urlscan.io logo urlscan.io
SecurityTrails logo

www.media24.com Open in urlscan Pro
2606:4700::6812:493a  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.media24.com/vulnerability-disclosure/
Submission: On February 23 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 36 HTTP transactions. The main IP is 2606:4700::6812:493a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.media24.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.
This is the only time www.media24.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 3 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.32.11.200 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
36 11
15    2606:4700::6812:493a (United States)

ASN13335 (CLOUDFLARENET, US)
www.media24.com
1    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    2606:4700::6813:bb61 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2606:4700:10::6814:644 (United States)

ASN13335 (CLOUDFLARENET, US)
bugcrowd.com
4    2606:4700:10::ac43:24f6 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.bugcrowdusercontent.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.32.11.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-200.vie50.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
Apex Domain
Subdomains		 Transfer
15 media24.com
www.media24.com
126 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 377
119 KB
4 bugcrowdusercontent.com
assets.bugcrowdusercontent.com
1 MB
3 bugcrowd.com
bugcrowd.com — Cisco Umbrella Rank: 511402
23 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
41 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 742
140 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
1 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
11 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 929
6 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 854
12 KB
36 10
Domain Requested by
15 www.media24.com 1 redirects www.media24.com
static.cloudflareinsights.com
6 cdn.cookielaw.org www.media24.com
cdn.cookielaw.org
4 assets.bugcrowdusercontent.com www.media24.com
bugcrowd.com
3 bugcrowd.com 1 redirects bugcrowd.com
www.media24.com
3 cdnjs.cloudflare.com www.media24.com
2 sessions.bugsnag.com d2wy8f7a9ursnm.cloudfront.net
2 www.google-analytics.com www.media24.com
www.google-analytics.com
1 d2wy8f7a9ursnm.cloudfront.net bugcrowd.com
1 static.cloudflareinsights.com www.media24.com
1 use.fontawesome.com www.media24.com
36 10
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-11 -
2023-05-11		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
bugcrowd.com
Cloudflare Inc ECC CA-3		 2022-04-18 -
2023-04-18		 a year crt.sh
bugcrowdusercontent.com
Cloudflare Inc ECC CA-3		 2022-04-17 -
2023-04-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.media24.com/vulnerability-disclosure/
Frame ID: 48B45C42F3D08EAB9C26CD94C121B8BF
Requests: 27 HTTP requests in this frame

Frame: https://www.media24.com/wp-content/themes/media24-2019/assets/images/LogoColourDark.svg
Frame ID: 4E87B144FFFE562808B85A4ABDFC19DC
Requests: 1 HTTP requests in this frame

Frame: https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/report
Frame ID: FC3369EFBA71B59EC8389E733868D6BB
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LogoColourDarkBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

  1. https://www.media24.com/vulnerability-disclosure HTTP 301
    https://www.media24.com/vulnerability-disclosure/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

36
Requests

97 %
HTTPS

90 %
IPv6

10
Domains

10
Subdomains

11
IPs

2
Countries

1852 kB
Transfer

7144 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.media24.com/vulnerability-disclosure HTTP 301
    https://www.media24.com/vulnerability-disclosure/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/script HTTP 303
  • https://assets.bugcrowdusercontent.com/assets/packs/external_submissions-79b1d8344d0af0bd8f4f9b85c7159a4706773be746a4edbcbcc00944bf447889.js

