www.sitepoint.com Open in urlscan Pro
54.148.84.95  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

• https://ad.doubleclick.net/ddm/trackimp/N728909.1903882NATIVE.COM/B21110030.220866708;dc_trk_aid=419022014;dc_trk_cid=101290709;ord=[1528210270];dc_lat=;dc_rdid=;tag_for_child_directed_treatment= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N728909.1903882NATIVE.COM/B21110030.220866708;dc_pre=CPvwsPPivNsCFVYq4AodVCMElw;dc_trk_aid=419022014;dc_trk_cid=101290709;ord=[1528210270];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=

Request Chain 88

• https://d.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW?pv=92763796817.6404&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F HTTP 302
• https://s.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW/LO4TP2UD6JCT5HI4PCTLIH.js

Request Chain 92

• https://d.adroll.com/cm/r/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV HTTP 302
• https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 93

• https://d.adroll.com/cm/b/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ

Request Chain 94

• https://d.adroll.com/cm/x/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV HTTP 302
• https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ%27)

Request Chain 95

• https://d.adroll.com/cm/l/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV HTTP 302
• https://idsync.rlcdn.com/377928.gif?partner_uid=c99c410b9c680af99bfee13c09c2b79d HTTP 302
• https://idsync.rlcdn.com/377928.gif?partner_uid=c99c410b9c680af99bfee13c09c2b79d&redirect=1

Request Chain 96

• https://d.adroll.com/cm/o/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=c99c410b9c680af99bfee13c09c2b79d HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c99c410b9c680af99bfee13c09c2b79d

Request Chain 97

• https://d.adroll.com/cm/g/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV&google_nid=adroll5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=yZxBC5xoCvmb_uE8CcK3nQ&google_ula=1535926 HTTP 302
• https://d.adroll.com/cm/g/in?google_ula=1535926,0

