patchstack.com Open in urlscan Pro
18.66.2.53 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-contro...
Submission: On September 21 via api (September 21st 2022, 7:56:36 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 9 domains to perform 57 HTTP transactions. The main IP is 18.66.2.53, located in United States and belongs to AMAZON-02, US. The main domain is patchstack.com.
TLS certificate: Issued by Amazon on March 15th 2022. Valid for: a year.

This is the only time patchstack.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	18.66.2.53 18.66.2.53	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2400:52e0:1e0... 2400:52e0:1e01::883:1	200325 (BUNNYCDN) (BUNNYCDN)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.112.59 18.66.112.59	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400d:80d::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	52.222.236.63 52.222.236.63	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	65.9.44.23 65.9.44.23	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	54.229.45.147 54.229.45.147	16509 (AMAZON-02) (AMAZON-02)
57	15

34 18.66.2.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-2-53.txl50.r.cloudfront.net

patchstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e01::883:1 (Slovenia)

ASN200325 (BUNNYCDN, DE)

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-59.fra56.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.44.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-44-23.arn54.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.45.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-45-147.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	patchstack.com patchstack.com	559 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 591 script.hotjar.com — Cisco Umbrella Rank: 779 vars.hotjar.com — Cisco Umbrella Rank: 852 in.hotjar.com — Cisco Umbrella Rank: 1671 ws34.hotjar.com Failed	69 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	90 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	131 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
3	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4682 api.omappapi.com — Cisco Umbrella Rank: 4813	46 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	387 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	147 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 797	5 KB
57	9

	Domain	Requested by
34	patchstack.com	patchstack.com cdnjs.cloudflare.com
4	cdnjs.cloudflare.com	patchstack.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.facebook.com	patchstack.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	patchstack.com www.googletagmanager.com
2	a.omappapi.com	patchstack.com a.omappapi.com
2	unpkg.com	1 redirects patchstack.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	api.omappapi.com	a.omappapi.com
0	ws34.hotjar.com Failed	script.hotjar.com
57	15

This site contains links to these domains. Also see Links.

Domain
cve.mitre.org
twitter.com
docs.patchstack.com
drive.google.com
www.linkedin.com
www.facebook.com

Subject Issuer	Validity	Valid
patchstack.com Amazon	`2022-03-15` - `2023-04-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
a.omappapi.com R3	`2022-09-04` - `2022-12-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-01` - `2022-09-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Frame ID: 68E67A2E68083569885D515FE7524E8A
Requests: 56 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 722182F9809A37B4A3274BF6629A3531
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WordPress Photospace Gallery plugin <= 2.3.5 - Broken Access Control vulnerability - Patchstack

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

96 %
HTTPS

57 %
IPv6

9
Domains

15
Subdomains

15
IPs

5
Countries

1067 kB
Transfer

2729 kB
Size

16
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38135
Title: CVE-2022-38135

Search URL Search Domain Scan URL

URL: https://twitter.com/vigov5
Title: Tien Nguyen Anh (Patchstak Alliance)

Search URL Search Domain Scan URL

URL: https://docs.patchstack.com/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://docs.patchstack.com/en/articles/2174752-app-plugin-change-log
Title: Changelog

Search URL Search Domain Scan URL

URL: https://drive.google.com/drive/u/2/folders/1VlVbJnh8nBTVtJGvuo8KjAOgstBWxQ_W
Title: Media kit

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/patchtsack/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.facebook.com/patchstackapp
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/patchstackapp
Title: Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/hackuu_
Title: hackuu

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.1/dist/lottie-interactivity.min.js

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability Show response
patchstack.com/database/vulnerability/photospace/ 40 KB
41 KB 397ms
332ms Document
text/html 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 9cf587fc756fa4747e9dda3e651c041872bbca6f7f3bb0777814c109cba4a715

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 19:56:31 GMT
server: nginx/1.20.0
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-id: 80kheuuzcj0pip3ciwKTWT_qEBhuKXScNZ3xMQgg6CtxVb8YEuke-g==
x-amz-cf-pop: TXL50-P1
x-cache: Miss from cloudfront

GET
H2 200 jquery.min.js Show response
patchstack.com/database/js/ 87 KB
31 KB 37ms
36ms Script
application/javascript 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/js/jquery.min.js
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 13:45:10 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 22281
etag: W/"62d6dea8-15d9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: NAP7Vw6YEoP4rsMUIaVm0f_Fjyjvb0wORhn-A84AB0iJX5uply8hnQ==

GET
H2 200 style.css
patchstack.com/database/css/ 243 KB
26 KB 62ms
61ms Stylesheet
text/css 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/css/style.css
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: a051232a7b329064129df99ce8da7737dbbf993f51831ca79a608e32d82b0f6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 09:14:57 GMT
content-encoding: br
last-modified: Fri, 16 Sep 2022 15:03:38 GMT
server: nginx/1.20.0
age: 38494
etag: W/"6324904a-3cbf9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: 0EAAQ5iHkx0RZnXqF6KlP8OGvH6hh1xvwpXwCDDi5OL3VTwYfJ2o9g==

GET
H2 200 swiper-bundle.css
patchstack.com/database/css/ 18 KB
5 KB 68ms
67ms Stylesheet
text/css 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/css/swiper-bundle.css
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: dbc37c13d36a16b258eee14cd25b55937eda4e23949878bf1a62d2926a2cc120

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:26:13 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 59418
etag: W/"62d6dea8-49d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: mGMz-3ji5vfghU9az4ngeFFiQcZwW_cg-rsu6KL6qPcxsAEG22u4Yg==