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.media24.com/vulnerability-disclosure/
Redirect Chain
  • https://www.media24.com/vulnerability-disclosure
  • https://www.media24.com/vulnerability-disclosure/
31 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
1cdc37841384ca7fd5da1e598fb47bf2055dc184adcf37d3505b2fefdb5ec6a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
79dd6a0a3b823826-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 05:03:20 GMT
link
<https://www.media24.com/wp-json/>; rel="https://api.w.org/" <https://www.media24.com/wp-json/wp/v2/pages/16942>; rel="alternate"; type="application/json" <https://www.media24.com/?p=16942>; rel=shortlink
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
79dd69f5eb013826-FRA
content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 05:03:18 GMT
location
https://www.media24.com/vulnerability-disclosure/
server
cloudflare
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
style.min.css
www.media24.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/vulnerability-disclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 21:40:05 GMT
server
cloudflare
age
55
etag
W/"15b64-5e3a282ffbccf-gzip"
vary
Accept-Encoding
content-type
text/css
cf-ray
79dd6a175a293826-FRA
all.css
use.fontawesome.com/releases/v5.7.2/css/ 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.7.2/css/all.css?ver=1
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
HZKYZFNC5XGVRQET
age
31081128
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
nkaNnG/5EbAWmbFxNYBfC8xl8Lb8i+pAV2DiFknSCHAdUQ9aMpmH/Ox94MDfayosqMgYqDe0mi4=
last-modified
Wed, 30 Jun 2021 15:45:57 GMT
server
cloudflare
etag
W/"7b1d7f457d056ace7b230b587b9f3753"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZlwWsAL6Y%2FdOOST%2BxE0mdTWHEme4DZG9PlAToDZrLCc1EAxBr5WP5mbIa9nMlJ%2FlBR6U%2Fc4QrMrDBOYLWvzksqUxoeYZrGek1zI1s%2B5iJStAgO%2FWKFXigmPnfSG5E6q60OVS7SnUCabpE32fWi9FOdvi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
79dd6a17ecf968ec-FRA
slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css?ver=1
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9790873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
394
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-559"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOdT8%2BqRo7pAr5B0rk8nv5ZQvd5iAIJbSaBATda5j%2FRNU55YfFNU2%2BjnMt7Qv4NVK2FjFep%2B3NaEU%2FUV26lrVcqURjAjRWz2H49vzautYnjC0%2Fmtl0BuA41UCbVkzcqsYwEG5afQ%2Bn7RNrVT95b9ywNh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79dd6a17ae34691b-FRA
expires
Tue, 13 Feb 2024 05:03:20 GMT
main.css
www.media24.com/wp-content/themes/media24-2019/assets/styles/ 		124 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/styles/main.css?ver=1.0.4
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc646113060e9d8ef66af217f886cf4d06a556fc6b7d2c5e234507bfccb91e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/vulnerability-disclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
age
55
etag
W/"1eef3-5c541cad42480-gzip"
vary
Accept-Encoding
content-type
text/css
cf-ray
79dd6a175a2a3826-FRA
jquery.min.js
www.media24.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/vulnerability-disclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
age
55
etag
W/"15db1-5bd3006388300-gzip"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
79dd6a175a2b3826-FRA
jquery-migrate.min.js
www.media24.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/vulnerability-disclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
age
55
etag
W/"2bd8-5b45debe27b80-gzip"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
79dd6a175a2d3826-FRA
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ewgd1d1Vp0nFNYpIMiFTtA==
age
18533
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8460
x-ms-lease-status
unlocked
last-modified
Tue, 21 Feb 2023 03:49:36 GMT
server
cloudflare
etag
0x8DB13BEA6D1E9D8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
13c93836-b01e-000b-616a-46c092000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
79dd6a17aeea2bd6-FRA
external_submissions-79b1d8344d0af0bd8f4f9b85c7159a4706773be746a4edbcbcc00944bf447889.js
assets.bugcrowdusercontent.com/assets/packs/
Redirect Chain
  • https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/script
  • https://assets.bugcrowdusercontent.com/assets/packs/external_submissions-79b1d8344d0af0bd8f4f9b85c7159a4706773be746a4edbcbcc00944bf447889.js
24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bugcrowdusercontent.com/assets/packs/external_submissions-79b1d8344d0af0bd8f4f9b85c7159a4706773be746a4edbcbcc00944bf447889.js
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Server
2606:4700:10::ac43:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b1d8344d0af0bd8f4f9b85c7159a4706773be746a4edbcbcc00944bf447889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Sep 2022 18:51:01 GMT
server
cloudflare
age
12432850
etag
W/"ce9b92efe5c2acceed81d4cbde26a7fc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
79dd6a1c2d4f30d8-FRA

