ms
250ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=fb3eaf9d-2223-45dc-8d0e-86eea5123e90&session=9b15a38f-4343-44b0-8aba-a553a1dd6966&event=ni%3AasyncSettingsAudit&q=%7B%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2010%20Apr%202024%2003%3A33%3A17%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%226ba0a5170b7bdf842e22ba6f114c37d0%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2010%20Apr%202024%2003%3A33%3A17%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2010%20Apr%202024%2003%3A33%3A17%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&pageViewId=7e39284b-d144-40a9-8035-10d3a4f6e79c&v=1.1.16

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 core
js.driftt.com/ Frame 81C6 0
0 396ms
343ms Document
text/html 18.66.192.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core?d=1&embedId=xrppvhbiz5n6&eId=xrppvhbiz5n6&region=US&forceShow=false&skipCampaigns=false&sessionId=17e71bd5-93aa-44dd-acec-3fc8792078ff&sessionStarted=1712719998.997&campaignRefreshToken=5800cd31-0b0d-44c7-acbb-4ded51c24edf&hideController=false&pageLoadStartTime=1712719997191&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-97.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 03:33:19 GMT
etag: W/"f4497bfb5a87b7c4365be2cac47f8d1a"
last-modified: Thu, 04 Apr 2024 19:46:21 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
x-amz-cf-id: AEzTzwjVLt7Jr1F26_2Y_0FDscilofQgZBNLSVX_1_2f749npaiYug==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: ZBEiLR5jfh3iii3cnfTNRQsxvVBIMKla
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 16

GET
H2 200 chat
js.driftt.com/core/ Frame 7355 0
0 386ms
334ms Document
text/html 18.66.192.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/core/chat?d=1&region=US&driftEnableLog=false&pageLoadStartTime=1712719997191

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-97.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 10 Apr 2024 03:33:19 GMT
etag: W/"f4497bfb5a87b7c4365be2cac47f8d1a"
last-modified: Thu, 04 Apr 2024 19:46:21 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
x-amz-cf-id: O3BCfpW6K8TKo_Uryif0fOkT9GJux-qfZl58zl_0AqcprI13NWKGdw==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: ZBEiLR5jfh3iii3cnfTNRQsxvVBIMKla
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 14

GET
H2 200 nr-spa-1209.min.js Show response
js-agent.newrelic.com/ 42 KB
17 KB 67ms
19ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1209.min.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KgzCtiOnqYr340UnH7uEeaW1TwZyFYCF
content-encoding: br
via: 1.1 varnish
date: Wed, 10 Apr 2024 03:33:19 GMT
strict-transport-security: max-age=300
x-amz-request-id: RD4SN7YK0AQPH5H4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 16548
x-amz-id-2: v5u0rllZ3Zg6h5n7yAEMA4Lu9dg6K243RvNINEeX/eWs+Hj/mS84QaGiICObu8zjF3RUvPJbdKkzMwt//b71JMqSmgW1PunUtgM2zNYYz5Y=
x-served-by: cache-fra-eddf8230075-FRA
last-modified: Wed, 18 Oct 2023 21:31:08 GMT
server: AmazonS3
etag: "0a1d4ac0ed6107cdf844f28cc3ba3b82"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 71

GET
H/1.1 200 09b953aa28 Show response
bam.nr-data.net/1/ 79 B
579 B 600ms
547ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/09b953aa28?a=969995084&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=12017&ck=1&ref=https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/&be=9927&fe=11943&dc=11173&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1712719987058,%22n%22:0,%22f%22:0,%22dn%22:29,%22dne%22:29,%22c%22:29,%22s%22:3069,%22ce%22:3093,%22rq%22:3093,%22rp%22:9819,%22rpe%22:10133,%22dl%22:9824,%22di%22:11153,%22ds%22:11162,%22de%22:11217,%22dc%22:11933,%22l%22:11943,%22le%22:11950%7D,%22navigation%22:%7B%7D%7D&fp=10712&fcp=10712&jsonp=NREUM.setToken
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0685bb5e1ab1cabc4e570a87e4daf61debf86ff6634a407efceb87988f5afa9e

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: *
Content-Length: 79
x-served-by: cache-fra-eddf8230088-FRA

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
484 B 248ms
248ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=fb3eaf9d-2223-45dc-8d0e-86eea5123e90&session=9b15a38f-4343-44b0-8aba-a553a1dd6966&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A2%3A240%3A3247%3A%3A7%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&pageViewId=7e39284b-d144-40a9-8035-10d3a4f6e79c&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 u
cdn.bizible.com/ 43 B
108 B 30ms
28ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A727-WRL-406%26token%3A_mch-imperva.com-1712719998330-94411&_biz_u=91ba7c05f6b44bd6ee71d82a4f3a5d72&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&_biz_t=1712719999238&_biz_i=How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva&_biz_n=1&rnd=309302&cdn_o=a&_biz_z=1712719999238