GET
H2 200 lottie-player.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lottie-player/1.5.6/ 331 KB
73 KB 140ms
52ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.5.6/lottie-player.min.js

Requested by

Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0a420694380bec0b640575e05e997d4c4e11223070663779a2e7a4113e63805

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://patchstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 404552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73679
timing-allow-origin: *
last-modified: Tue, 08 Mar 2022 04:04:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6226d5bb-11fcf"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mOiX5HrUZ0G8Oa1ygi6SfKNnQQzzjeKvONWOJXRJgvLxkdmERIYwk6sBrYwxh2ssP1S2HVEsV8QDh7p1i15Sz8qhOZdDW0ngJfcrX5FFgPs4rgUBi3nqOLF7OWQI31WAcBpbtCezm4iT%2B%2Bov%2F6tj%2BN9M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e55d571ec0903d-FRA
expires: Mon, 11 Sep 2023 19:56:31 GMT

GET
H2

200

lottie-interactivity.min.js Show response
unpkg.com/@lottiefiles/lottie-interactivity@1.6.1/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-interactivity@latest/dist/lottie-interactivity.min.js
https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.1/dist/lottie-interactivity.min.js

20 KB
5 KB

54ms
53ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-interactivity@1.6.1/dist/lottie-interactivity.min.js

Requested by

Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d4cb67a77ccaac1eb6226ad28e5c991a57a03a8aea99e85523b7e0df6694770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6253872
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4f2c-jEDFlsTFN2OEDC3P02SAdZDlWAQ"
fly-request-id: 01G7PDZPE79DPQM3AJF865Y4TR-fra
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 74e55d577c659969-FRA

Redirect headers

date: Wed, 21 Sep 2022 19:56:31 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GDGSPCKTRN501NCWXJPSB0XT-fra
server: cloudflare
age: 287
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /@lottiefiles/lottie-interactivity@1.6.1/dist/lottie-interactivity.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 74e55d571bda9969-FRA
access-control-allow-origin: *

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 138 KB
42 KB 145ms
42ms Script
application/javascript 2400:52e0:1e01::883:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-883 /
Resource Hash: 8ed0cf160f028d85bf93923fb8db62e21e060f2d25c0d7993a61685d1752c67c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
cdn-edgestorageid: 883
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 09/16/2022 15:23:47
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 18:59:03 GMT
cdn-proxyver: 1.02
cdn-fileserver: 435
etag: W/"6320d2f7-22757"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 45e42302cd8972c0466927405077a14d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bc-chevron.svg
patchstack.com/database/img/ 213 B
548 B 42ms
37ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/bc-chevron.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 8346e97643f2a9af71a59d9de60495527e718c95d07484e9c46859d656155283

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:28:18 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 8893
etag: "62d6dea8-d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 213
x-amz-cf-id: mJHUFhXQVyvoHQE56wQUKgpTEwXchqvo1_ZKy-u3rD-E_5sOib-Row==

GET
H2 200 plus.svg
patchstack.com/database/img/ 180 B
515 B 42ms
37ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/plus.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 678a082ff35cb330b97a3c7a321cfc630f4baa8a1994cbedb505699db3274899

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:44 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 9287
etag: "62d6dea8-b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 180
x-amz-cf-id: Jqpf-T0EK8uULzxQTMemT_RNre_579pD1ZmkJnHe7IFqZmnZPTMoMw==

GET
H2 200 menu-icon.svg
patchstack.com/database/img/ 179 B
514 B 42ms
37ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/menu-icon.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 4bd889b754a015505aafad24198446f140d59772350330a15165969f8bf72700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:03:43 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 17568
etag: "62d6dea8-b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 179
x-amz-cf-id: U56KWMTBCrhsQDCd0lf-Tr6PanR7b9C3LejXdkpIZm-lwcZi7bAbGQ==

GET
H2 200 shield-icon.svg
patchstack.com/database/img/ 1 KB
890 B 43ms
38ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/shield-icon.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d6bb5570bfe6ce540f55fe123b509709c74620212d0ca644c424e5394d7b1858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 05:51:52 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 50679
etag: W/"62d6dea8-446"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: dwWiWV8Upm22e2pSElLtQwiyqbnocnebZTI8p2j0wSbr3yWdC4xtNA==

GET
H2 200 badge.svg
patchstack.com/database/img/ 1 KB
981 B 51ms
46ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/badge.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 08637aae89dcffa467eb8387be2d73ca239d8e60ba05c8611589fe0fa501f9d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:26:13 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 59418
etag: W/"62d6dea8-5c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: SeUxfIbSQHD2NSoA6uNlS_MNFxIBOMG2jWeeKNlrrT_htIVCgHi3YQ==

GET
H2 200 not-fixed.svg
patchstack.com/database/img/ 354 B
687 B 126ms
121ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/not-fixed.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 454dd4c704a6fe7af2134cdea946d6800435b16cb31a937bf6be3937c891f35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 3726
etag: "62d6dea8-162"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 354
x-amz-cf-id: 71pqQrit7Y6TnnpHVz9K4S2AEG7G8xaekoF4mEk06XppIBSKHsg8RA==

GET
H2 200 notify-icon.svg
patchstack.com/database/img/ 272 B
605 B 66ms
61ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/notify-icon.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 090e6d63daa127b88a9f14a52658bdd810561ffbd33d3f7351aeb62b6840e545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:28:18 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 8893
etag: "62d6dea8-110"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 272
x-amz-cf-id: Al_3sOGUpzhtNAKA1xCDz_gnBAV9bl3tMobDs5UmuQddOdpY2wucUw==