Redirect headers

date
Thu, 23 Feb 2023 05:03:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com cdn.segment.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com *.freshworks.com *.freshdesk.com www.youtube.com; img-src 'self' bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' *.freshworks.com *.freshdesk.com assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
p3p
CP="This is not a P3P policy, you can view our privacy policy at bugcrowd.com/privacy"
x-xss-protection
1; mode=block
x-request-id
53d81565-4010-4a7b-853a-599e2b17c763
x-runtime
0.017926
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
location
https://assets.bugcrowdusercontent.com/assets/packs/external_submissions-79b1d8344d0af0bd8f4f9b85c7159a4706773be746a4edbcbcc00944bf447889.js
cache-control
no-cache
cf-ray
79dd6a18ad0192bd-FRA
fb.svg
www.media24.com/wp-content/themes/media24-2019/assets/images/ 		2 KB
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/images/fb.svg
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c87367c6c5368ce9e66a548f806e55c4177caa94b5c7359bede3f6b5cc669e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/vulnerability-disclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
age
54
etag
W/"6d3-5c541cad42480"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
79dd6a183b5a3826-FRA
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.js?ver=1.0
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8505335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9564
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-ab69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RuttCZTzCHsyCOHb3apTeyGhQxY5mWor3Up08IbeBnfcnTbwTV1LJFM0fgl%2FCNVBEKM5gjnC4p7g01nLk6i%2FduDgigSudZ%2BubgtTqBuTmEwxYUy0x6oh71FAaEkoGqKgSPQJ9LCHGlCKVRf1H%2BSnCvGv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79dd6a17ee6d691b-FRA
expires
Tue, 13 Feb 2024 05:03:20 GMT
foundation.min.js
cdnjs.cloudflare.com/ajax/libs/foundation/6.5.3/js/ 		170 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/foundation/6.5.3/js/foundation.min.js?ver=1.0
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcf1710a7b0c87e9d3b8cd24dd524245c8758309c27ca8da3fcac936ae52a018
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1905448
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30601
last-modified
Mon, 04 May 2020 16:10:14 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e66-2a8b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BilxhdWYI0CpJXRRbPMiH7BPFvncuewxVo01ak7pzslv%2BtTaw0JrbauzKZwJ2iVkjiFgQHA0%2Bxvoy3ZGznar3HRNj9O4xu4usoRbxxqQGXGXKygyQRPAuGQ857gxHxOuCLSVlwu1khJCzPq3DbJNJNUd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
79dd6a181f663837-FRA
expires
Tue, 13 Feb 2024 05:03:20 GMT
main.js
www.media24.com/wp-content/themes/media24-2019/assets/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/scripts/main.js?ver=1.0
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75a699d73a76c52eda1122830fdab9ceee4c9f794f415f6039ec2aac87b1f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/vulnerability-disclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
age
55
etag
W/"90f-5c541cad42480-gzip"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
79dd6a181b383826-FRA
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://www.media24.com/
Origin
https://www.media24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
79dd6a188fb7382b-FRA
wp-emoji-release.min.js
www.media24.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/vulnerability-disclosure/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 May 2022 20:23:37 GMT
server
cloudflare
age
54
etag
W/"48b9-5dfeff6f64957-gzip"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
79dd6a183b5d3826-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Feb 2023 03:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
6674
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Thu, 23 Feb 2023 05:12:06 GMT
eca20956-2189-4400-8825-37a83bb9cb03.json
cdn.cookielaw.org/consent/eca20956-2189-4400-8825-37a83bb9cb03/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/eca20956-2189-4400-8825-37a83bb9cb03/eca20956-2189-4400-8825-37a83bb9cb03.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19897cd602bd6620406d41b31a62a5e73464e1e7dd2e0a4aa889796de860d1d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LmJsyKB0dreFPpMQwK1/cg==
age
61967
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1263
x-ms-lease-status
unlocked
last-modified
Mon, 20 Sep 2021 09:05:29 GMT
server
cloudflare
etag
0x8D97C15CB172021
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
6228e3b2-001e-0134-595b-49311b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
79dd6a187c6d3a78-FRA
expires
Fri, 24 Feb 2023 05:03:20 GMT
icomoon.ttf
www.media24.com/wp-content/themes/media24-2019/assets/fonts/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/fonts/icomoon.ttf
Requested by
Host: www.media24.com
URL: https://www.media24.com/wp-content/themes/media24-2019/assets/styles/main.css?ver=1.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a8ba9e543f4217964438aa01f627dada77a799f9b6c1d21f76852616d5f7c32