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7E) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 03:33:19 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Mon, 08 Apr 2024 09:34:34 GMT
server: ECS (amb/6B7E)
age: 151125
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

POST
H/1.1 200 09b953aa28 Show response
bam.nr-data.net/resources/1/ 36 B
355 B 155ms
155ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/09b953aa28?a=969995084&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=12622&ck=1&ref=https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/&st=1712719987058
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 787f2af5a3fec986fabed8c2756943517347f43433471a7185c2c0eac421dc4f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.imperva.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-eddf8230088-FRA

GET
H2 200 favicon.png
www.imperva.com/wp-content/themes/impv/icons/ 415 B
579 B 126ms
126ms Other
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

01ec196bf73e983ac57b3769fd71e3fcc07123f0cf6998e2ed095a7a75843e8a

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-19f"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/png
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 9565) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 415

GET
H2 200 favicon.icns
www.imperva.com/wp-content/themes/impv/icons/ 802 B
920 B 60ms
60ms Other
application/octet-stream 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.icns

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

15799e5551a532f329f20935f7f365968188541c2519369e70b6fed7b4c8f5e5

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-322"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: application/octet-stream
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 9706) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 802

GET
H2 200 favicon.ico
www.imperva.com/ 1 KB
1 KB 33ms
32ms Other
image/x-icon 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-47e"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/x-icon
x-iinfo: 14-36770840-36772579 2CNN RT(1712719990116 9753) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1150

GET
H2 200 favicon.ico
www.imperva.com/wp-content/themes/impv/icons/ 1 KB
1 KB 54ms
53ms Other
image/x-icon 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:19 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-47e"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/x-icon
x-iinfo: 14-36770840-36770846 2CNN RT(1712719990116 9798) q(0 0 0 -1) r(0 0)
cache-control: max-age=0
content-length: 1150

GET
H2 200 favicon-32.png
www.imperva.com/wp-content/themes/impv/icons/ 629 B
793 B 140ms
140ms Other
image/png 45.60.76.225
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/wp-content/themes/impv/icons/favicon-32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.76.225 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

6f704a7156ec50c34bba729b656133b6099c5ee960d8271af5f8be8863b91b66

Security Headers

Name

Value

Content-Security-Policy

X-Content-Type-Options

nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:20 GMT
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com *.onetrust.com *.imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl *.doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es *.mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg *.optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net *.adroll.com www.google.com.pk *.googleapis.com www.google.com.ng rs.fullstory.com *.vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my *.mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com *.gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com *.gravatar.com code.highcharts.com go.imperva.com imperva.substack.com *.vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
x-content-type-options: nosniff
last-modified: Tue, 02 Apr 2024 16:37:50 GMT
x-cdn: Imperva
etag: "660c345e-275"
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro *.vimeo.com *.imperva.com *.optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com *.onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr *.mktoutil.com *.gstatic.com *.doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com *.googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com *.mktoresp.com www.google.com.mx www.brighttalk.com *.facebook.net ipv6.6sc.co adservice.google.com ; form-action 'none' ; frame-ancestors 'self' ; report-uri /csp_report
content-type: image/png
x-iinfo: 14-36770840-36770846 2VNN RT(1712719990116 9842) q(0 0 0 -1) r(1 1)
cache-control: max-age=0
content-length: 629

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 248ms
248ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=fb3eaf9d-2223-45dc-8d0e-86eea5123e90&session=9b15a38f-4343-44b0-8aba-a553a1dd6966&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A19%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A17%20GMT%22%2C%22timeSpent%22%3A%222054%22%2C%22totalTimeSpent%22%3A%222054%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&pageViewId=7e39284b-d144-40a9-8035-10d3a4f6e79c&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:20 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 249ms
249ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=fb3eaf9d-2223-45dc-8d0e-86eea5123e90&session=9b15a38f-4343-44b0-8aba-a553a1dd6966&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A20%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A19%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%223054%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&pageViewId=7e39284b-d144-40a9-8035-10d3a4f6e79c&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:21 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 202 ppms.php
imperva.piwik.pro/ 0
0 34ms
33ms Ping
text/html 2603:1020:203:3::489
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://imperva.piwik.pro/ppms.php
Requested by: Host: imperva.piwik.pro
URL: https://imperva.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2603:1020:203:3::489 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
22ms Image
image/gif 142.250.74.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1492395696&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&ul=en-us&de=UTF-8&dt=How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva&sd=24-bit&sr=800x600&vp=1600x1200&je=0&ec=Drift%20Widget&ea=Playbook%20Fired&el=Playbook%20ID%3A%202242516&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=354021102.1712719997&tid=UA-114236658-1&_gid=675934094.1712719998&gtm=457e4480z89116219100za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=381362377