GET
H2 200 exploited.svg
patchstack.com/database/img/ 560 B
894 B 66ms
62ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/exploited.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: bb1f9ed170b95168319b35a67f7f92a83fa6354bc4bc6881cd205616107fe41c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:03:43 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 17567
etag: "62d6dea8-230"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 560
x-amz-cf-id: 5ayA76QAip_YpRov6XzTwkKpU7wKOu2ToC3za2_0ekfMpGHc5iPfFg==

GET
H2 200 broadcast-icon.svg
patchstack.com/database/img/ 933 B
1 KB 66ms
62ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/broadcast-icon.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 99045a16a11f8258f456e08dd8d71c7972afcaaffd42c668e749c84651d63e6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:44 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 9287
etag: "62d6dea8-3a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 933
x-amz-cf-id: iK-KvN4A0gYJBd87IuZRMyK7HmsxAEHsaUmu4pxHKbvL7ZktBDWpCA==

GET
H2 200 broadcast-icon-dark.svg
patchstack.com/database/img/ 933 B
1 KB 67ms
62ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/broadcast-icon-dark.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 3395e114f2bc91be99a424152a43aefc51950438f4dead7461701d1bda1dfe00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:28:19 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 13:38:28 GMT
server: nginx/1.20.0
age: 8892
etag: "63077b54-3a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 933
x-amz-cf-id: iLsJhnb-f8pjNnbIQHiNBrPsVXhlR8jAv9tmvstOa5dmIpzAadTscg==

GET
H2 200 chevron-right.svg
patchstack.com/database/img/ 213 B
548 B 67ms
63ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/chevron-right.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 49fcfc90bc6f888acfa98b2b485d4e685078ff6665a633a1b9edaa38445329ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:44 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 9287
etag: "62d6dea8-d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 213
x-amz-cf-id: LXA4Zf5e6JfuWP7kWyZWkgTvdLexgXqFLMxn4kKrkYfnfouuORynVg==

GET
H2 200 info-icon.svg
patchstack.com/database/img/ 949 B
1 KB 67ms
63ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/info-icon.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 8bf9c079d4abd6f187d0ed0fde632baca2c513201cee29e0e26afafce7f7aa8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:28:18 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 8893
etag: "62d6dea8-3b5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 949
x-amz-cf-id: 2_SfQUWOLlMAmzMM_EdbCVjaf11Q4Bfk87ZiKXNPxxHEmWE28bRGoA==

GET
H2 200 link-arrow.svg
patchstack.com/database/img/ 194 B
529 B 67ms
63ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/link-arrow.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 1d035841b6b5aad2b106931ac2f29ca4724c8d21fa85954360b7db46a4215ced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:45 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 9286
etag: "62d6dea8-c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 194
x-amz-cf-id: G8hDHrGCOfccUW8N9qZFFSjEHdXpOR0T4B9Yv_iMKaQntSh3AyDzZw==

GET
H2 200 Logomark.svg
patchstack.com/database/img/ 601 B
937 B 67ms
64ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/Logomark.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: f8ce079285a57e399b81a39fbe87d7fc4e1779f9d11be33e66502028963b563c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:32:58 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 44613
etag: "62d6dea8-259"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 601
x-amz-cf-id: rIIMcjUsTr5ZmusCyZpjJVKzSUuExBuBoFANDabw1cfBhSO8d0AyyQ==

GET
H2 200 alliance.png
patchstack.com/database/img/ 273 KB
274 KB 69ms
65ms Image
image/png 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/alliance.png
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d64a0d31018bbb5ee74a16032047753f7b968747d8c454107a59cc5a6777b6c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:44 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Thu, 25 Aug 2022 13:38:28 GMT
server: nginx/1.20.0
age: 9287
etag: "63077b54-4441a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 279578
x-amz-cf-id: TmNr6o2i5lgu-1kUdRakpo8maS58eKJOZLY9Ekq4grDcuLsdbFWUfw==

GET
H2 200 chevron-right-green.svg
patchstack.com/database/img/ 213 B
548 B 108ms
104ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/chevron-right-green.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: a40abe34e1ff6123b57b7ad1f34850209aa19adc979282300b07c415b2cf7960

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:03:44 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 17567
etag: "62d6dea8-d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 213
x-amz-cf-id: Tp3sdecw7pxLTOY7B_zd5hqs4uNGGH4GbgGVdvvBCJ68E8gpmdvjQg==

GET
H2 200 linkedin.svg
patchstack.com/database/img/ 1 KB
791 B 123ms
120ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/linkedin.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: a7f78b7de3475533aa0fb45e2122f286ccb309f9bf8438c74170de92dd5ebc95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 05:11:48 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 53083
etag: W/"62d6dea8-40a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: af6JwPY_xrs7gS8nVQR03mT4RbLnZaLZniQtQQmIh5aPbup7nXoxUw==

GET
H2 200 facebook.svg
patchstack.com/database/img/ 505 B
840 B 109ms
106ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/facebook.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 42ef6dbf81b94c1ff104276fb5d6a61929594f08f094186731fe0c01bcdcb244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:03:44 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 17567
etag: "62d6dea8-1f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 505
x-amz-cf-id: kC0Jz49yW5XIrUb4jQY4cWZkS-TiIpghZ62Ti06hsYT8XltfklBijw==

GET
H2 200 twitter.svg
patchstack.com/database/img/ 1 KB
902 B 107ms
104ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/twitter.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 5b2ecea87fef266de7b797819f4ff7a9f471befda8b70986d1a9c2ee0a2441d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:18:44 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 59867
etag: W/"62d6dea8-4cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: QUkCqrU5rOtlsLk-nDYlT75R5_WSd-fnwlqmOX2DyqMWapH42mFfxg==