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/	75 KB 24 KB	2153ms 1618ms	Document text/html	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash 4af01cf8cb5adf879135802618d68c6724392c16d42e779b6715cf051443af65 Request headers Host www.sitepoint.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6E82C2117BFF3D85D56450678B861879 Response headers Content-Encoding gzip content-type text/html; charset=UTF-8 date Tue, 05 Jun 2018 14:51:09 GMT link <https://www.sitepoint.com/wp-json/>; rel="https://api.w.org/", <https://www.sitepoint.com/?p=5196>; rel=shortlink referrer-policy server Apache/2.4.10 (Debian) Vary X-Forwarded-Proto,Accept-Encoding X-Powered-By Express transfer-encoding chunked
GET S	200	css fonts.googleapis.com/	2 KB 445 B	26ms 24ms	Stylesheet text/css	172.217.22.106 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:900,900italic,700,700italic,400,400italic,300,300italic Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.22.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f106.1e100.net Software ESF / Resource Hash aa38ea9b16f014f9682b45ef1fc1ef00a24eac3c1db07f05e4feacac54b9a958 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:11 GMT content-encoding gzip server ESF status 200 x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" x-xss-protection 1; mode=block expires Tue, 05 Jun 2018 14:51:11 GMT
GET H/1.1	200 OK	font-awesome.min.css maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/	23 KB 6 KB	28ms 15ms	Stylesheet text/css	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:11 GMT Content-Encoding gzip Last-Modified Sat, 17 Feb 2018 21:46:17 GMT Connection Keep-Alive ETag "1518903977" Vary Accept-Encoding X-Cache HIT Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Hello-Human Say hello back! @getBootstrapCDN on Twitter Accept-Ranges bytes Content-Length 5442
GET S	200	analytics.js Show response www.google-analytics.com/	34 KB 14 KB	9ms 6ms	Script text/javascript	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 18 May 2018 01:10:24 GMT server Golfe2 age 6905 date Tue, 05 Jun 2018 12:56:07 GMT vary Accept-Encoding content-type text/javascript status 200 cache-control public, max-age=7200 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 14386 expires Tue, 05 Jun 2018 14:56:07 GMT
GET S	200	polyfill.min.js Show response cdn.polyfill.io/v2/	222 B 578 B	36ms 6ms	Script application/javascript	151.101.14.109 Fastly
General Check archive.org Show headers Download Go to Full URL https://cdn.polyfill.io/v2/polyfill.min.js?features=IntersectionObserver Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 151.101.14.109 San Francisco, United States, ASN54113 (FASTLY - Fastly, US), Reverse DNS Software Cowboy / Resource Hash cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubdomains; preload content-encoding gzip x-content-type-options nosniff age 0 x-cache HIT status 200 content-length 166 x-xss-protection 1; mode=block x-served-by cache-fra19132-FRA access-control-allow-origin * server Cowboy x-timer S1528210272.281551,VS0,VE1 x-frame-options sameorigin date Tue, 05 Jun 2018 14:51:12 GMT vary Accept-Encoding, User-Agent content-type application/javascript;charset=utf-8 via 1.1 vegur, 1.1 varnish cache-control public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800 accept-ranges bytes timing-allow-origin * x-cache-hits 2
GET S	200	sitepoint.js Show response cdn-s2s.buysellads.net/pub/	10 KB 3 KB	56ms 5ms	Script application/javascript	94.31.29.32 netDNA
General Check archive.org Show headers Download Go to Full URL https://cdn-s2s.buysellads.net/pub/sitepoint.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 94.31.29.32 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US), Reverse DNS 94.31.29.32.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash e512ac3a04b810037978ec6e10cd64ba3720152ac864c43ec62bb3f0af0ff634 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:11 GMT content-encoding gzip last-modified Wed, 14 Mar 2018 15:16:33 GMT server NetDNA-cache/2.2 etag W/"5aa93cd1-289b" x-cache HIT content-type application/javascript status 200
GET S	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	320 KB 64 KB	45ms 11ms	Script application/javascript	104.16.204.165 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 104.16.204.165 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Resource Hash 99079d330a0b68b0bc71e7a955015743959992b85f05292c72dc715f8c532583 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 05 Jun 2018 00:17:30 GMT server cloudflare etag W/"5b15d69a-4ff61" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript status 200 cache-control public, max-age=259200 cf-ray 426374b9c80196e2-FRA expires Fri, 08 Jun 2018 14:51:12 GMT
GET H/1.1	200 OK	wp-parsely.css www.sitepoint.com/wp-content/plugins/wp-parsely/	990 B 1 KB	356ms 184ms	Stylesheet text/css	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1528170318 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash a16cb579a07a13ccf16f3cb1c4e4ed4552bdaee66c4b2199e4bcc2119c72485b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 03:45:27 GMT referrer-policy x-cache-lookup HIT from ip-172-31-30-199.us-west-2.compute.internal:3128 last-modified Tue, 05 Jun 2018 03:27:56 GMT server Apache/2.4.10 (Debian) age 39944 X-Powered-By Express Vary X-Forwarded-Proto,Accept-Encoding x-cache HIT from ip-172-31-30-199.us-west-2.compute.internal content-type text/css cache-control max-age=31536000 accept-ranges bytes Content-Length 990 etag "3de-56ddca2da4700" expires Wed, 05 Jun 2019 03:45:27 GMT
GET H/1.1	200 OK	postratings-css.css www.sitepoint.com/wp-content/plugins/wp-postratings/css/	1 KB 1 KB	538ms 186ms	Stylesheet text/css	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.85 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash c56b566e17c62870ce139b3a57bfb94a9d785792bd6ac2220d52426b8590d87f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Thu, 31 May 2018 23:47:06 GMT Content-Encoding gzip x-cache-lookup HIT from ip-172-31-30-199.us-west-2.compute.internal:3128 age 399845 X-Powered-By Express x-cache HIT from ip-172-31-30-199.us-west-2.compute.internal Content-Length 410 referrer-policy last-modified Thu, 31 May 2018 23:31:02 GMT server Apache/2.4.10 (Debian) etag "549-56d88dc445980" Vary X-Forwarded-Proto,Accept-Encoding warning 113 ip-172-31-30-199.us-west-2.compute.internal (squid/3.5.23) This cache hit is still fresh and more than 1 day old content-type text/css cache-control max-age=31536000 accept-ranges bytes expires Fri, 31 May 2019 23:47:06 GMT
GET H/1.1	200 OK	styles-63620ced6374adfdc078b1a126c2f666.css www.sitepoint.com/wp-content/themes/sitepoint/assets/stylesheets/	130 KB 20 KB	603ms 247ms	Stylesheet text/css	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-content/themes/sitepoint/assets/stylesheets/styles-63620ced6374adfdc078b1a126c2f666.css?ver=4.9.6 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash 150ac76ef0a151bb2be744a30b6fce576354921d129778c58fbbb63690e43cd9 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:11 GMT Content-Encoding gzip referrer-policy x-cache-lookup MISS from ip-172-31-30-199.us-west-2.compute.internal:3128 last-modified Tue, 05 Jun 2018 03:29:16 GMT server Apache/2.4.10 (Debian) X-Powered-By Express Vary X-Forwarded-Proto,Accept-Encoding x-cache MISS from ip-172-31-30-199.us-west-2.compute.internal content-type text/css cache-control max-age=0, private, no-store, no-cache, must-revalidate transfer-encoding chunked accept-ranges bytes etag "206b6-56ddca79efb00" expires Wed, 05 Jun 2019 14:51:11 GMT
GET H/1.1	200 OK	compiled.59c0c6a6ee80382e5d5b.css www.sitepoint.com/dist/css/	126 KB 21 KB	545ms 185ms	Stylesheet text/css	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/dist/css/compiled.59c0c6a6ee80382e5d5b.css Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software / Express Resource Hash 5a8c8b2e140027abbccf5b0d731dedf1c9b68405522917f2bb4a89adc92c8259 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:04 GMT Content-Encoding gzip ETag W/"1f682-163afcac6a0" Last-Modified Wed, 30 May 2018 06:44:52 GMT X-Powered-By Express Vary Accept-Encoding Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 transfer-encoding chunked Accept-Ranges bytes