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.206 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 10 Apr 2024 00:14:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11926
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
485 B 247ms
247ms Image
image/gif 2.17.147.176
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=fb3eaf9d-2223-45dc-8d0e-86eea5123e90&session=9b15a38f-4343-44b0-8aba-a553a1dd6966&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A21%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A20%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224055%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&pageViewId=7e39284b-d144-40a9-8035-10d3a4f6e79c&v=1.1.16

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.147.176 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-147-176.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 10 Apr 2024 03:33:22 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 01:45:17 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f02dad-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST 09b953aa28
bam.nr-data.net/events/1/ 0
0

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/09b953aa28?a=969995084&sa=1&v=1209.f04e2b9&t=Unnamed%20Transaction&rst=15711&ck=1&ref=https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=6ba0a5170b7bdf842e22ba6f114c37d0&svisitor=null&visitor=fb3eaf9d-2223-45dc-8d0e-86eea5123e90&session=9b15a38f-4343-44b0-8aba-a553a1dd6966&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A22%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2010%20Apr%202024%2003%3A33%3A21%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225056%22%7D&isIframe=false&m=%7B%22description%22%3A%22%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22How%20Web%20Applications%20Are%20Attacked%20Through%20APIs%20%7C%20Imperva%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&pageViewId=7e39284b-d144-40a9-8035-10d3a4f6e79c&v=1.1.16