Request headers

Referer
https://www.media24.com/wp-content/themes/media24-2019/assets/styles/main.css?ver=1.0.4
Origin
https://www.media24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
age
54
etag
W/"dd4-5c541cad42480"
vary
Accept-Encoding
content-type
font/ttf
cf-ray
79dd6a183b643826-FRA
HelveticaNeueLTStd-Bold.otf
www.media24.com/wp-content/themes/media24-2019/assets/fonts/ 		28 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/fonts/HelveticaNeueLTStd-Bold.otf
Requested by
Host: www.media24.com
URL: https://www.media24.com/wp-content/themes/media24-2019/assets/styles/main.css?ver=1.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5d07331db723c013012d0792e68759d3c09bb44f00da0c1471498c7e89a1451

Request headers

Referer
https://www.media24.com/wp-content/themes/media24-2019/assets/styles/main.css?ver=1.0.4
Origin
https://www.media24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
age
54
etag
W/"71b4-5c541cad42480"
vary
Accept-Encoding
content-type
font/ttf
cf-ray
79dd6a183b663826-FRA
HelveticaNeueLTStd-Light.otf
www.media24.com/wp-content/themes/media24-2019/assets/fonts/ 		28 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/fonts/HelveticaNeueLTStd-Light.otf
Requested by
Host: www.media24.com
URL: https://www.media24.com/wp-content/themes/media24-2019/assets/styles/main.css?ver=1.0.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f6a454460e1cbc10c50d4cc9c556bb7e5cf36bebacd6eff87a22fa3ef35eafe

Request headers

Referer
https://www.media24.com/wp-content/themes/media24-2019/assets/styles/main.css?ver=1.0.4
Origin
https://www.media24.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
age
54
etag
W/"7134-5c541cad42480"
vary
Accept-Encoding
content-type
font/ttf
cf-ray
79dd6a183b683826-FRA
LogoColourDark.svg
www.media24.com/wp-content/themes/media24-2019/assets/images/ Frame 4E87 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/images/LogoColourDark.svg
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7137a7567b2f391a40eca5c8fbb6b699bad01e6a983f0b4bb4ed707faf2215a4

Request headers

Referer
https://www.media24.com/vulnerability-disclosure/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54
cf-cache-status
HIT
cf-ray
79dd6a184b743826-FRA
content-encoding
br
content-type
image/svg+xml
date
Thu, 23 Feb 2023 05:03:20 GMT
etag
W/"1731-5c541cad42480"
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
vary
Accept-Encoding
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.18.0/ 		377 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
cIchS4lr7UaDx9LQCq2apA==
age
56246
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
85787
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:55 GMT
server
cloudflare
etag
0x8D91E52BCFB1A90
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
8410bbf9-f01e-0121-31dd-0bf382000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
79dd6a18b8282bd6-FRA
LogoColourDark.svg
www.media24.com/wp-content/themes/media24-2019/assets/images/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/wp-content/themes/media24-2019/assets/images/LogoColourDark.svg
Requested by
Host: www.media24.com
URL: https://www.media24.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7137a7567b2f391a40eca5c8fbb6b699bad01e6a983f0b4bb4ed707faf2215a4