GET
H2 200 logo.svg
patchstack.com/database/img/ 5 KB
2 KB 123ms
120ms Image
image/svg+xml 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/logo.svg
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: d0785503c9a15701b493ba6c51a16404749c386e0601a146f60d3e8197729a0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:26:13 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 59418
etag: W/"62d6dea8-147a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: CJi1ogpfKYof5nVI1swGoHp5NMzhR5-MN2vSDERr_FnBU-3TQ6E3Uw==

GET
H2 200 close-menu-mob.png
patchstack.com/database/img/ 303 B
632 B 109ms
106ms Image
image/png 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://patchstack.com/database/img/close-menu-mob.png
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: f45ceae73526f00368510e43a67745abcac3464f93d1653bc519485c4484c87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 17:21:44 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 9287
etag: "62d6dea8-12f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 303
x-amz-cf-id: v4B1E9cwAm2gCmUzQs02-AJk3GCN7SB-4apj7aPrD_jxPSNm3_orOg==

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.5/umd/ 19 KB
7 KB 88ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.5/umd/popper.min.js

Requested by

Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 178598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6492
timing-allow-origin: *
last-modified: Tue, 05 Apr 2022 13:04:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "624c3e6c-195c"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eipd2bSEHlfzRy0OpbQuKvovBZtQhDZppLj%2FAz3r0Jc5qv58loiqwVSlW2fzi6QtvBpaxlEWAM1McSvbvX3jrkfu%2FzKW32F4dmGxsbAaLRiXo6O9ArDQuSSX7WHZ7w%2FFwV1dXdos6GYPwcSgn90nvGP3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e55d57ff759124-FRA
expires: Mon, 11 Sep 2023 19:56:31 GMT

GET
H3 200 tippy-bundle.umd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tippy.js/6.3.7/ 25 KB
8 KB 77ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tippy.js/6.3.7/tippy-bundle.umd.min.js

Requested by

Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3638625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7725
timing-allow-origin: *
last-modified: Wed, 10 Nov 2021 11:02:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "618ba6c2-1e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkIs1xomdcg%2BozDRCgRXDEvJfeqTOoh6rdwtuLnqwzdUuRqFaBkj%2F41ulUcXnAH3QUM4hVZkH0M%2F%2B%2BORE3vyFpJBdArKXhxLfLPU2rC6rFn%2BdR2HL4sPzjdHHih1CX97F2WfPLaXxkhroQGSoySJqmYV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e55d57ff7a9124-FRA
expires: Mon, 11 Sep 2023 19:56:31 GMT

GET
H2 200 swiper-bundle.min.js Show response
patchstack.com/database/js/ 133 KB
38 KB 37ms
32ms Script
application/javascript 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/js/swiper-bundle.min.js
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 1a80fdb0ec7250d9e9d076b747806820aaddd3f3809dae2c60cd142ff620f549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 13:45:10 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 22281
etag: W/"62d6dea8-212f5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: lCvWgeiiq__3uUoFs2MdMJYAc84Pe2SyoQIThI2i2h6XFzCR2XshSg==

GET
H2 200 jquery.magnific-popup.min.js Show response
patchstack.com/database/js/ 20 KB
7 KB 41ms
35ms Script
application/javascript 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/js/jquery.magnific-popup.min.js
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 07:18:13 GMT
content-encoding: br
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 45497
etag: W/"62d6dea8-4efb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: DQ_wfqXg3wqQd56hSE8P2kTLIkgeyRmshyAbLgbKmWqdbk52MKmRAg==

GET
H2 200 headroom.min.js Show response
patchstack.com/database/js/ 4 KB
2 KB 42ms
36ms Script
application/javascript 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/js/headroom.min.js
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 764de2ece9b2f3b27fccd46e55691680d5e82291ba38cd6be8c24de8f151f6c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 13:45:10 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 22281
etag: W/"62d6dea8-11df"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: y_TNCuMgeQDDElqgBpcw8l-VCzm_SeIG7ArYbQqK2ivax3VT3W6Qzg==

GET
H2 200 elements.js Show response
patchstack.com/database/js/ 6 KB
2 KB 42ms
36ms Script
application/javascript 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/js/elements.js
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: ece064b6e544a6242cf7f50f1c1118367336c77bde8cd91e60052ce3af5405a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 20:48:51 GMT
content-encoding: br
last-modified: Thu, 25 Aug 2022 13:38:36 GMT
server: nginx/1.20.0
age: 83260
etag: W/"63077b5c-1737"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: aa7p-hu3iAkQCrNDhZ8dxVaIuHc8PmtYtICrCGOeNLuNLQ09dfD84g==

GET
H3 200 circle-progress.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-circle-progress/1.2.0/ 4 KB
2 KB 107ms
85ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-circle-progress/1.2.0/circle-progress.min.js

Requested by

Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0937bbc1e32d94eb2c4372b3a85f71fdaa0fd034da75c01d0c36905a581bec5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19873673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1695
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-11a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kTj5U7WDV%2FU4FB6brrZTZ%2BQH8l%2BwAaXycTdjD2yTtAZXO%2B0IOrxJQvgr6G1AKYjobhqSwa4eZZ1kolsSUk2aSGOgaCyuTc3Bn9B3IbJ%2Bs5q74QjK7tjLKcR3l2U0BD%2BLZHrup3n2aS6UbMNGrG%2FbMkL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74e55d57ff709124-FRA
expires: Mon, 11 Sep 2023 19:56:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
74 KB 154ms
57ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZZBNRV