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.imperva.com/	1970-01-20 19:45:21	Name: ppwp_wp_session Value: fa3ac5dff2f44ce746d41e4dcd2203dd%7C%7C1712721790%7C%7C1712721430
.imperva.com/	1969-12-31 23:59:59	Name: nlbi_2439_1706812 Value: iOxeb85FhVOcaQZnDugsBAAAAABNBB08LYokAGmAAt4wis5+
.imperva.com/	1970-01-21 04:30:39	Name: visid_incap_2439 Value: kKi0E5qGSPGEh5f1TrJuDnYIFmYAAAAAQUIPAAAAAADXJTe16ctJAVe96q8cqq8u
.imperva.com/	1969-12-31 23:59:59	Name: incap_ses_9197_2439 Value: UT2DbbFydm7Q7A+PQ1Cif3wIFmYAAAAAlIFYdEP/Zj8lRhDarp7gWQ==
www.imperva.com/	1969-12-31 23:59:59	Name: isEuropeUser Value: true
www.imperva.com/	1969-12-31 23:59:59	Name: cookieconsent_status Value: europe-user
.imperva.com/	1970-01-21 05:21:19	Name: _ga_7LFBNHR6BF Value: GS1.1.1712719997.1.0.1712719997.60.0.0
.go.imperva.com/	1970-01-20 19:45:21	Name: __cf_bm Value: CRYz00uZ1wIM6e0iEi98.z7Kqc3GHgs2qf_wT1f8iS8-1712719997-1.0.1.1-T0.6OMFEP_c9FUtsH50pwrfq.7kIdaw3MWbHXBiU8Xb_69pBKU3DO_c1TNBu9l4N1k6XxC3iVuldrNGp_in_rQ
www.imperva.com/	1970-01-20 19:45:21	Name: stg_traffic_source_priority Value: 1
.imperva.com/	1970-01-21 05:21:19	Name: _ga Value: GA1.2.354021102.1712719997
.imperva.com/	1970-01-20 19:46:46	Name: _gid Value: GA1.2.675934094.1712719998
.imperva.com/	1970-01-20 19:45:20	Name: _gat_gtag_UA_114236658_1 Value: 1
.imperva.com/	1970-01-20 21:54:55	Name: _gcl_au Value: 1.1.2083915135.1712719998
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DbLKVQDRBSw
.youtube.com/	1970-01-21 00:04:31	Name: VISITOR_INFO1_LIVE Value: VsdjCloNLlU
.youtube.com/	1970-01-21 00:04:31	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgFQ%3D%3D
.imperva.com/	1970-01-20 19:45:21	Name: _pk_ses.5601c189-ca1e-4728-80a2-9f7d7e128eb9.4f80 Value: *
.imperva.com/	1970-01-21 04:30:55	Name: _biz_uid Value: 91ba7c05f6b44bd6ee71d82a4f3a5d72
.bizible.com/	1970-01-21 04:30:55	Name: _BUID Value: 91ba7c05f6b44bd6ee71d82a4f3a5d72
.imperva.com/	1970-01-21 00:04:31	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Apr+10+2024+05%3A33%3A18+GMT%2B0200+(Central+European+Summer+Time)&version=202303.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=7f79a50c-4923-49f4-ab0b-6100c0893c05&interactionCount=0&landingPath=https%3A%2F%2Fwww.imperva.com%2Fblog%2Fhow-web-applications-are-attacked-through-apis%2F&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.bizibly.com/	1970-01-21 04:30:55	Name: _BUID Value: 7c218de32898c694f6bc0404e7e67823
www.imperva.com/	1970-01-21 04:30:55	Name: isReturningUser Value: true
.imperva.com/	1970-01-21 05:21:19	Name: _mkto_trk Value: id:727-WRL-406&token:_mch-imperva.com-1712719998330-94411
.imperva.com/	1969-12-31 23:59:59	Name: nlbi_2439_2147483392 Value: Sga5F/L1e1H5iZUSDugsBAAAAACHfx7AxDSGUnszOmmIGcjJ
.www.imperva.com/	1970-01-20 20:28:31	Name: reese84 Value: 3:zOKYS4PrXKxJX5FxwzYPBQ==:KedGI6iJftjXq8w8elstAaFPkpZ7Vswbu6H5/NbbPa2CKTt6/XIt5XYcbVDqz9RN/V99oUOOpjUIMWNM0vzm3dEVSxQ6DeD4VisRHzT5ZktNUZx0fML6Ev8rs19PSzg7CyKbq/f51EL/XVCINSs4LP6py2ylfOjiCi6dC5Hqv6wvoPtd9MhtowanrETT2Prrj5ONc0POc8g/BJKmdlTeTFBluBras5p23qW05VjcKMOUww9sI9ME3L1WB7O/79YK9OWmTl3U6Y7GPcX/68ibyt05OXdTHqEaCV3bJYUln0xp63Ry+u5zkNhy88uk0aWpAPif/H2c6NEFBwdd3nnr0pyVTOjp8OHmUYLXdOjiRv9UkJZs1YMWeXdrTSTEGnT9JIqAP+gqTTFm9dsGRH2t0XroB0S+83RinpvLd9zX1+puVarW1zQS9cLvEoj5MXGK9iJl+Kl+UdGPZM5OaWJKULGiry4ibVHNVBuOZE4+9FukrlfMHM/4sZ1k1HW6HgGr4MVrHWcAiSm6ooCpVuaNYB+2jPFqDD2zD5HXXOejTNXTwmp24D65jQ8sfPUT1LK0gwKgo0bpDcMR+aQC8SUElg==:mVSzPHN7Av817x5VwQRB6LEIhuUR+5KAM4FxQuo2+Zc=
www.imperva.com/	1970-01-21 05:21:19	Name: _gd_visitor Value: fb3eaf9d-2223-45dc-8d0e-86eea5123e90
www.imperva.com/	1970-01-20 19:45:34	Name: _gd_session Value: 9b15a38f-4343-44b0-8aba-a553a1dd6966
www.imperva.com/	1970-01-20 19:45:21	Name: drift_campaign_refresh Value: 5800cd31-0b0d-44c7-acbb-4ded51c24edf
www.imperva.com/	1970-01-21 04:30:55	Name: stg_last_interaction Value: Wed%2C%2010%20Apr%202024%2003:33:19%20GMT
www.imperva.com/	1970-01-21 04:30:55	Name: stg_returning_visitor Value: Wed%2C%2010%20Apr%202024%2003:33:19%20GMT
.imperva.com/	1970-01-21 04:30:55	Name: _biz_nA Value: 2
.imperva.com/	1970-01-21 04:30:55	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%2C%22Mkto%22%3A%221%22%7D
.imperva.com/	1970-01-21 04:30:55	Name: _biz_pendingA Value: %5B%5D
.6sc.co/	1970-01-21 05:21:20	Name: 6suuid Value: ac9311023aaf00007f08166643010000695c4100
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 4972ee702690bc40
www.imperva.com/	1970-01-21 05:21:20	Name: drift_aid Value: f140a4fb-999f-4d0f-a931-9b20f8668533
www.imperva.com/	1970-01-21 05:21:20	Name: driftt_aid Value: f140a4fb-999f-4d0f-a931-9b20f8668533
.imperva.com/	1970-01-21 05:11:15	Name: _pk_id.5601c189-ca1e-4728-80a2-9f7d7e128eb9.4f80 Value: 041a78a07812a7d6.1712719998.1.1712720002.1712719998.