GET H/1.1	200 OK	compiledArticle.59c0c6a6ee80382e5d5b.css www.sitepoint.com/dist/css/	48 KB 6 KB	545ms 186ms	Stylesheet text/css	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/dist/css/compiledArticle.59c0c6a6ee80382e5d5b.css Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software / Express Resource Hash 1a34c8388e68b323e46d1321c5946adf6641a936fbb72c4c8764a7453ad5135a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept text/css,*/*;q=0.1 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:11 GMT Content-Encoding gzip ETag W/"bf55-163afcac6a0" Last-Modified Wed, 30 May 2018 06:44:52 GMT X-Powered-By Express Vary Accept-Encoding Content-Type text/css; charset=UTF-8 Cache-Control public, max-age=0 transfer-encoding chunked Accept-Ranges bytes
GET H/1.1	200 OK	scripts-head-42a85c5219e5c4b733340d9ea50d7a36.js Show response www.sitepoint.com/wp-content/themes/sitepoint/assets/javascripts/	6 KB 3 KB	643ms 281ms	Script application/x-javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-content/themes/sitepoint/assets/javascripts/scripts-head-42a85c5219e5c4b733340d9ea50d7a36.js?ver=4.9.6 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash 2aa93186f33e22678ed231b6ee410180a74790f51708dfc288d13cbe04b2c2be Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT Content-Encoding gzip referrer-policy x-cache-lookup MISS from ip-172-31-30-199.us-west-2.compute.internal:3128 last-modified Tue, 05 Jun 2018 03:29:17 GMT server Apache/2.4.10 (Debian) X-Powered-By Express Vary X-Forwarded-Proto,Accept-Encoding x-cache MISS from ip-172-31-30-199.us-west-2.compute.internal content-type application/x-javascript cache-control max-age=0, private, no-store, no-cache, must-revalidate transfer-encoding chunked accept-ranges bytes etag "173a-56ddca7ae3d40" expires Wed, 05 Jun 2019 14:51:12 GMT
GET S	200	purchs2s.js Show response ads.servebom.com/	25 KB 7 KB	9ms 7ms	Script application/x-javascript	54.230.93.173 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ads.servebom.com/purchs2s.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.230.93.173 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-54-230-93-173.fra2.r.cloudfront.net Software / Resource Hash d82b4aa70f84bb39c91beecbab96c7cb37dc931579d3d14c68f7bc9d4c1e30f3 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Mon, 04 Jun 2018 14:54:56 GMT content-encoding gzip age 86176 p3p CP="CUR ADM OUR NOR STA NID" x-cache Hit from cloudfront content-type application/x-javascript status 200 cache-control public, max-age=600 timing-allow-origin * content-length 7105 via 1.1 e15344e351ae77fef306bf70353d7fc3.cloudfront.net (CloudFront) x-amz-cf-id IOJb4VIai46tubNK294GugQjv9rSALijq7S9h8hzT7yYfaMDf2HW8Q==
GET S	200	gpt.js Show response www.googletagservices.com/tag/js/	19 KB 8 KB	41ms 39ms	Script text/javascript	216.58.206.2 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s20-in-f2.1e100.net Software sffe / Resource Hash fa98de861a35ae84e19a99f3b2a2e55f9fdcae9c2efc2c8d8092fc86b05965df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "5 / 641 of 1000 / last-modified: 1528202434" vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 7649 x-xss-protection 1; mode=block expires Tue, 05 Jun 2018 14:51:12 GMT
GET H/1.1	200 OK	wp-emoji-release.min.js Show response www.sitepoint.com/wp-includes/js/	11 KB 5 KB	178ms 177ms	Script application/x-javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.6 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash 3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Thu, 31 May 2018 23:47:06 GMT Content-Encoding gzip x-cache-lookup HIT from ip-172-31-30-199.us-west-2.compute.internal:3128 age 399846 X-Powered-By Express transfer-encoding chunked x-cache HIT from ip-172-31-30-199.us-west-2.compute.internal referrer-policy last-modified Thu, 31 May 2018 23:31:03 GMT server Apache/2.4.10 (Debian) etag "2dc9-56d88dc539bc0" Vary X-Forwarded-Proto,Accept-Encoding warning 113 ip-172-31-30-199.us-west-2.compute.internal (squid/3.5.23) This cache hit is still fresh and more than 1 day old content-type application/x-javascript cache-control max-age=31536000 accept-ranges bytes expires Fri, 31 May 2019 23:47:06 GMT
GET H/1.1	200 OK	yaml_hacked-300x187.png dab1nmslvvntp.cloudfront.net/wp-content/uploads/2013/02/	39 KB 39 KB	55ms 18ms	Image image/png	216.137.61.196 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://dab1nmslvvntp.cloudfront.net/wp-content/uploads/2013/02/yaml_hacked-300x187.png Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 216.137.61.196 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-196.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 21678914a1d38900dd3999e82a9f6d5bf6922180df571defcdf041b8c5fef086 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Sat, 19 May 2018 09:00:22 GMT Via 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront) Last-Modified Thu, 15 Aug 2013 09:11:28 GMT Server AmazonS3 x-amz-meta-s3cmd-attrs uid:33/gname:www-data/uname:www-data/gid:33/mode:33256/mtime:1359826337/atime:1376548723/ctime:1376530218 Age 5123 ETag "9e01293e1cac5c96ac71fb7f05890005" X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 39776 X-Amz-Cf-Id 17J0Lww8PAU4-ysCSLo4QUeQB2xs9XQkyg5Uh4pVuHFco52IgHt-Xg==
GET S	200	SitepointPMP.js Show response play.aniview.com/5858ed930b8ee8851941a7bb/59627b0528a0616e231692a2/	4 KB 2 KB	29ms 6ms	Script application/javascript	2.18.232.78 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://play.aniview.com/5858ed930b8ee8851941a7bb/59627b0528a0616e231692a2/SitepointPMP.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 2.18.232.78 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-232-78.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash a48131ec7499c5583dcf908aac3faa3cd02c007e1c40be79dade918c9aa782ab Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-guploader-uploadid AEnB2Uq_XpeSeSoBXOzOPFPEYbLjSXreniDTDkENNpTjVYUINDDLHE6sDum34mvaE3MU5QUyEM2UrLphqSKQasMl796nEqcxig x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding identity content-length 1632 last-modified Sat, 05 May 2018 12:46:10 GMT server UploadServer etag "b9c0e1fe94428e565acb586b49318de9" vary Accept-Encoding x-goog-hash crc32c=A/JCGw== x-goog-generation 1525524370844235 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=1800 x-goog-stored-content-length 4168 accept-ranges bytes content-type application/javascript expires Tue, 05 Jun 2018 15:21:12 GMT
GET S	200	614d10d53a6558d68d9ec3d51ed886ce secure.gravatar.com/avatar/	3 KB 3 KB	35ms 6ms	Image image/jpeg	192.0.73.2 Automattic
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/614d10d53a6558d68d9ec3d51ed886ce?s=96&d=mm&r=g Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 192.0.73.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US), Reverse DNS Software nginx / Resource Hash 9557701cb42c5a6f2ecaed3b5b81ec995c9f1bcd414609cea71ec358d253296d Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers x-nc HIT fra 3 date Tue, 05 Jun 2018 14:51:12 GMT last-modified Mon, 29 Oct 2012 20:07:10 GMT server nginx source-age 95271 status 200 content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="614d10d53a6558d68d9ec3d51ed886ce.jpeg" accept-ranges bytes link <https://www.gravatar.com/avatar/614d10d53a6558d68d9ec3d51ed886ce?s=96&d=mm&r=g>; rel="canonical" content-length 2753 expires Tue, 05 Jun 2018 14:56:12 GMT
GET S	200	1527893250-purple_logo_80x80.png cdn4.buysellads.net/uu/1/4735/	2 KB 3 KB	54ms 8ms	Image image/png	94.31.29.32 netDNA