Requested by

Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0e5d24b26ff5fe53daa337a23e6555759c526af9897ac5e24e0b47f9c2f6248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75433
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 21 Sep 2022 19:56:31 GMT

GET
H2 200 logo-anim.json Show response
patchstack.com/database/img/ 19 KB
3 KB 105ms
105ms XHR
application/json 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/img/logo-anim.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.5.6/lottie-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cefad5aae60ab4750509d2ab08a970df72978efb9cfc4b8bc642a7360e7ac87e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:24:38 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 3726
etag: W/"62d6dea8-4ca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: B1hXv4mkOV8zA0DQu8Dq-YCRagBNxhzyCGgj0BTQFtL1Xg0LTzia3Q==

GET
H2 200 logo-anim.json Show response
patchstack.com/database/img/ 19 KB
3 KB 119ms
119ms Fetch
application/json 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/img/logo-anim.json
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/lottie-player/1.5.6/lottie-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: cefad5aae60ab4750509d2ab08a970df72978efb9cfc4b8bc642a7360e7ac87e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:24:38 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 3726
etag: W/"62d6dea8-4ca0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P1
x-amz-cf-id: mK9_MKRISUY9W2cmRfmwFmSPnL7tayonnrPg0s0MRdo-5y00fa2Vow==

GET
H2 200 Faktum-Regular.woff
patchstack.com/database/fonts/ 36 KB
36 KB 104ms
103ms Font
font/woff 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/fonts/Faktum-Regular.woff
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 615a8d12e340b70cea2a005b33addae5785078773a570cdc7ff50cc68d278866

Request headers

Referer: https://patchstack.com/database/css/style.css
Origin: https://patchstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 04:48:00 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 54511
etag: "62d6dea8-8fec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 36844
x-amz-cf-id: t20tUEqX_LtGRkXQLRrgPUlsACymUh9Ydtu3PebowfbJTrdRxik1dQ==

GET
H2 200 Faktum-Wide-Regular.woff
patchstack.com/database/fonts/ 36 KB
36 KB 116ms
116ms Font
font/woff 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/fonts/Faktum-Wide-Regular.woff
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 329ae994532d5e2176ebf09995ce33a71509bc82088cf124e1dc84b5249a4111

Request headers

Referer: https://patchstack.com/database/css/style.css
Origin: https://patchstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:58:52 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 39459
etag: "62d6dea8-8fe0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 36832
x-amz-cf-id: zQwmIwvcUWF70uhubWEV1pWbaUsiM_F1sxEnlnaWD66qWGAZrsapDQ==

GET
H2 200 Faktum-Wide-SemiBold.woff
patchstack.com/database/fonts/ 39 KB
39 KB 106ms
106ms Font
font/woff 18.66.2.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://patchstack.com/database/fonts/Faktum-Wide-SemiBold.woff
Requested by: Host: patchstack.com
URL: https://patchstack.com/database/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.2.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-2-53.txl50.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 4fb8f9059ead43cda5a1f9e01bb4fcfb7346671740e67b83dd58c2335ea8b265

Request headers

Referer: https://patchstack.com/database/css/style.css
Origin: https://patchstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 08:58:52 GMT
via: 1.1 cd23c1917193b2e0c41e6fae756e0912.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 16:41:12 GMT
server: nginx/1.20.0
age: 39459
etag: "62d6dea8-9b60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
content-length: 39776
x-amz-cf-id: ograjT_ZIuRWqbp97Szl-sQcz_27D3-ogeczLIVBGSALIWk8OKYJTg==

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 38ms
38ms Stylesheet
text/css 2400:52e0:1e01::883:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e01::883:1 , Slovenia, ASN200325 (BUNNYCDN, DE),
Reverse DNS
Software: BunnyCDN-AMS-883 /
Resource Hash: 103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 09/16/2022 15:23:47
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS-883
access-control-allow-origin: *
last-modified: Tue, 13 Sep 2022 22:31:09 GMT
cdn-proxyver: 1.02
cdn-fileserver: 454
etag: W/"632104ad-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: f54371cc40da9382acf741a4d09a88dd
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 401 95046 Show response
api.omappapi.com/v2/embed/ 165 B
612 B 265ms
170ms XHR
application/json 18.66.112.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/95046?d=patchstack.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-59.fra56.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-user-agent: standard--
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
x-cache-config: 0 0
server: Pagely Gateway/1.5.1
x-amz-cf-pop: FRA56-P5
date: Wed, 21 Sep 2022 19:56:22 GMT
vary: Accept-Encoding, User-Agent
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=120, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
content-length: 165
x-amz-cf-id: rvDRrsUBBZtLLgl9lq7S0g9f3pA2lxcVbq04whoIUd8Bzj1qu7gzug==
expires: Wed, 21 Sep 2022 19:58:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 177ms
50ms Script
text/javascript 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZZBNRV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 5338
date: Wed, 21 Sep 2022 18:27:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 20:27:33 GMT

GET
H2 200 hotjar-2306227.js Show response
static.hotjar.com/c/ 5 KB
3 KB 168ms
66ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2306227.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZZBNRV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

563f598ba8a9cd0745a21b4814e23b969565185c4dacaf0248bb8f6f03119c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/4f030606e5e7d5a409e169ed8cf209e2
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-generation-timing: 1.0001659393311
cache-control: max-age=60
x-amz-cf-id: aQyIxiw5kTtmF5F9rWXvDIYq8H45yfhLmWhOW777JB_23bpJxGorEw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 140ms
47ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZZBNRV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: Kg8DhW3wqGVcNMHcvlg+5So47Gs83DUAHMOwSIRmfQmwIA4l2HZeMKRULhOsk5GAr/CycXsBrD0PQUdmUI4mmg==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 19:56:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
73 KB 142ms
64ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V3Z4NFMXH9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5ZZBNRV