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: [Report Only] Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7LFBNHR6BF&cid=354021102.1712719997&gtm=45je4480v9116219100za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1880755482' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro .vimeo.com .imperva.com .optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com .onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr .mktoutil.com .gstatic.com .doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com .googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com .mktoresp.com www.google.com.mx www.brighttalk.com .facebook.net ipv6.6sc.co adservice.google.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: [Report Only] Refused to load the image 'https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-114236658-1&cid=354021102.1712719997&jid=344223181&npa=1&_u=YADAAUAAAAAAACAAI~&z=1960468334' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.com www.google.com.ph imperva.piwik.pro .vimeo.com .imperva.com .optimizely.com www.google.co.ke jscloud.net www.google.co.uk www.google.com.bd b.6sc.co c.6sc.co cdn.cookielaw.org rs.fullstory.com edge.fullstory.com www.google.com.sg region1.analytics.google.com translate.google.com www.google-analytics.com .onetrust.com bam.nr-data.net js.driftt.com www.google.co.id www.google.com.vn www.google.ca www.google.lk www.google.com.au www.google.ae www.google.co.za cdn.bizibly.com www.google.com.tr .mktoutil.com .gstatic.com .doubleclick.net cdn.bizible.com www.googletagmanager.com www.google.com.pk munchkin.marketo.net js-agent.newrelic.com analytics.google.com www.youtube.com .googleapis.com www.google.co.in www.google.co.jp j.6sc.co imperva.containers.piwik.pro secure.gravatar.com .mktoresp.com www.google.com.mx www.brighttalk.com .facebook.net ipv6.6sc.co adservice.google.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://js.driftt.com/include/1712720100000/xrppvhbiz5n6.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.imperva.com/blog/how-web-applications-are-attacked-through-apis/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: www.google.de cdn.cookielaw.org www.google.it adservice.google.com .onetrust.com .imperva.com www.google.com.et www.google.co.il www.google.com.sa munchkin.marketo.net cdn.bizible.com www.google.pl .doubleclick.net www.google.com.co www.google.com.np edge.fullstory.com www.google.com.ph www.google.fr www.google-analytics.com www.google.co.th www.google.com.br www.google.es .mktoresp.com www.brighttalk.com region1.analytics.google.com translate.google.com www.google.com.ua b.6sc.co www.google.nl www.google.com.eg .optimizely.com www.google.com.hk c.6sc.co www.youtube.com jscloud.net .adroll.com www.google.com.pk .googleapis.com www.google.com.ng rs.fullstory.com .vimeo.com www.google.com.au www.google.ie www.google.com.gh www.google.co.kr www.google.com.vn www.google.com www.google.se www.google.com.my .mktoutil.com imperva.piwik.pro www.google.co.in www.googletagmanager.com .gstatic.com j.6sc.co www.google.com.tw imperva.containers.piwik.pro ipv6.6sc.co js.driftt.com bam.nr-data.net privacy-policy.truste.com www.google.co.uk analytics.google.com gc.kis.v2.scr.kaspersky-labs.com www.google.ca cdn.bizibly.com js-agent.newrelic.com .gravatar.com code.highcharts.com go.imperva.com imperva.substack.com .vimeocdn.com tag.demandbase.com ; form-action 'self' *.salesforce.com ; frame-ancestors 'self' http://thalesgroup.lookbookhq.com https://thalesgroup.lookbookhq.com http://thalesgroup.pathfactory.com https://thalesgroup.pathfactory.com http://hub-cpl.thalesgroup.com https://hub-cpl.thalesgroup.com ;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