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/uu/1/4735/1527893250-purple_logo_80x80.png Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 94.31.29.32 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US), Reverse DNS 94.31.29.32.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 04de660671276d83c520b605fbc2bf20d0be17ddcb1151e15145baf57cff0c86 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT last-modified Fri, 01 Jun 2018 22:47:31 GMT server NetDNA-cache/2.2 x-amz-request-id 0C70FEB5AF7CF658 etag "4874338ae72ec5cbffedee1f0225502f" x-cache HIT status 200 cache-control max-age=31104000 accept-ranges bytes content-length 2292 x-amz-id-2 A+CbheOah3GuECo/Vx+89ytORQRytodq7IvJpnNnLIoDCk7PCZIVYwlX4yJupDglwwzIfBRrtYg= expires Fri, 31 May 2019 14:51:12 GMT
GET S	200	B21110030.220866708;dc_pre=CPvwsPPivNsCFVYq4AodVCMElw;dc_trk_aid=419022014;dc_trk_cid=101290709;ord=[1528210270];dc_lat=;dc_rdid=;tag_for_child_directed_treatment= ad.doubleclick.net/ddm/trackimp/N728909.1903882NATIVE.COM/ Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N728909.1903882NATIVE.COM/B21110030.220866708;dc_trk_aid=419022014;dc_trk_cid=101290709;ord=[1528210270];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=? https://ad.doubleclick.net/ddm/trackimp/N728909.1903882NATIVE.COM/B21110030.220866708;dc_pre=CPvwsPPivNsCFVYq4AodVCMElw;dc_trk_aid=419022014;dc_trk_cid=101290709;ord=[1528210270];dc_lat=;dc_rdid=;t...	42 B 318 B	32ms 32ms	Image image/gif	172.217.16.166 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N728909.1903882NATIVE.COM/B21110030.220866708;dc_pre=CPvwsPPivNsCFVYq4AodVCMElw;dc_trk_aid=419022014;dc_trk_cid=101290709;ord=[1528210270];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=? Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.16.166 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s11-in-f166.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control no-cache, must-revalidate content-type image/gif alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 302 content-type text/html; charset=UTF-8 location https://ad.doubleclick.net/ddm/trackimp/N728909.1903882NATIVE.COM/B21110030.220866708;dc_pre=CPvwsPPivNsCFVYq4AodVCMElw;dc_trk_aid=419022014;dc_trk_cid=101290709;ord=[1528210270];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=? cache-control no-cache, must-revalidate follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	1527800069-white_Slack_80x80.png cdn4.buysellads.net/uu/1/4251/	6 KB 6 KB	44ms 8ms	Image image/png	94.31.29.32 netDNA
General Check archive.org Show headers Download Go to Show image Full URL https://cdn4.buysellads.net/uu/1/4251/1527800069-white_Slack_80x80.png Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 94.31.29.32 , United Kingdom, ASN54104 (AS-STACKPATH - netDNA, US), Reverse DNS 94.31.29.32.IPYX-077437-ZYO.above.net Software NetDNA-cache/2.2 / Resource Hash 4091f461b95075d918af48264e1b371830e17f4b37485e38afd1c2347d162afd Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT last-modified Thu, 31 May 2018 20:54:30 GMT server NetDNA-cache/2.2 x-amz-request-id 13B715C500496512 etag "8e14c04911cd66ab8e2c7f5866fd10fc" x-cache HIT status 200 cache-control max-age=31104000 accept-ranges bytes content-length 6314 x-amz-id-2 Qq+bSFseYrLA3CHi6WZKOvL2ETOqdPvGCk96eFP2L8ZWfVKnWbjducvpRArbn4UZ4iNPh2EUt20= expires Fri, 31 May 2019 14:51:12 GMT
GET H/1.1	200 OK	cvo.gif slack.sp1.convertro.com/view/vt/v1/slack/0/	43 B 1 KB	402ms 102ms	Image image/gif	34.197.131.250 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://slack.sp1.convertro.com/view/vt/v1/slack/0/cvo.gif?cvosrc=display.carbon.one%20cpc&utm_source=carbon&utm_medium=display&utm_campaign=one%20cpc Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 34.197.131.250 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-197-131-250.compute-1.amazonaws.com Software Apache/2.4.27 (Ubuntu) OpenSSL/1.0.2g mod_apreq2-20090110/2.8.0 mod_perl/2.0.10 Perl/v5.26.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Jun 2018 14:51:12 GMT Server Apache/2.4.27 (Ubuntu) OpenSSL/1.0.2g mod_apreq2-20090110/2.8.0 mod_perl/2.0.10 Perl/v5.26.0 P3P policyref="/w3c/p3p.xml", CP="NOI DSP NID PSA ADM OUR IND NAV COM" Access-Control-Allow-Origin * Connection keep-alive Content-Type image/gif Content-Length 43
GET H/1.1	200 OK	postratings-js.js Show response www.sitepoint.com/wp-content/plugins/wp-postratings/js/	3 KB 1 KB	192ms 191ms	Script application/javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.85 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash c42425f18923921089911e70f39c6dd462794df2e42ac0596abc3884da6471fc Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Thu, 31 May 2018 23:47:06 GMT Content-Encoding gzip x-cache-lookup HIT from ip-172-31-30-199.us-west-2.compute.internal:3128 last-modified Wed, 30 May 2018 06:33:55 GMT server Apache/2.4.10 (Debian) age 399846 X-Powered-By Express Vary X-Forwarded-Proto,Accept-Encoding warning 113 ip-172-31-30-199.us-west-2.compute.internal (squid/3.5.23) This cache hit is still fresh and more than 1 day old content-type application/javascript cache-control max-age=2592000 transfer-encoding chunked x-cache HIT from ip-172-31-30-199.us-west-2.compute.internal accept-ranges bytes expires Sat, 30 Jun 2018 23:47:06 GMT
GET H/1.1	200 OK	scripts-foot-05d11a1c786bcae1cfb038c489b29193.js Show response www.sitepoint.com/wp-content/themes/sitepoint/assets/javascripts/	274 KB 84 KB	189ms 187ms	Script application/x-javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-content/themes/sitepoint/assets/javascripts/scripts-foot-05d11a1c786bcae1cfb038c489b29193.js?ver=4.9.6 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash a42114f7aa2f5bdf1a2190c3a22cddc297307df11fe7300fc36ff41b494087ce Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT Content-Encoding gzip referrer-policy x-cache-lookup MISS from ip-172-31-30-199.us-west-2.compute.internal:3128 last-modified Tue, 05 Jun 2018 03:29:27 GMT server Apache/2.4.10 (Debian) X-Powered-By Express Vary X-Forwarded-Proto,Accept-Encoding x-cache MISS from ip-172-31-30-199.us-west-2.compute.internal content-type application/x-javascript cache-control max-age=0, private, no-store, no-cache, must-revalidate transfer-encoding chunked accept-ranges bytes etag "4487f-56ddca846d3c0" expires Wed, 05 Jun 2019 14:51:12 GMT
GET H/1.1	200 OK	compiled.59c0c6a6ee80382e5d5b.js Show response www.sitepoint.com/dist/js/	354 KB 98 KB	304ms 302ms	Script application/javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/dist/js/compiled.59c0c6a6ee80382e5d5b.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software / Express Resource Hash aa53680bdc041b991c284f3781dae9e655c711113e4458207105bf83fea0ad83 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:12 GMT Content-Encoding gzip ETag W/"586b2-163afcac6a0" Last-Modified Wed, 30 May 2018 06:44:52 GMT X-Powered-By Express Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=0 transfer-encoding chunked Accept-Ranges bytes
GET H/1.1	200 OK	wp-embed.min.js Show response www.sitepoint.com/wp-includes/js/	1 KB 1 KB	308ms 306ms	Script application/javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-includes/js/wp-embed.min.js?ver=4.9.6 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Thu, 31 May 2018 23:47:06 GMT Content-Encoding gzip x-cache-lookup HIT from ip-172-31-30-199.us-west-2.compute.internal:3128 last-modified Wed, 30 May 2018 06:33:56 GMT server Apache/2.4.10 (Debian) age 399846 X-Powered-By Express Vary X-Forwarded-Proto,Accept-Encoding warning 113 ip-172-31-30-199.us-west-2.compute.internal (squid/3.5.23) This cache hit is still fresh and more than 1 day old content-type application/javascript cache-control max-age=2592000 transfer-encoding chunked x-cache HIT from ip-172-31-30-199.us-west-2.compute.internal accept-ranges bytes expires Sat, 30 Jun 2018 23:47:06 GMT