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.media24.com/vulnerability-disclosure/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 21 Jun 2021 07:40:50 GMT
server
cloudflare
age
54
etag
W/"1731-5c541cad42480"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
79dd6a18ec153826-FRA
collect
www.google-analytics.com/j/ 		3 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2098647235&t=pageview&_s=1&dl=https%3A%2F%2Fwww.media24.com%2Fvulnerability-disclosure%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1070818488&gjid=1826829403&cid=46973274.1677128600&tid=UA-109368688-2&_gid=504517368.1677128600&_r=1&_slc=1&z=1336856845
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.media24.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Feb 2023 05:03:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.media24.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/eca20956-2189-4400-8825-37a83bb9cb03/7da8effe-cd56-4e53-be90-89c75b3272d9/ 		31 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/eca20956-2189-4400-8825-37a83bb9cb03/7da8effe-cd56-4e53-be90-89c75b3272d9/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb5def0d5de37a67871fa2e171d59a894d6bccfd71343d864e95fde985b0512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Lg2yTzW9xk+SoSQtzStDlg==
age
61966
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
9744
x-ms-lease-status
unlocked
last-modified
Mon, 20 Sep 2021 09:05:31 GMT
server
cloudflare
etag
0x8D97C15CC929360
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
dca336f7-c01e-00ea-2d5b-4927e7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
79dd6a193d2a3a78-FRA
expires
Fri, 24 Feb 2023 05:03:20 GMT
otFlat.json
cdn.cookielaw.org/scripttemplates/6.18.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
MrQfM8mTXwqoZ1+V6sXNuw==
age
61966
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
2938
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:48 GMT
server
cloudflare
etag
0x8D91E52B88C8775
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
70be0ced-001e-00fc-69d3-48e679000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
79dd6a197d723a78-FRA
otPcPanel.json
cdn.cookielaw.org/scripttemplates/6.18.0/assets/v2/ 		47 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.18.0/assets/v2/otPcPanel.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.18.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:bb61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbd89775249b84792efdf669aeb157ad3e8d8e8e7f5d4d5b4a2c74e199bddc39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.media24.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 23 Feb 2023 05:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
2g8ZYN+WBSlZ/5k1miqWvg==
age
61966
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
11471
x-ms-lease-status
unlocked
last-modified
Mon, 24 May 2021 01:24:49 GMT
server
cloudflare
etag
0x8D91E52B990E2B7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a9829629-801e-0148-0ecc-4fac2e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
79dd6a197d733a78-FRA
report
bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/ Frame FC33 		196 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/report
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/script
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9c3660bff59ddf18cdae05a6cf0049f31e739f45ce8244f58951c1c4b6de7e1
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com cdn.segment.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: https://assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-ancestors *.media24.com; frame-src 'self' *.facebook.com *.twitter.com *.freshworks.com *.freshdesk.com www.youtube.com; img-src 'self' https://bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com https://bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com; script-src 'strict-dynamic' 'self' https://assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net 'nonce-HXTie7Y4YN7cXKO2NhOiX6OmRhfxZ6edio3snx1tQTQ=' 'unsafe-inline'; style-src 'unsafe-inline' *.freshworks.com *.freshdesk.com https://assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://www.media24.com/
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.media24.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
79dd6a1c5f5792bd-FRA
content-encoding
gzip
content-security-policy
default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com cdn.segment.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: https://assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-ancestors *.media24.com; frame-src 'self' *.facebook.com *.twitter.com *.freshworks.com *.freshdesk.com www.youtube.com; img-src 'self' https://bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com https://bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com; script-src 'strict-dynamic' 'self' https://assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net 'nonce-HXTie7Y4YN7cXKO2NhOiX6OmRhfxZ6edio3snx1tQTQ=' 'unsafe-inline'; style-src 'unsafe-inline' *.freshworks.com *.freshdesk.com https://assets.bugcrowdusercontent.com; upgrade-insecure-requests; report-uri /csp
content-type
text/html; charset=utf-8
date
Thu, 23 Feb 2023 05:03:21 GMT
etag
W/"a9c3660bff59ddf18cdae05a6cf0049f"
p3p
CP="This is not a P3P policy, you can view our privacy policy at bugcrowd.com/privacy"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
ALLOW-FROM https://www.media24.com/
x-permitted-cross-domain-policies
none
x-request-id
2e8d3007-bd1f-458b-9fd4-3a599c710508
x-runtime
0.070486
x-xss-protection
1; mode=block
csp
bugcrowd.com/ Frame FC33 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://bugcrowd.com/csp
Requested by
Host: www.media24.com
URL: https://www.media24.com/vulnerability-disclosure/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:644 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; base-uri 'self'; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com cdn.segment.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com *.freshworks.com *.freshdesk.com www.youtube.com; img-src 'self' bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' *.freshworks.com *.freshdesk.com assets.bugcrowdusercontent.com; report-uri /csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/report
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/csp-report