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

846f78e01b2306c3e80626c7c168b63155e68d2bdf89dc17c72a1e9230192255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:31 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74698
x-xss-protection: 0
expires: Wed, 21 Sep 2022 19:56:31 GMT

GET
H2 200 modules.f4179535429bf14e77ee.js Show response
script.hotjar.com/ 252 KB
64 KB 209ms
45ms Script
application/javascript 52.222.236.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f4179535429bf14e77ee.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2306227.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-63.fra56.r.cloudfront.net

Software

Resource Hash

54502058e97eaac693950652b3243bf71346305b1b3c5a2fa479c27dd8d5a73f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 16:01:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 100524
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=604800; includeSubDomains
content-length: 65420
access-control-allow-origin: *
last-modified: Tue, 20 Sep 2022 16:00:26 GMT
etag: "4a99ec558aff503901b33da3d9b4ec1b"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: gC6RaM3qrq1RbBBP1UAzVRstVDesKN9uzc2OA3L91e8NGL5lWaXAdA==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 92ms
45ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.83

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: mkGpxLAtFL1+OVdHdDhu1P64fG/xhffXKx6mKmJMJ5fGj5MJnduPPkfXIUgZ6IqYAF7C1JnZs1GzvPiW43a+SA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 19:56:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1368992506831736 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 219ms
172ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1368992506831736?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f77666c65b94f7cee27a019a03568a3831845bd067d38bacc9f9c8ee053b6af

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: IiKaahaRlbKj29OylQwrbHH9ojrm0bzoJSHuw82yq5Ryt7eYKVzkvWe1E3Nsan/OGo9C7HufQLvOu+GScf8njw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 21 Sep 2022 19:56:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 176ms
71ms XHR
text/plain 2a00:1450:400d:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1713727668&t=pageview&_s=1&dl=https%3A%2F%2Fpatchstack.com%2Fdatabase%2Fvulnerability%2Fphotospace%2Fwordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability&ul=en-us&de=UTF-8&dt=WordPress%20Photospace%20Gallery%20plugin%20%3C%3D%202.3.5%20-%20Broken%20Access%20Control%20vulnerability%20-%20Patchstack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=253824230&gjid=459300837&cid=711197828.1663790192&tid=UA-82646651-5&_gid=371098034.1663790192&_r=1&gtm=2wg9j05ZZBNRV&z=269833366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://patchstack.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 19:56:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patchstack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 134ms
44ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V3Z4NFMXH9&gtm=2oe9j0&_p=1713727668&cid=711197828.1663790192&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663790191&sct=1&seg=0&dl=https%3A%2F%2Fpatchstack.com%2Fdatabase%2Fvulnerability%2Fphotospace%2Fwordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability&dt=WordPress%20Photospace%20Gallery%20plugin%20%3C%3D%202.3.5%20-%20Broken%20Access%20Control%20vulnerability%20-%20Patchstack&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V3Z4NFMXH9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 19:56:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://patchstack.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame 7221 2 KB
1 KB 184ms
49ms Document
text/html 65.9.44.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2306227.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.44.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-44-23.arn54.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://patchstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1247963
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Sep 2022 09:17:07 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 978313776816dba934d16309fa2c65c8.cloudfront.net (CloudFront)
x-amz-cf-id: wBxYJhnfw4Kmr3cFZgz98gG8S4_oIF3qXRQjfcJaU1uPdyioGwaB5g==
x-amz-cf-pop: ARN54-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 141ms
46ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1368992506831736&ev=PageView&dl=https%3A%2F%2Fpatchstack.com%2Fdatabase%2Fvulnerability%2Fphotospace%2Fwordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability&rl=&if=false&ts=1663790192066&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1663790192065.625363701&it=1663790191767&coo=false&tm=1&exp=a0&rqm=GET

Requested by

Host: patchstack.com
URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 21 Sep 2022 19:56:32 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2306227/ 148 B
322 B 207ms
59ms XHR
application/json 54.229.45.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2306227/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.f4179535429bf14e77ee.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.45.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-45-147.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2

Request headers

Referer: https://patchstack.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 21 Sep 2022 19:56:32 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST content
ws34.hotjar.com/api/v2/sites/2306227/recordings/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 97ms
46ms Image
image/gif 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1368992506831736&ev=Microdata&dl=https%3A%2F%2Fpatchstack.com%2Fdatabase%2Fvulnerability%2Fphotospace%2Fwordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability&rl=&if=false&ts=1663790192570&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22WordPress%20Photospace%20Gallery%20plugin%20%3C%3D%202.3.5%20-%20Broken%20Access%20Control%20vulnerability%20%20-%20Patchstack%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22WordPress%20Photospace%20Gallery%20plugin%20%3C%3D%202.3.5%20-%20Broken%20Access%20Control%20vulnerability%20%20-%20Patchstack%22%2C%22og%3Adescription%22%3A%22Hand%20curated%2C%20verified%20and%20enriched%20vulnerability%20information%20by%20Patchstack%20security%20experts.%20Find%20all%20WordPress%20plugin%2C%20theme%20and%20core%20security%20issues.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fpatchstack.com%2Fdatabase%2Fvulnerability%2Fphotospace%2Fwordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability%22%2C%22og%3Asite_name%22%3A%22Patchstack%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fpatchstack.com%2Fdatabase%2Fimg%2Fog.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1663790192065.625363701&it=1663790191767&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://patchstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 19:56:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 21 Sep 2022 19:56:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ws34.hotjar.com
URL: https://ws34.hotjar.com/api/v2/sites/2306227/recordings/content