GET H/1.1	200 OK	14788516501466142151pattern-final-copy.png dab1nmslvvntp.cloudfront.net/wp-content/uploads/2016/11/	3 KB 3 KB	21ms 7ms	Image image/png	216.137.61.196 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://dab1nmslvvntp.cloudfront.net/wp-content/uploads/2016/11/14788516501466142151pattern-final-copy.png Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 216.137.61.196 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-196.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash d00ec00d59edfa554f7fdc5d41559da727224ec37eb8f134420f8477a6b8a5e3 Request headers Referer https://www.sitepoint.com/dist/css/compiled.59c0c6a6ee80382e5d5b.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Wed, 27 Sep 2017 00:07:27 GMT Via 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront) Last-Modified Fri, 11 Nov 2016 08:08:06 GMT Server AmazonS3 Age 27000 ETag "59f43f2efbbdc2cbb79008162ab70369" x-amz-meta-sp_image_process_version 0.0.2 X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 2924 x-amz-meta-sp_image_process_etag "d481328bf46285970edad1d28783ca9e" X-Amz-Cf-Id R5fqyBH6xTczeWbzKiX8a5dKH5nGlmbh6k7jBMlHR99OfD2dkYmMqQ==
GET H/1.1	200 OK	fontawesome-webfont.woff2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/	55 KB 56 KB	33ms 8ms	Font application/font-woff2	209.197.3.15 Highwinds Network...
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US), Reverse DNS vip0x00f.map2.ssl.hwcdn.net Software / Resource Hash aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css Origin https://www.sitepoint.com Response headers Date Tue, 05 Jun 2018 14:51:12 GMT Content-Encoding gzip Last-Modified Sat, 17 Feb 2018 21:46:23 GMT Connection Keep-Alive ETag "1518903983" Vary Accept-Encoding X-Cache HIT Content-Type application/font-woff2 Access-Control-Allow-Origin * Cache-Control max-age=31536000 X-Hello-Human Say hello back! @getBootstrapCDN on Twitter Accept-Ranges bytes Content-Length 56792
GET S	200	KFOmCnqEu92Fr1Mu4mxP.ttf fonts.gstatic.com/s/roboto/v18/	35 KB 20 KB	11ms 8ms	Font font/ttf	172.217.22.99 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxP.ttf Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f99.1e100.net Software sffe / Resource Hash 466989fd178ca6ed13641893b7003e5d6ec36e42c2a816dee71f87b775ea097f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:900,900italic,700,700italic,400,400italic,300,300italic Origin https://www.sitepoint.com Response headers date Mon, 12 Feb 2018 14:09:20 GMT content-encoding gzip x-content-type-options nosniff age 9765712 status 200 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 20272 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2017 17:32:56 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Feb 2019 14:09:20 GMT
GET S	200	KFOlCnqEu92Fr1MmSU5fBBc9.ttf fonts.gstatic.com/s/roboto/v18/	35 KB 20 KB	10ms 8ms	Font font/ttf	172.217.22.99 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc9.ttf Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f99.1e100.net Software sffe / Resource Hash 3ee85c770966bfd58a0c807851e2c14d2c63abadcfb45ce30fbfbe871152caf2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:900,900italic,700,700italic,400,400italic,300,300italic Origin https://www.sitepoint.com Response headers date Mon, 12 Feb 2018 20:17:12 GMT content-encoding gzip x-content-type-options nosniff age 9743640 status 200 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 20366 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2017 17:32:44 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Feb 2019 20:17:12 GMT
GET S	200	KFOlCnqEu92Fr1MmWUlfBBc9.ttf fonts.gstatic.com/s/roboto/v18/	34 KB 20 KB	8ms 7ms	Font font/ttf	172.217.22.99 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc9.ttf Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f99.1e100.net Software sffe / Resource Hash 70e339a1a220298dd1d9c6a69bbb3e3f7e2b4e655c85da9f127cb21a699f99d8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:900,900italic,700,700italic,400,400italic,300,300italic Origin https://www.sitepoint.com Response headers date Mon, 12 Feb 2018 20:01:56 GMT content-encoding gzip x-content-type-options nosniff age 9744556 status 200 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 20309 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2017 17:33:12 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Feb 2019 20:01:56 GMT
GET S	200	KFOjCnqEu92Fr1Mu51TjASc6CsE.ttf fonts.gstatic.com/s/roboto/v18/	36 KB 22 KB	7ms 7ms	Font font/ttf	172.217.22.99 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOjCnqEu92Fr1Mu51TjASc6CsE.ttf Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.22.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f99.1e100.net Software sffe / Resource Hash 6121573e61d8ac4d047b34bdf3f360f6d0731a7e70576d789a1e627b0b1fb8ac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://fonts.googleapis.com/css?family=Roboto:900,900italic,700,700italic,400,400italic,300,300italic Origin https://www.sitepoint.com Response headers date Mon, 12 Feb 2018 17:49:26 GMT content-encoding gzip x-content-type-options nosniff age 9752506 status 200 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 22057 x-xss-protection 1; mode=block last-modified Mon, 16 Oct 2017 17:32:54 GMT server sffe vary Accept-Encoding content-type font/ttf access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 12 Feb 2019 17:49:26 GMT
GET S	200	aniview.js Show response player.aniview.com/script/6.1/	17 KB 7 KB	7ms 6ms	Script text/javascript	2.18.232.78 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/aniview.js Requested by Host: play.aniview.com URL: https://play.aniview.com/5858ed930b8ee8851941a7bb/59627b0528a0616e231692a2/SitepointPMP.js Protocol SPDY Server 2.18.232.78 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-232-78.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash a7442113cc00cdb91fd129e8986df84c545cee1d7bc59df336fccd0dd4f6bc92 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-guploader-uploadid AEnB2UpbEzOtIUy6cFw7L_eEd-Z7r3BlzoH1QBGSNB1GssSqY9qXBOZnymChFbJdTWxRV68c9PLkfR9RGUiDRQCBC4FXpn4AcA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 6242 last-modified Tue, 05 Jun 2018 10:12:49 GMT server UploadServer etag "be0834417f167c428ab0a35f82ab1b48" vary Accept-Encoding x-goog-hash crc32c=u+By1w== x-goog-generation 1528193569090240 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 6242 accept-ranges bytes content-type text/javascript expires Tue, 05 Jun 2018 14:56:12 GMT
GET S	200	track track1.aniview.com/	0 79 B	322ms 104ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?pid=5961f0e6073ef42d7843d002&cid=5a30fb2728a06159ea245973&e=playerLoaded&cb=1528210272318 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET S	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	24ms 23ms	Script application/javascript	216.58.205.226 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.sitepoint.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Server 216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s24-in-f2.1e100.net Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers timing-allow-origin * date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 104 x-xss-protection 1; mode=block
GET S	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	16ms 15ms	Script application/javascript	172.217.21.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.sitepoint.com Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Server 172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s12-in-f194.1e100.net Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers timing-allow-origin * date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 104 x-xss-protection 1; mode=block
GET S	200	pubads_impl_212.js Show response securepubads.g.doubleclick.net/gpt/	173 KB 60 KB	39ms 39ms	Script text/javascript	172.217.22.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Server 172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f2.1e100.net Software sffe / Resource Hash 05922cd395082495346a0a80c70037a064b7f782884c0f333c1f15c71f503f3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 31 May 2018 13:55:01 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 61374 x-xss-protection 1; mode=block expires Tue, 05 Jun 2018 14:51:12 GMT