Response headers

x-runtime
0.005010
date
Thu, 23 Feb 2023 05:03:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
content-security-policy
default-src 'none'; base-uri 'self'; connect-src 'self' *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com cdn.segment.com *.segment.io wss://*.intercom.io syndication.twitter.com notify.bugsnag.com sessions.bugsnag.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com bugcrowd-attachments-us-east-1-production.s3.amazonaws.com; font-src data: assets.bugcrowdusercontent.com *.heapanalytics.com heapanalytics.com *.intercomcdn.com; form-action 'self'; frame-src 'self' *.facebook.com *.twitter.com *.freshworks.com *.freshdesk.com www.youtube.com; img-src 'self' bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com data: *.bugcrowdusercontent.com *.facebook.com *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercomassets.com *.intercomcdn.com *.freshworks.com *.freshdesk.com *.twitter.com *.wp.com t.co platform.slack-edge.com notify.bugsnag.com; media-src 'self' js.intercomcdn.com bugcrowd.com bugcrowd-attachments-us-east-1-production.s3.us-east-1.amazonaws.com; script-src 'strict-dynamic' 'self' assets.bugcrowdusercontent.com *.facebook.com *.facebook.net *.google-analytics.com *.heapanalytics.com heapanalytics.com *.intercom.io *.intercomcdn.com *.freshworks.com *.freshdesk.com *.segment.com *.twitter.com api.usemessages.com d2wy8f7a9ursnm.cloudfront.net; style-src 'unsafe-inline' *.freshworks.com *.freshdesk.com assets.bugcrowdusercontent.com; report-uri /csp
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
cache-control
no-cache
cf-ray
79dd6a1da82e92bd-FRA
x-xss-protection
1; mode=block
x-request-id
c095dab9-3f8a-4836-ac59-d5984453988c
main-089fe70bcc541f7b80ecaf98f02d4827dd25862032c1996489965fefa478b9b7.css
assets.bugcrowdusercontent.com/assets/ Frame FC33 		786 KB
124 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bugcrowdusercontent.com/assets/main-089fe70bcc541f7b80ecaf98f02d4827dd25862032c1996489965fefa478b9b7.css
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
089fe70bcc541f7b80ecaf98f02d4827dd25862032c1996489965fefa478b9b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 02:49:31 GMT
server
cloudflare
age
93261
etag
W/"aba9597acf9f1760ec6fd01bc12bc0a6"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
79dd6a1daeb030d8-FRA
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v4/ Frame FC33 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/report
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.11.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-11-200.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b25a37870e2a2df1197250f5e9befbbcc689663262ffacd7f53ccd0693411525

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Fri, 13 Jan 2023 01:13:30 GMT
x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 19cd9c9f4eb51e9e5c75add1d4b6f304.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
VIE50-C2
Age
3556192
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 01 Aug 2018 09:43:25 GMT
Server
AmazonS3
ETag
W/"bcae2fab7aadf79a0f44f171109e4a9e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=315360000
X-Amz-Cf-Id
g2JK9JZs8-2Z_vTr8tGwQy1nq7KB1w9D1hLcQRLEPb5IFh82jzbSgA==
/
sessions.bugsnag.com/ Frame FC33 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v4/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://bugcrowd.com/
Bugsnag-Sent-At
2023-02-23T05:03:21.359Z
accept-language
de-DE,de;q=0.9
Bugsnag-Api-Key
1abbd896a93c9cf3e0784ea585f4c690
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 23 Feb 2023 05:03:21 GMT
via
1.1 google
bugsnag-session-uuid
10549d5c-1741-4566-96c8-07ae56729c79
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://bugcrowd.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 23 Feb 2023 05:03:21 GMT
via
1.1 google
application-a32a0ad63cf8a597b4de49ed30111f4081bd537c83cf13ac6bcb2c9eb608a610.js
assets.bugcrowdusercontent.com/assets/ Frame FC33 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bugcrowdusercontent.com/assets/application-a32a0ad63cf8a597b4de49ed30111f4081bd537c83cf13ac6bcb2c9eb608a610.js
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a32a0ad63cf8a597b4de49ed30111f4081bd537c83cf13ac6bcb2c9eb608a610