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
patchstack.com/	1970-01-20 06:09:57	Name: XSRF-TOKEN Value: eyJpdiI6ImdFSE4vc25uQ0wwQ2VKYWVIWlkyMGc9PSIsInZhbHVlIjoiSG5DK3k0ekRSeU1hRmJHUEt5QVk4UW9PWkIyWHpwbXZzR2FiYlhNQURJWWhrUk5HK1o2NUdKVmlrdmVOc2dKeU5HNzhVcXh5S2RXYUdhZFQyOGQ3eWRKTFl1SW9uZm5BV05VMEhybFdCcDk5cHl3OFh5VmVkQTI2MFczY09vWkciLCJtYWMiOiJlNmU0NjA4NDU3MmE0YTIzODkxMmE0OTUyYjE2MDc4NjFmZDIxNWE5M2FhZTZlMzkyZjQ1MjAyNmIxZjgxODRlIiwidGFnIjoiIn0%3D
patchstack.com/	1970-01-20 06:09:57	Name: psdb_session Value: eyJpdiI6InFZNmFZbUdWMnZUQ1VJcEpTR2VNZEE9PSIsInZhbHVlIjoia3p0ZUw1RmlBYytHK3laQ2FZU1lvblR6YjFXbzRsVGk5YXE0ZFpYeGxieEozUHR4QTRxYnBreEVrZUlHM2VpTjY3NVUvcVpnR3VuQmpZVWoyR2ZGSWp4YTM5WHFmZ1gwQjlXSFJmU28zNnQxYlRsQXp5OFBUaEJ4S0FEcDhYLzQiLCJtYWMiOiI1ZDliOGQzNWVlMWNjNzhmMTVjMWEwOTQyNDAyMTY4YTZhN2YxZDAxZTAwYzI0MmI0OTliOTUzMzUwMjQ2NGM5IiwidGFnIjoiIn0%3D
patchstack.com/	1970-01-20 15:45:50	Name: _omappvp Value: wKmwVMyvYmkA0hzPYDEsSmEtHWxIyzt3SabC46KrC1F9IDLFNey5R7tGc0sLJf3wF0xtLjwiXeG6pLEYtACF2oOH5xBWfwhM
patchstack.com/	1970-01-20 06:09:51	Name: _omappvs Value: 1663790191568
.patchstack.com/	1970-01-20 08:19:26	Name: _gcl_au Value: 1.1.1626633397.1663790192
.patchstack.com/	1970-01-20 06:11:16	Name: _gid Value: GA1.2.371098034.1663790192
.patchstack.com/	1970-01-20 06:09:50	Name: _gat_UA-82646651-5 Value: 1
.patchstack.com/	1970-01-20 15:45:50	Name: _ga_V3Z4NFMXH9 Value: GS1.1.1663790191.1.0.1663790191.0.0.0
.patchstack.com/	1970-01-20 15:45:50	Name: _ga Value: GA1.1.711197828.1663790192
.patchstack.com/	1970-01-20 08:19:26	Name: _fbp Value: fb.1.1663790192065.625363701
.patchstack.com/	1970-01-20 14:55:26	Name: _hjSessionUser_2306227 Value: eyJpZCI6IjgwNzMyNTI5LTMyNWQtNWQ2OC04ODI2LTllNTQ4NjE4ZTJmOSIsImNyZWF0ZWQiOjE2NjM3OTAxOTIwNDUsImV4aXN0aW5nIjpmYWxzZX0=
.patchstack.com/	1970-01-20 06:09:51	Name: _hjFirstSeen Value: 1
patchstack.com/	1970-01-20 06:09:50	Name: _hjIncludedInSessionSample Value: 1
.patchstack.com/	1970-01-20 06:09:51	Name: _hjSession_2306227 Value: eyJpZCI6IjFlZDc4ZDIxLTM0NWItNDk5YS1iYjRhLTc2YjQxYTIxYTdmMyIsImNyZWF0ZWQiOjE2NjM3OTAxOTIwNjksImluU2FtcGxlIjp0cnVlfQ==
patchstack.com/	1970-01-20 06:09:50	Name: _hjIncludedInPageviewSample Value: 1
.patchstack.com/	1970-01-20 06:09:51	Name: _hjAbsoluteSessionInProgress Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.omappapi.com/v2/embed/95046?d=patchstack.com Message: Failed to load resource: the server responded with a status of 401 ()
network	error	URL: https://script.hotjar.com/modules.f4179535429bf14e77ee.js(Line 1) Message: WebSocket connection to 'wss://ws34.hotjar.com/api/v2/client/ws' failed: Error during WebSocket handshake: Unexpected response code: 503
javascript	error	URL: https://patchstack.com/database/vulnerability/photospace/wordpress-photospace-gallery-plugin-2-3-5-broken-access-control-vulnerability Message: Access to XMLHttpRequest at 'https://ws34.hotjar.com/api/v2/sites/2306227/recordings/content' from origin 'https://patchstack.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://ws34.hotjar.com/api/v2/sites/2306227/recordings/content Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
api.omappapi.com
cdnjs.cloudflare.com
connect.facebook.net
in.hotjar.com
patchstack.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
unpkg.com
vars.hotjar.com
ws34.hotjar.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
ws34.hotjar.com
18.66.112.59
18.66.2.53
18.66.97.10
2001:4860:4802:32::36
2400:52e0:1e01::883:1
2606:4700::6810:7caf
2606:4700::6811:180e
2a00:1450:4001:812::2008
2a00:1450:400d:80d::200e
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
52.222.236.63
54.229.45.147
65.9.44.23
08637aae89dcffa467eb8387be2d73ca239d8e60ba05c8611589fe0fa501f9d0
090e6d63daa127b88a9f14a52658bdd810561ffbd33d3f7351aeb62b6840e545