GET S	200	IM2QfEma.min.js Show response scripts.demandbase.com/	55 KB 15 KB	40ms 7ms	Script application/javascript	54.230.93.85 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://scripts.demandbase.com/IM2QfEma.min.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.230.93.85 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-54-230-93-85.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 672c4d21dc8520bc95868e33dfe22b38eb0c231fbfb4e33b92817db6f14222e8 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Fri, 01 Jun 2018 14:12:19 GMT content-encoding gzip last-modified Fri, 01 Jun 2018 14:11:34 GMT server AmazonS3 age 1719 vary Accept-Encoding x-cache Hit from cloudfront x-amz-version-id SijF4DBP41s5l7LdlYTVz1TJiP8OcMXL status 200 cache-control public, max-age=3600 content-type application/javascript x-amz-cf-id NGiNMFexsU_rYcHzSKdWRZVM7Wrz5t-prdBXMyUWfX5aFrl3ikBzVw== via 1.1 87de52593927dfce090da0b24ddc3123.cloudfront.net (CloudFront)
GET S	200	/ Show response load.sumo.com/	196 KB 68 KB	585ms 197ms	Script application/javascript	54.68.56.226 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://load.sumo.com/ Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.68.56.226 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-68-56-226.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash dd244c98b752fc156feeafdcdb819e318333954633ba05dc4712e6a7c13eb56c Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip last-modified Mon, 04 Jun 2018 21:45:12 GMT server nginx/1.12.1 etag W/"5b15b2e8-311e7" vary Accept-Encoding p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control max-age=600 content-type application/javascript expires Tue, 05 Jun 2018 14:57:14 GMT
GET H/1.1	200 OK	p.js Show response d1z2jf7jlzjs58.cloudfront.net/	6 KB 3 KB	49ms 7ms	Script application/x-javascript	216.137.61.127 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d1z2jf7jlzjs58.cloudfront.net/p.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 216.137.61.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-127.fra2.r.cloudfront.net Software nginx / Resource Hash 725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Pragma public Date Fri, 08 Sep 2017 23:34:48 GMT Content-Encoding gzip Last-Modified Fri, 07 Mar 2014 00:45:07 GMT Server nginx Age 54468 ETag W/"53191693-19c1" Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront) Cache-Control max-age=86400, public Connection keep-alive X-Amz-Cf-Id b6N28QL0BJ4UIOU4Kxx1CqbmMHMqaEKmyUTQQOhAE1xkqVMeSsAAJA== Expires Sat, 09 Sep 2017 23:34:48 GMT
GET H/1.1	200 OK	rating_1_over.gif www.sitepoint.com/wp-content/plugins/wp-postratings/images/thumbs/	608 B 1 KB	199ms 198ms	Image image/gif	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://www.sitepoint.com/wp-content/plugins/wp-postratings/images/thumbs/rating_1_over.gif Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash 888815d90b0a97d7e32a2dda3f233307a00b2b52318a68020f807ed03fc76824 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Cookie _ga=GA1.2.1141886411.1528210272; _gid=GA1.2.542523363.1528210272 Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Fri, 01 Jun 2018 01:47:08 GMT x-cache-lookup HIT from ip-172-31-30-199.us-west-2.compute.internal:3128 age 392644 X-Powered-By Express x-cache HIT from ip-172-31-30-199.us-west-2.compute.internal Content-Length 608 referrer-policy last-modified Thu, 31 May 2018 23:31:02 GMT server Apache/2.4.10 (Debian) etag "260-56d88dc445980" vary X-Forwarded-Proto warning 113 ip-172-31-30-199.us-west-2.compute.internal (squid/3.5.23) This cache hit is still fresh and more than 1 day old content-type image/gif cache-control max-age=31536000 accept-ranges bytes expires Sat, 01 Jun 2019 01:47:08 GMT
GET H/1.1	200 OK	rating_2_over.gif www.sitepoint.com/wp-content/plugins/wp-postratings/images/thumbs/	614 B 1 KB	179ms 179ms	Image image/gif	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://www.sitepoint.com/wp-content/plugins/wp-postratings/images/thumbs/rating_2_over.gif Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash eb27258436115f5c53671bd9ab0fc8db64406f05b613d880715a5401317bd88d Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Cookie _ga=GA1.2.1141886411.1528210272; _gid=GA1.2.542523363.1528210272 Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Wed, 30 May 2018 10:56:39 GMT x-cache-lookup HIT from ip-172-31-30-199.us-west-2.compute.internal:3128 last-modified Wed, 30 May 2018 06:33:55 GMT server Apache/2.4.10 (Debian) age 440567 X-Powered-By Express vary X-Forwarded-Proto warning 113 ip-172-31-30-199.us-west-2.compute.internal (squid/3.5.23) This cache hit is still fresh and more than 1 day old content-type image/gif x-cache HIT from ip-172-31-30-199.us-west-2.compute.internal accept-ranges bytes Content-Length 614
GET S	200	AVmanager.js Show response player.aniview.com/script/6.1/ Frame 7871	263 KB 75 KB	6ms 6ms	Script text/javascript	2.18.232.78 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/AVmanager.js Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/aniview.js Protocol SPDY Server 2.18.232.78 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-232-78.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash 56a39c2ae13d6955610a61f40deac3614203d1b52bc23ad8630b1e19caac9b17 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-guploader-uploadid AEnB2Uq3mGXCrGFizyce--usIqix5OH36AwrSpnOxU-H50aUbimd3tL7W8PG8dwzqNOq3NHsARcjFhHqCw_8HYNzawCj-OX2bA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 75939 last-modified Tue, 05 Jun 2018 10:12:47 GMT server UploadServer etag "39d661ae12972b87e05927b8cbe6b016" vary Accept-Encoding x-goog-hash crc32c=02YckA== x-goog-generation 1528193567884037 access-control-allow-origin * access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 75939 accept-ranges bytes content-type text/javascript expires Tue, 05 Jun 2018 14:56:12 GMT
GET S	200	track track1.aniview.com/	0 79 B	201ms 104ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?pid=5961f0e6073ef42d7843d002&cid=5a30fb2728a06159ea245973&e=playerStarted&cb=1528210272417 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET S	200	web Show response onesignal.com/api/v1/sync/65189cfb-a985-4bd7-a41b-c2666081e811/	1 KB 1 KB	16ms 15ms	Script text/javascript	104.16.204.165 Cloudflare
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/65189cfb-a985-4bd7-a41b-c2666081e811/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol SPDY Server 104.16.204.165 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US), Reverse DNS Software cloudflare / Phusion Passenger 5.2.0 Resource Hash ddc5903bcac97d63eb6b0fb61d93e78e0252075b719ea78075856b8cc862cdfc Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT x-powered-by Phusion Passenger 5.2.0 status 200, 200 OK x-xss-protection 1; mode=block x-request-id a369c018-6672-43f5-aa28-0058d8982fe1 x-runtime 0.073359 cf-bgj minify server cloudflare x-frame-options SAMEORIGIN expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache cf-polished origSize=1168 cf-ray 426374bae8fe96e2-FRA access-control-allow-headers SDK-Version
GET S	200	purchs2stag.js Show response ads.servebom.com/	14 KB 4 KB	44ms 44ms	Script application/x-javascript	54.230.93.173 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ads.servebom.com/purchs2stag.js?v=s2s&r=8681&o={%22l%22:%22https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F%22,%22tt%22:%22Anatomy%20of%20an%20Exploit%3A%20An%20In-depth%20Look%20at%20the%20Rails%20YAML%20Vulnerability%20%E2%80%94%20SitePoint%22,%22fs%22:1,%22a%22:[],%22t%22:%222018-06-05%2014:51:12%22,%22tz%22:0,%22r%22:%221585x1200%22,%22pam%22:%22blocked%22}&fmt=jsonp&uuid=430b0114bc5640afae6a48dbef668eff Requested by Host: ads.servebom.com URL: https://ads.servebom.com/purchs2s.js Protocol SPDY Server 54.230.93.173 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-54-230-93-173.fra2.r.cloudfront.net Software / Resource Hash 5b6d3e0ab5f28f26efa840dbdc49d6459a57537d90fac94746e23aefc6b4c430 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip p3p CP="CUR ADM OUR NOR STA NID" status 200 x-cache Miss from cloudfront content-type application/x-javascript access-control-allow-origin * timing-allow-origin * content-length 3137 via 1.1 e15344e351ae77fef306bf70353d7fc3.cloudfront.net (CloudFront) x-amz-cf-id kEaVE0UWu6Xp2m-kv6mbjAvrmzScvq0D9pBFBh_RKXHphyEQUspr3w==