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 12:47:38 GMT
server
cloudflare
age
41543
etag
W/"d95c50b3a822b706c6d13e5c953bfd8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
79dd6a1f585330d8-FRA
external_submissions_content-17571ea49506eae7ed7b755fc113c231277638b2d59d99f87254cfbc977bae68.js
assets.bugcrowdusercontent.com/assets/packs/ Frame FC33 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bugcrowdusercontent.com/assets/packs/external_submissions_content-17571ea49506eae7ed7b755fc113c231277638b2d59d99f87254cfbc977bae68.js
Requested by
Host: bugcrowd.com
URL: https://bugcrowd.com/9329889d-0dda-42b3-8b94-cdeb791d3817/external/report
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:24f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17571ea49506eae7ed7b755fc113c231277638b2d59d99f87254cfbc977bae68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bugcrowd.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 23 Feb 2023 05:03:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Sep 2022 18:51:01 GMT
server
cloudflare
age
12432850
etag
W/"50549a266a914306a392cc9bccc704b5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
79dd6a1f585830d8-FRA
truncated
/ Frame FC33 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
817b80432503692ada0669b72f981f9847e4371b8fab2bb2e05a1099e2914034

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FC33 		171 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8525f1483dedefcedee5cb390d68c4ec4408f6e2dc7902955224052f5e2bae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC33 		322 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd1fa57d761addf01dedc1c4474c6a4ad3fcfcc77eb178c1e899463313289209

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame FC33 		447 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61b8fbdff198fadc2aa0c0ca71b52b2cb045d92b0cc9bd6022f5cafa78f363d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame FC33 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9279c27a494914bfb8336cd2074442fde17960a1fb66981b4eb0ea8ae4424589

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
rum
www.media24.com/cdn-cgi/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.media24.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:493a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.media24.com/vulnerability-disclosure/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type
application/json

Response headers

date
Thu, 23 Feb 2023 05:03:22 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.media24.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
79dd6a258a003826-FRA

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga object| OneTrustStub function| OptanonWrapper object| Foundation object| CoreUtils object| Box function| onImagesLoaded object| MediaQuery object| Motion object| Nest function| Timer object| Triggers function| Abide function| Accordion function| AccordionMenu function| Drilldown function| Dropdown function| DropdownMenu function| Equalizer function| Interchange function| Magellan function| OffCanvas function| Orbit function| ResponsiveMenu function| ResponsiveToggle function| Reveal function| Slider function| SmoothScroll function| Sticky function| Tabs function| Toggler function| Tooltip function| ResponsiveAccordionTabs object| default object| twemoji object| wp string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| __cfBeacon object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Optanon object| OneTrust function| iFrameResize