727-wrl-406.mktoresp.com
b.6sc.co
bam.nr-data.net
c.6sc.co
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
edge.fullstory.com
geolocation.onetrust.com
go.imperva.com
imperva.containers.piwik.pro
imperva.piwik.pro
ipv6.6sc.co
j.6sc.co
js-agent.newrelic.com
js.driftt.com
munchkin.marketo.net
region1.analytics.google.com
rs.fullstory.com
stats.g.doubleclick.net
storage.googleapis.com
www.brighttalk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.imperva.com
www.youtube.com
b.6sc.co
bam.nr-data.net
104.17.71.206
104.64.124.188
104.64.167.195
142.250.185.196
142.250.186.35
142.250.74.206
152.195.15.58
162.247.243.29
18.66.192.97
192.28.144.124
2.17.147.176
2001:4860:4802:34::36
2001:4860:4802:36::178
216.58.206.72
2602:816:5001::39
2603:1020:203:3::489
2606:4700:4400::ac40:9b77
2606:4700::6813:b234
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:811::201b
2a00:1450:400c:c00::9c
2a02:26f0:ab00::214:8e41
35.186.194.58
35.201.112.186
45.60.76.225
01ec196bf73e983ac57b3769fd71e3fcc07123f0cf6998e2ed095a7a75843e8a
025cc6517481d481a9204fd763b915871854a4d54b9634843020bf30948a0f5f
02a5ffe4365f65acb73ab862a060513d00d3fa2a0a6daa4b38670b4118a852d5
05e0a282e5a38f83607fb38ec83d496da9a00e2d7825ee5a772ae4c56ed88661
0685bb5e1ab1cabc4e570a87e4daf61debf86ff6634a407efceb87988f5afa9e
08ebe79e85ad2185d2d6136020e8a5e210b120f18e7f888fa2688b7dc589073d
099d33a1d679bcfa3722a172d91742af80d45166f760db1512e4944a9d95bc23
0bfe0a14e701c455113de0aa82cbd885a9b996eeded51638699e0edb229d4425
0d5cc190ab17ffc4216e1bcf25e052261bbdc6a970d037d242dd9099d9e0b14a
0ef4267ef8c1d414d85062c3eca4a02270822af0e4dda820937a4577200d4d76
0f7dfe72f016f723dffc551a4e3c0e17492acd9494d8d8392a53f6223c1eef83
11c49b3de0d29902106ba961bfd658b60943ff5a6aebbdb84fb5a71d837f3123
1201de885b688f12d49f204e83fc09ce059ecf797b355e3fae644539a26af244
1311d7640b4c7f684b7bebcfd216631751f1eccd52f8ceb29896fa395fbe7711
14f218b835f87e84b3acdfc88a6c13f4eab52058ac5d001b518b714d4265105f
15799e5551a532f329f20935f7f365968188541c2519369e70b6fed7b4c8f5e5
190c977f5cfffc6ef67ef2bba456e93cd32fd179dfbe76bc066ef943fce85446
19dacd1b053b27b37690f754cb92fcf60d2ab9e6ae065c8f4d69e914171224ee
1c5a824e76c257d0d80730f8fa5ecd292f868f6d711612225b3e3cffa2335fad
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
1ffbe029a1392b23256c1a9f442f89da0d38049488777d46ef0a35eae62575cf
20b0ae65f9b8f7bf3638714c157445fa3e0aef502864c93eb550f88f16f55917
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
23656e9957f57d4dc83395e4d3583e0320990e1274f97c133e2afd39d15a0d39
240bec4f5eb6f06d9e04895bc0f3bae9f097cd6e97e0395dddeed14fe1ee4754
242961abafaf0f9f71d93dbfef73f3ce3573d1a7eb193c2301916f76295d8f8e
2551100dd20777b6798972d9d31e2eb9cd31e9734e02ee8a36e3839f4fc7b99b
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
28e132ea525a5b852dc1a77fcadc939ba1b70d68f321dd2ddeedc4b8a8cb93ec
28f9f564ab0d8e9c5210dc12f201f8fe050d596264d717edbeb10040117ba234
2953b84b525efe8f1e83cfa4c993ce9b300774552b147acb2d5c17b202f67213
29ddbc7c5ee98f7a9a84f12ed4fac82d97a0127de386353564fee88ebb008125
2ebabe1c299e39a1080c22169799148e969b4f0ad36340ec6aee4b3ed815a7eb
30f890a763ef761e59cf09a86be14e655e72a5231f76b32fd6a0e6114264b329
3172dc80c6e01ee4da30bb7958bea4576ecdb4d450f4a09168e66ffe894d0949
32c64c63b2b52bcc0f6ee7f41e3dc3bae3e9b07f8bbbf84671c318b74f1b77b9
33ca6e07d0173128bddbe60c2632d050a923e353ca244c8b72f89a9adb9eb436
34f804b0962777487f838ad41824b5b2efac2a2ddbc906ce83d482d45c31d715
36d0a0db6a324090d185a56ee594653c0b4ff51e6601a82a59fa5249a369a6b5
37978492749251dbeab1f130ebbc19a190d4c77887c1d2e919c0830858d8953d
3846421d9c73536b2869ff117ea84f6b0e6b764406b34523836d47d306ae4fed
3cce4475cf10e16d044494898f8ea352a7852252609164b9ee0ed7c18fdda7ea