GET S	401	ip.json Show response api.company-target.com/api/v2/	12 B 505 B	80ms 44ms	XHR text/plain	52.222.146.139 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://api.company-target.com/api/v2/ip.json?referrer=&page=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&page_title=Anatomy%20of%20an%20Exploit%3A%20An%20In-depth%20Look%20at%20the%20Rails%20YAML%20Vulnerability%20%E2%80%94%20SitePoint&key=15cd4a7b2886aa0b6fb5217c32c56189 Requested by Host: scripts.demandbase.com URL: https://scripts.demandbase.com/IM2QfEma.min.js Protocol SPDY Server 52.222.146.139 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-52-222-146-139.fra53.r.cloudfront.net Software nginx / Resource Hash d089c8a9fc28e4e50223eb38c9409e362521be9380a37341304fbac7a4cd9e5f Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com Response headers date Tue, 05 Jun 2018 14:51:12 GMT via 1.1 ec6662ba477736a13086dd664a1145be.cloudfront.net (CloudFront) www-authenticate DemandBase API v2 x-cache Error from cloudfront status 401 request-id 39bdf7b8-7a4f-4566-90fc-c00ae6fd18e0 vary Origin content-length 12 server nginx access-control-max-age 1728000 access-control-allow-methods GET, POST, PUT, DELETE, OPTIONS content-type text/plain;charset=utf-8 access-control-allow-origin https://www.sitepoint.com access-control-expose-headers access-control-allow-credentials true x-amz-cf-id y9U8eqNDnwzfC5L2z8DaOK96nvZpNjCH8mHLqFcse0oAse8zQ6tyeA== x-content-type-options nosniff
GET H/1.1	200 OK	sitepoint.com Show response srv-2018-06-05-14.config.parsely.com/config/	385 B 803 B	402ms 99ms	Script text/javascript	52.86.198.160 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://srv-2018-06-05-14.config.parsely.com/config/sitepoint.com Requested by Host: d1z2jf7jlzjs58.cloudfront.net URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js Protocol HTTP/1.1 Server 52.86.198.160 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-86-198-160.compute-1.amazonaws.com Software / Express Resource Hash 66643b13502b860f1d5d18c17c36fdefd4451292a5b7cb55538a8ae7371b60d2 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:12 GMT Cache-Control private, no-cache ETag W/"181-DsKcT0bzYcgat+f8r/o1mA" Connection keep-alive X-Powered-By Express Content-Length 385 Content-Type text/javascript; charset=utf-8
GET DATA	200 OK	truncated /	577 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated /	480 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET DATA	200 OK	truncated /	581 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/svg+xml
GET S	200	/ Show response go1.aniview.com/api/adserver/tag/ Frame 7871	1 KB 1 KB	301ms 100ms	XHR application/json	34.193.140.167 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&AV_PUBLISHERID=5961f0e6073ef42d7843d002&AV_CHANNELID=5a30fb2728a06159ea245973&AV_WIDTH=544&AV_HEIGHT=306&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DNT=0&v=6.1.1.105&cb=1528210272554&cb=1528210272561 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js Protocol SPDY Server 34.193.140.167 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-193-140-167.compute-1.amazonaws.com Software / Resource Hash c56e936a413fb838eaa6a519223cc5d55e8cc1c3e1711b5dd3025f6c602295ed Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip status 200 vary Accept-Encoding content-type application/json access-control-allow-origin https://www.sitepoint.com cache-control no-cache access-control-allow-credentials true expires Fri, 25 May 2018 01:04:32 GMT
GET S	200	track track1.aniview.com/ Frame 7871	0 79 B	105ms 104ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?pid=5961f0e6073ef42d7843d002&cid=5a30fb2728a06159ea245973&r=www.sitepoint.com&sn=&cd1=&cd2=&cd3=&ic=0&tgt=0&app=&wi=544&he=306&test=&e=inventory&vi=66&cb=1528210272560 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET S	200	track track1.aniview.com/ Frame 7871	0 79 B	105ms 104ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?pid=5961f0e6073ef42d7843d002&cid=5a30fb2728a06159ea245973&r=www.sitepoint.com&sn=&cd1=&cd2=&cd3=&ic=0&tgt=0&app=&wi=544&he=306&test=&e=inventoryRequest&cb=1528210272561 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET H/1.1	200 OK	Prism.387bd206b1657c80fcbe.js Show response www.sitepoint.com/dist/js/	39 KB 15 KB	181ms 180ms	Script application/javascript	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/dist/js/Prism.387bd206b1657c80fcbe.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/dist/js/compiled.59c0c6a6ee80382e5d5b.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software / Express Resource Hash e21ce83a70d1a2d625bdf771a0584270b96aa123609660d23ffc6ec03f10526a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Cookie _ga=GA1.2.1141886411.1528210272; _gid=GA1.2.542523363.1528210272; _gat=1 Connection keep-alive Cache-Control no-cache Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:12 GMT Content-Encoding gzip ETag W/"9c44-163afcac6a0" Last-Modified Wed, 30 May 2018 06:44:52 GMT X-Powered-By Express Vary Accept-Encoding Content-Type application/javascript Cache-Control public, max-age=0 transfer-encoding chunked Accept-Ranges bytes
GET S	200	collect www.google-analytics.com/r/	35 B 111 B	15ms 14ms	Image image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j68&a=774022032&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&ul=en-us&de=UTF-8&dt=Anatomy%20of%20an%20Exploit%3A%20An%20In-depth%20Look%20at%20the%20Rails%20YAML%20Vulnerability%20%E2%80%94%20SitePoint&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGBAAAAD~&jid=1313600988&gjid=1157342591&cid=1141886411.1528210272&tid=UA-30131-1&_gid=542523363.1528210272&_r=1&cd2=ruby&_av=1.0.0&_au=26&did=i5iSjo&z=1824839872 Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
OPTIONS H/1.1	200 OK	v1.CountDown.json Show response s3-us-west-2.amazonaws.com/janus-data-production/	0 471 B	713ms 185ms	XHR text/plain	52.218.208.168 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/janus-data-production/v1.CountDown.json Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/dist/js/compiled.59c0c6a6ee80382e5d5b.js Protocol HTTP/1.1 Server 52.218.208.168 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method GET Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Access-Control-Request-Headers content-type Response headers Date Tue, 05 Jun 2018 14:51:14 GMT Server AmazonS3 x-amz-request-id E2DFBBDF238ABAB0 Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET Access-Control-Allow-Origin https://www.sitepoint.com Access-Control-Allow-Credentials true Access-Control-Allow-Headers content-type Content-Length 0 x-amz-id-2 3aAzn3O7uw+R+thaxF6CJipZjsPLUvUoa1ibksoJCv0aMRT17H6KYHVXJHU2mrqUzsdH2lXvEw4=
GET S	200	purchs2stag.js Show response ads.servebom.com/	14 KB 3 KB	203ms 203ms	Script application/x-javascript	54.230.93.173 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://ads.servebom.com/purchs2stag.js?v=s2s&r=4520&o={%22l%22:%22https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F%22,%22tt%22:%22Anatomy%20of%20an%20Exploit%3A%20An%20In-depth%20Look%20at%20the%20Rails%20YAML%20Vulnerability%20%E2%80%94%20SitePoint%22,%22fs%22:1,%22a%22:[{%22d%22:%22bsa-zone_1509641776795-6_123456%22,%22g%22:{},%22sm%22:[[[0,0],[[728,90]]]],%22s%22:%22/8691100/SitePoint_728x90_ArticlesLeaderboard_Content_Articles%22,%22z%22:[[970,250],[970,90],[728,90]]},{%22d%22:%22bsa-zone_1509641776795-3_123456%22,%22g%22:{},%22sm%22:[[[0,0],[[300,250]]]],%22s%22:%22/8691100/SitePoint_300x250_ArticlesMedRec_Side_Articles%22,%22z%22:[[300,250]]},{%22d%22:%22bsa-zone_1509641776795-4_123456%22,%22g%22:{},%22sm%22:[[[0,0],[[300,600],[160,600],[300,250]]]],%22s%22:%22/8691100/SitePoint_300x600_ArticlesHalfPage_Side_Articles%22,%22z%22:[[300,600],[160,600],[300,250]]}],%22t%22:%222018-06-05%2014:51:12%22,%22tz%22:0,%22r%22:%221585x1200%22,%22pam%22:%22blocked%22}&fmt=jsonp&uuid=430b0114bc5640afae6a48dbef668eff Requested by Host: ads.servebom.com URL: https://ads.servebom.com/purchs2s.js Protocol SPDY Server 54.230.93.173 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-54-230-93-173.fra2.r.cloudfront.net Software / Resource Hash 6b17156e6acb3106b83fd3c76480b3879b5b5c8ca4d086f7b5a104a214b5ac4c Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:13 GMT content-encoding gzip p3p CP="CUR ADM OUR NOR STA NID" status 200 x-cache Miss from cloudfront content-type application/x-javascript access-control-allow-origin * timing-allow-origin * content-length 3066 via 1.1 e15344e351ae77fef306bf70353d7fc3.cloudfront.net (CloudFront) x-amz-cf-id WKUGCl5T-L5_KN0NE6DHkof6KA3En1WOz029W44kcg5CsMCXbVlfpg==