6 Cookies

Domain/Path Name / Value
.media24.com/ Name: __cf_bm
Value: 4RuTCCCjMUtdMM3swggkbXDvIpbPbRTKdfYIpKJzr.4-1677128598-0-AUr8/umahefE3/VIaWz/6MOOHVtU4KuL3lkY8jK2ul0OrRlEapflS8H/QyhFhQ7LBLh4aL7r6vqdsqFndDYBnuY=
.media24.com/ Name: _ga
Value: GA1.2.46973274.1677128600
.media24.com/ Name: _gid
Value: GA1.2.504517368.1677128600
.media24.com/ Name: _gat
Value: 1
.www.media24.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Thu+Feb+23+2023+05%3A03%3A20+GMT%2B0000+(GMT)&version=6.18.0&hosts=&consentId=7f283851-f5c7-4b36-97b4-1960a147da21&interactionCount=0&landingPath=https%3A%2F%2Fwww.media24.com%2Fvulnerability-disclosure%2F&groups=C0001%3A1%2CC0002%3A1
.bugcrowd.com/ Name: __cf_bm
Value: fCj1J5hCYlghcxgfa1dFlxwWHFZPnwqZMMNOyBddjOI-1677128600-0-AeNiCo2neFP9/0NtwThAYP9mh6IT6KsRsWqwq/y3jvYQ7m9AlxK5zZH4py48C3CyG/0lmvqSloxka5MUzj5+xRE=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.bugcrowdusercontent.com
bugcrowd.com
cdn.cookielaw.org
cdnjs.cloudflare.com
d2wy8f7a9ursnm.cloudfront.net
sessions.bugsnag.com
static.cloudflareinsights.com
use.fontawesome.com
www.google-analytics.com
www.media24.com
13.32.11.200
2600:1901:0:7a0b::
2606:4700:10::6814:644
2606:4700:10::ac43:24f6
2606:4700::6810:3965
2606:4700::6811:190e
2606:4700::6812:493a
2606:4700::6813:bb61
2606:4700:e2::ac40:840f
2a00:1450:400d:803::200e
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
089fe70bcc541f7b80ecaf98f02d4827dd25862032c1996489965fefa478b9b7
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
17571ea49506eae7ed7b755fc113c231277638b2d59d99f87254cfbc977bae68
19897cd602bd6620406d41b31a62a5e73464e1e7dd2e0a4aa889796de860d1d8
1cdc37841384ca7fd5da1e598fb47bf2055dc184adcf37d3505b2fefdb5ec6a8
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3c87367c6c5368ce9e66a548f806e55c4177caa94b5c7359bede3f6b5cc669e3
4a8ba9e543f4217964438aa01f627dada77a799f9b6c1d21f76852616d5f7c32
4f6a454460e1cbc10c50d4cc9c556bb7e5cf36bebacd6eff87a22fa3ef35eafe
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
61b8fbdff198fadc2aa0c0ca71b52b2cb045d92b0cc9bd6022f5cafa78f363d2
7137a7567b2f391a40eca5c8fbb6b699bad01e6a983f0b4bb4ed707faf2215a4
79b1d8344d0af0bd8f4f9b85c7159a4706773be746a4edbcbcc00944bf447889
817b80432503692ada0669b72f981f9847e4371b8fab2bb2e05a1099e2914034
9279c27a494914bfb8336cd2074442fde17960a1fb66981b4eb0ea8ae4424589
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9eb5def0d5de37a67871fa2e171d59a894d6bccfd71343d864e95fde985b0512
a32a0ad63cf8a597b4de49ed30111f4081bd537c83cf13ac6bcb2c9eb608a610
a9c3660bff59ddf18cdae05a6cf0049f31e739f45ce8244f58951c1c4b6de7e1
b25a37870e2a2df1197250f5e9befbbcc689663262ffacd7f53ccd0693411525
bc646113060e9d8ef66af217f886cf4d06a556fc6b7d2c5e234507bfccb91e5a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf8fce049c8e10f0a036f50f5eb7c8dde06dc5bee833635f9db82de6f51f2418
d5d07331db723c013012d0792e68759d3c09bb44f00da0c1471498c7e89a1451
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
da9a77e15c8cbf2596563d3bc8020cc9e547d2b99976a0b77f5eeadf1c492feb
dd1fa57d761addf01dedc1c4474c6a4ad3fcfcc77eb178c1e899463313289209
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75a699d73a76c52eda1122830fdab9ceee4c9f794f415f6039ec2aac87b1f6a
eb1fa7363d6e4772f7c49d67f031d68f209e66de6c3c05aade6fdc57a02505c1
f8525f1483dedefcedee5cb390d68c4ec4408f6e2dc7902955224052f5e2bae4
fbd89775249b84792efdf669aeb157ad3e8d8e8e7f5d4d5b4a2c74e199bddc39
fcf1710a7b0c87e9d3b8cd24dd524245c8758309c27ca8da3fcac936ae52a018