103f4d3fbc08fff41f2ddb722186887b3d8977d2a7da27e7ed0f2f5752dc339f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a80fdb0ec7250d9e9d076b747806820aaddd3f3809dae2c60cd142ff620f549
1d035841b6b5aad2b106931ac2f29ca4724c8d21fa85954360b7db46a4215ced
2f77666c65b94f7cee27a019a03568a3831845bd067d38bacc9f9c8ee053b6af
329ae994532d5e2176ebf09995ce33a71509bc82088cf124e1dc84b5249a4111
3395e114f2bc91be99a424152a43aefc51950438f4dead7461701d1bda1dfe00
3f0fe70eb26ccf28f6887a192e29d38dd7ef7c2f079a73304ad42ddc7bed37de
42ef6dbf81b94c1ff104276fb5d6a61929594f08f094186731fe0c01bcdcb244
454dd4c704a6fe7af2134cdea946d6800435b16cb31a937bf6be3937c891f35a
46354f041f1d15b2ef3ae63228cb7116fa498f180ea9e49e442f1a561aedf7d2
49fcfc90bc6f888acfa98b2b485d4e685078ff6665a633a1b9edaa38445329ce
4bd889b754a015505aafad24198446f140d59772350330a15165969f8bf72700
4fb8f9059ead43cda5a1f9e01bb4fcfb7346671740e67b83dd58c2335ea8b265
54502058e97eaac693950652b3243bf71346305b1b3c5a2fa479c27dd8d5a73f
563f598ba8a9cd0745a21b4814e23b969565185c4dacaf0248bb8f6f03119c96
5b2ecea87fef266de7b797819f4ff7a9f471befda8b70986d1a9c2ee0a2441d9
615a8d12e340b70cea2a005b33addae5785078773a570cdc7ff50cc68d278866
678a082ff35cb330b97a3c7a321cfc630f4baa8a1994cbedb505699db3274899
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4cb67a77ccaac1eb6226ad28e5c991a57a03a8aea99e85523b7e0df6694770
764de2ece9b2f3b27fccd46e55691680d5e82291ba38cd6be8c24de8f151f6c7
8346e97643f2a9af71a59d9de60495527e718c95d07484e9c46859d656155283
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
846f78e01b2306c3e80626c7c168b63155e68d2bdf89dc17c72a1e9230192255
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8bf9c079d4abd6f187d0ed0fde632baca2c513201cee29e0e26afafce7f7aa8c
8ed0cf160f028d85bf93923fb8db62e21e060f2d25c0d7993a61685d1752c67c
99045a16a11f8258f456e08dd8d71c7972afcaaffd42c668e749c84651d63e6b
9cf587fc756fa4747e9dda3e651c041872bbca6f7f3bb0777814c109cba4a715
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a051232a7b329064129df99ce8da7737dbbf993f51831ca79a608e32d82b0f6f
a40abe34e1ff6123b57b7ad1f34850209aa19adc979282300b07c415b2cf7960
a7f78b7de3475533aa0fb45e2122f286ccb309f9bf8438c74170de92dd5ebc95
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b934ce9883949e7bceb88fa78a354125eefc85715f7e54da8ff529c94ebab0fe
bb1f9ed170b95168319b35a67f7f92a83fa6354bc4bc6881cd205616107fe41c
c0a420694380bec0b640575e05e997d4c4e11223070663779a2e7a4113e63805
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
cefad5aae60ab4750509d2ab08a970df72978efb9cfc4b8bc642a7360e7ac87e
d0785503c9a15701b493ba6c51a16404749c386e0601a146f60d3e8197729a0d
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d64a0d31018bbb5ee74a16032047753f7b968747d8c454107a59cc5a6777b6c1
d6bb5570bfe6ce540f55fe123b509709c74620212d0ca644c424e5394d7b1858
da7796caf9359015af4ecdf8c6ccbd53706ea4613932a9b6f81e442e49d5f626
dbc37c13d36a16b258eee14cd25b55937eda4e23949878bf1a62d2926a2cc120
e0937bbc1e32d94eb2c4372b3a85f71fdaa0fd034da75c01d0c36905a581bec5
e0e5d24b26ff5fe53daa337a23e6555759c526af9897ac5e24e0b47f9c2f6248
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ece064b6e544a6242cf7f50f1c1118367336c77bde8cd91e60052ce3af5405a5
f45ceae73526f00368510e43a67745abcac3464f93d1653bc519485c4484c87b
f8ce079285a57e399b81a39fbe87d7fc4e1779f9d11be33e66502028963b563c

patchstack.com Open in urlscan Pro 18.66.2.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

57 %IPv6

9 Domains

15 Subdomains

15 IPs

5 Countries

1067 kBTransfer

2729 kBSize

16 Cookies

9 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

patchstack.com Open in urlscan Pro
18.66.2.53 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

57 %
IPv6

9
Domains

15
Subdomains

15
IPs

5
Countries

1067 kB
Transfer

2729 kB
Size

16
Cookies

57 HTTP transactions
0 data transactions