3d225dda4cd22627a45339769c1713dd1b1b012e2a0cd0c45e51c584fde0950e
3dabd756c34ec4ab838c2232c13156e3b8918bf1911b34f206718e9cf6963791
3f9b804bf0a80e939b00167e70064895ce600b862cdd1d0eb8269763bd98dee0
3fbb573ce3936701801a8b5ad6117b3f4f3ea0c26cd4b151491705b3a4fac876
45d5183688616d1f2731c59e3b1330ef5ecd0aeb63c875321fc4a12757e0424a
4715b778c68a28824f2bd8d54e0a761a279d40b71f5def3be36aeabfc014ec45
49cd7e514d20a427de78b14e516213d02b2c7ec0cee399584eab79f889c55964
4aef0e07111798b1a34d6d447e22b83080f3a0bc3f8cba65a536460121ea4a32
511b414688342e5d4c291c08b48327770b6f081bc5b03dfbeb12062039be8516
513d397da9e7d8bb90ac27ec17e78f9a4c5490a9b506846a42ccecc6503b0ca4
51cc5cc0737cbfcc7c7e35a142af498e9784a6bf6fb14815834d8b934b2319f3
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5755a49b2a8ced97cc096160b7b822dfe5f0fbe6f03ccc76d3b4b02a6461e046
596f24a4c1ca10df756d9b6293582a99f10d1becd6cbb50f3e8a8c74f4d17505
5ac23e65f56d87a6e399a571e99f008a360d3e8de6fbe3c5de92464ae93d419b
5cff80f1e7a1f5a2ec26e2bb7e497e16987c36538a01883101482afabb044fff
5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55
5d3a7fd1356e747fac0fbffe52717d1f839d20da639548280999b2efb245c7ed
5d8fc31bf912e9e3fc7f2107ff41f6287a93cbb6414ee4497519a4416616e829
5dc69b358f9db055e7cc13e75cd82bff68f8548a10b5f12d67c0e4682c6f06d4
5f9fac8d51134fcba0174a1c8d00d921b09bcfa2159cab80c016d9c0c0e8453c
6010e83fe72ef2cd176adaca67ac9c6e3d9c92a159199eeeaf782a3331f2a0d5
60dae1ca6da53f32bd509ba4404bcaa80b9a90539c553678b8af30d320e06c13
63b6594d3b25f2fb489e20a56dc4134520399bf34380abb0c2a5ae82631f2f0a
65f088faec558ce0131e258fb36accced15a7ab999416312d9d6e58d32569c86
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
6c6e1030b23653adf9efc4d7cea424664bb37b95ff72d0cfbc6237806ec676df
6c8d043959c8141f082282f3e70f8ccceec0405e72f60c5dcdbb005e31550107
6d22e660ead72f14b0aa8e3dfc8de1da35f17e3559b489e00692f15f50faa1a6
6f2a6ab5d73300a5d6dfdb80988511d6159e3e63a574a7aec57b25d516e9e6cb
6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8
6f704a7156ec50c34bba729b656133b6099c5ee960d8271af5f8be8863b91b66
6f718bffcdd41642b71ca3b768a29cdf3584c0cb45941f70105076bb67bd61f6
71b1a3e3da3d092a081225f5b6272e4ccfe9b32d81575fb33a015a1a22dbb7d9
720db8ff50e5cf3a5d38c99b3c65ffc8426721384343448e59ee9d8e36e10fc3
7662f910f71930fd17446eedb1e9670446fb6d6959e51a8049dbd0bad3bc0bd8
76fea9e6dfec1fb360e9e76af8ecb7057cd1f7806ab67555c52a77fdb730079e
77f06ac180bf184778f65c62016b98bcf72c46a07c6b48ae4c3ca61c1d89801a
787f2af5a3fec986fabed8c2756943517347f43433471a7185c2c0eac421dc4f
78949eac36ad0be444962fa0a2885a20503fae47cd999442d301d61a5e4be0bb
7aa92f916531c82fc0110c402faacc2fd5b1e2c0b8bb85448e898f8144a2b7d9
7f5e7b50024632c020c281e469f675b3a08f935f42e148e2f90c1a01c8e6b580
7fd2e4240a153a2c752737589c0edc9833390bfa287647b41f56315ef7b7cd2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8435bb28fa650eaa8b3b37aa761b6bec783644870c0a2c57a23d4de005f0b59e
84753e5282482f8f00338058509c3e3b92da49a91309ed30273975cdce989031
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85fcd9458c2c585266ac90353442dd2edec3160b65e2e8fd5c5e39cfe9cfd741
88ce1403cc1906c46cdbaf38a96b3d30842c04fc8c6c93a4e4b0d57cd4f86360
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
8be60165f00625f3116094377a58246b598c01d24bb7e27d2983733a27e53ff3
8c3da68772482df35780186361a229c8c8e345d85ca905528b8026452387fb1a
8dc10cb3d04fc9ae6c689c05c96df3f8cd96ed973a8735c0918551fabe3cff1d
8e768be304cb57069ff9e61716ff1dd571e7d88f1dc18f00852a8fda9d0cd22a
90c1259c518e899ef16d991aad8e9a079e275295bdc623a764e0e5872c719404
924c77f09e3343d5e33569b1bf5d498d26dc31b5ef00b99ea59e89953da42c86
92e4588c227a58321a728574129e52ec244df30b90fc9a64a30ee65410104c41
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93065f7f13b59b43e639a57b95be8d2274039a09a178181be67d96c854ec4a14
96ee59eab1bfbaad9d975ffa1065e65085a86de74b8f78e8a477fed645e6be78
99eeeee64d67dfe14216184c5c639eb0a251618f620dd12818cd21290ac7aaa7
9b2c624a45d0935f9b6a6c34ace88f60da27db9db482ceca3067554f4de19f6b
a4ece158ace5ec017660f79c3fa9474ab8d0fd2dc4869c56790ab138d19ef30c
a547c99ae4a69cd1b5c3e522d451b87a4cd47d8f41e7daa0726b8a4793238629
a54f347a323cc9b7d405444751908944155cdbd50910a3f2e2b2aa73dfe88cb7
a88fa03a7f8faca508e17fe76108c5cb812e152e7af22ab1c9c2c791cbaa924c
a895bc8e5152a2401fa1cb4838d58e7fc0577dc511e9fffbeaf817c4866e433c
a993cfc76804905cd8a6e680e876b0dd8646063a0683b5cf3fbcd42453e7ffc3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b160daffaa522a02b24a9c260a50bc4c5ff7b081162f517fe343255f5d7ac5c2
b43cb8a4c12407c7253b29667f3d47ea80f3d080616d896b546bbba7146802e8
b8587bd86363574b1501f9b1612ba563d25ec14dba7d3f31efdab950dc5f8a11
bc880ae1ec3a729f651a2c6aae829de1a1c61c461187730b401018260a172e2b
bc8c33c1e543b78d1a82aee5791610a0e2a1c1c9aa85faaf652fffc6f10cd691
bd97a1ba1726d0e2dc8aa6e3628a2eb68032b2a3607c4d9239d0bd56b6e75b1e
bdaeb454f34af48fb87d4c74c39d5b7d6c26eb0a3b6dea349e3896634f71ddff
be4288cf3f5721ff4da854fdc5d9574c32ef032248b320fb61554f0be5c14111
c05540d0695ed6129ef63ef5fb8f8528e9ab4fbd49ef3f4052b295a8be077b87
c72c77d9577203f6f39747d43be9ff438e7a2307dcab86f44e1c126abc83b227
c86cdecb22fbcb95d04702eb9bb1456488357cc957efe24f794a46595ddb5b38
caf5734ae4166937cfbc7aeb501797b357daff07085043a0688764b7120c8aea
d081e7326a89fb9807555ebb1ec32b18a0af6fb6c159acc98aea83e66cf821a3
d1e9b122158ad5d4c0d60b7c0f552dc1392e60dcaf649c3827582bf4319e88f3
d29be7e9fce0240c7a41b5b271afdcf389dae25c88f9b2eeeff24842784b9da8
d37b4b075815b666679e52c8064db9533be103d107c15f861db348ea48b4865b
d3cfdc0aeea2b41a0bf11c2ed24e615f84abd0d9495e5c66fb328540819b9cb3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
ddca2fed65acd63744a897327877281b3a9e7de698c5fa1bff889d0c90940be3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4d1ff8adb72502d1b262d0a8af4c3c902ff5e37e442861f5a9fed51d75d18f
df637a6f8da956afa19f1d003a9686756e28534895fcea712d901f20238a82eb
e0ca2c05025cef9c01b466b3d0f40d6064e5fa2da6a2d10230dc9fbc0f523961
e0cd6b0c598bdfc76e7fd1ed5514164b73380299ae62ac3cbcedc678ba5cb790
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87fdfba924f8be5ac5df3763aa8e84b1b4d813e87b029c343f51fc218c26c28
ebcbb9fc249de57aa7cbb9553b91868b32164fb3081ca1a7d91c81cc28434acd
ecd393344d2673e5e8d45de969025bb1ff9d5bb937a9cdfb9498768c5c55bcc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5a68453b5c1305a6a490dd8f111de1bfb17f946eb2c4f30fa4370d9550a518
f0bf6a4ee3d2efc3e49a3a705b3b1530ea8a1dd295cf42f18972e3100350ead8
f0cb9d628c5a8d2838b78b09c99a8f920e78d59007b1458fec779fd594d6abc5
f2241497f521d0bd10d9991cda8bab016a4809a48eceb3ad4b8a27df8c21b654
f2562c9a71dd954899c607befc794d81e8353bd20df9b1b8b516f9d140a96641
f505512f270809bc07274043af94b12df1c40a727917863590c288de39b3d9fc
f9a7b6edc189c2f1569f1b80e4a8f6a4ce2ec7d3a8afbad3061ca6840057d627
fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fecca5b47d34c154646087d5c532de8b2a2447d4fec77795600f89c687fb0aad
fed4127db2f052dd15ae8947eab6b8284218919ee5471e1c25e0fc8edcafd329

www.imperva.com Open in urlscan Pro 45.60.76.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

181 Requests

99 %HTTPS

42 %IPv6

21 Domains

28 Subdomains

27 IPs

6 Countries

3652 kBTransfer

7318 kBSize

38 Cookies

18 Outgoing links

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

99 %
HTTPS

42 %
IPv6

21
Domains

28
Subdomains

27
IPs

6
Countries

3652 kB
Transfer

7318 kB
Size

38
Cookies

181 HTTP transactions
1 data transactions