GET S	200	3.js Show response player.aniview.com/script/6.1/sdk/ Frame 0FD2	6 KB 3 KB	6ms 6ms	Script application/javascript	2.18.232.78 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://player.aniview.com/script/6.1/sdk/3.js Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js Protocol SPDY Server 2.18.232.78 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-232-78.deploy.static.akamaitechnologies.com Software UploadServer / Resource Hash bff96224b47380e78cbeeb6c8b68dddd848ff0df8217eaa210350663a8be1e5d Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-guploader-uploadid AEnB2Uqyfb6rAsFL-9dENbwpdyL8-jj_WhG1vtoGIKolG4J_UfSknHPGx19aHGbj_U-pOj107tybOrL0J-y8jDAWmZnjJ9lDzA x-goog-storage-class MULTI_REGIONAL status 200 x-goog-metageneration 1 x-goog-stored-content-encoding gzip content-length 2237 last-modified Sun, 29 Apr 2018 14:58:27 GMT server UploadServer etag "158520dd864d6b86e2391d336805bc14" vary Accept-Encoding x-goog-hash crc32c=dsswvQ== content-language en access-control-allow-origin * x-goog-generation 1525013907306225 access-control-expose-headers Content-Type cache-control public, max-age=300 x-goog-stored-content-length 2237 accept-ranges bytes content-type application/javascript expires Tue, 05 Jun 2018 14:56:12 GMT
GET S	200	track track1.aniview.com/ Frame 7871	0 79 B	106ms 105ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=&cou=DE&cos=Linux&r=www.sitepoint.com&rs=www.sitepoint.com&sid=66140&t=1528210272&cip=148.251.45.254&sn=&tgt=0&osv=&bv=&brn=Chrome&wi=544&he=306&app=&AV_PUBLISHERID=5961f0e6073ef42d7843d002&test=&cb=56226617491&ppid=5961f0e6073ef42d7843d002&nid=5858ed930b8ee8851941a7bb&pcid=5a30fb2728a06159ea245973&ncid=5a5fbf4928a061327368bfbd&pasid=5a5fbfab28a0617e26654433&e=request&cb=1528210272878&asid=5a55e8a828a06104010d3f5d Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET S	200	track track1.aniview.com/ Frame 7871	0 79 B	104ms 104ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=&cou=DE&cos=Linux&r=www.sitepoint.com&rs=www.sitepoint.com&sid=66140&t=1528210272&cip=148.251.45.254&sn=&tgt=0&osv=&bv=&brn=Chrome&wi=544&he=306&app=&AV_PUBLISHERID=5961f0e6073ef42d7843d002&test=&cb=56226617491&ppid=5961f0e6073ef42d7843d002&nid=5858ed930b8ee8851941a7bb&pcid=5a30fb2728a06159ea245973&ncid=5a5fbf4928a061327368bfbd&pasid=5a5fbfab28a0617e26654433&e=bid&cb=1528210272879&asid=5a55e8a828a06104010d3f5d Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:12 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST S	200	collect www.google-analytics.com/	35 B 130 B	14ms 14ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	collect www.google-analytics.com/	35 B 111 B	14ms 13ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	collect www.google-analytics.com/	35 B 111 B	13ms 13ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	collect www.google-analytics.com/	35 B 111 B	13ms 13ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	collect www.google-analytics.com/	35 B 111 B	14ms 14ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	collect www.google-analytics.com/	35 B 111 B	14ms 14ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	collect www.google-analytics.com/	35 B 111 B	13ms 13ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:12 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627 Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET S	200	ima3.js Show response imasdk.googleapis.com/js/sdkloader/ Frame 0FD2	228 KB 78 KB	40ms 40ms	Script text/javascript	172.217.16.170 Google LLC
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/sdkloader/ima3.js Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/sdk/3.js Protocol SPDY Server 172.217.16.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s11-in-f170.1e100.net Software sffe / Resource Hash 456ba24963fbb5560884e3ae59aa32143aebbf2b97bc63443d3bc805beb19d55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:12 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 79812 x-xss-protection 1; mode=block expires Tue, 05 Jun 2018 14:51:12 GMT
GET H/1.1	200 OK	ptrack-v1.0.2-engagedtime-slots.js Show response d1z2jf7jlzjs58.cloudfront.net/code/	34 KB 14 KB	9ms 9ms	Script application/x-javascript	216.137.61.127 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.0.2-engagedtime-slots.js Requested by Host: d1z2jf7jlzjs58.cloudfront.net URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js Protocol HTTP/1.1 Server 216.137.61.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-127.fra2.r.cloudfront.net Software nginx / Resource Hash 8e51e39682cad95f7f8af2e6f24d9ddb940e83435638a2d25a8dea73ee160323 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Pragma public Date Thu, 09 Nov 2017 15:15:58 GMT Content-Encoding gzip Last-Modified Wed, 11 Oct 2017 02:15:34 GMT Server nginx Age 17969714 ETag W/"59dd7ec6-86eb" Transfer-Encoding chunked X-Cache Hit from cloudfront Content-Type application/x-javascript Via 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront) Cache-Control max-age=315360000, public Connection keep-alive X-Amz-Cf-Id HuSY4pyT7dbGlNrs254k6tIfvN6q2fPkcNAS8Pb8eZJC0cCjNqkGow== Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	/ srv-2018-06-05-14.pixel.parsely.com/plogger/	43 B 229 B	423ms 105ms	Image image/gif	34.202.122.199 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://srv-2018-06-05-14.pixel.parsely.com/plogger/?rand=1528210272943&idsite=sitepoint.com&url=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22fb36ec35-ad2f-46cf-90f0-2357017d3301%22%2C%22parsely_site_uuid%22%3A%221f0783d1-467b-4a4e-9325-172880e6f76a%22%7D&sid=1&surl=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&sref=&sts=1528210272941&slts=0&title=Anatomy+of+an+Exploit%3A+An+In-depth+Look+at+the+Rails+YAML+Vulnerability+%E2%80%94+SitePoint&date=Tue+Jun+05+2018+14%3A51%3A12+GMT%2B0000+(UTC)&action=pageview&u=1f0783d1-467b-4a4e-9325-172880e6f76a Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 34.202.122.199 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-34-202-122-199.compute-1.amazonaws.com Software nginx / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:13 GMT Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif
GET H2	200	bridge3.211.3_en.html imasdk.googleapis.com/js/core/ Frame 74C8	0 0	6ms 6ms	Document text/html	172.217.16.170 Google LLC
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/js/core/bridge3.211.3_en.html Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.16.170 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s11-in-f170.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority imasdk.googleapis.com :scheme https :path /js/core/bridge3.211.3_en.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6E82C2117BFF3D85D56450678B861879 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html content-length 165272 date Tue, 22 May 2018 18:47:50 GMT expires Wed, 22 May 2019 18:47:50 GMT last-modified Tue, 22 May 2018 18:45:06 GMT x-content-type-options nosniff server sffe x-xss-protection 1; mode=block cache-control public, max-age=31536000 age 1195403 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35"
GET S	200	client.js Show response s0.2mdn.net/instream/video/ Frame 0FD2	26 KB 10 KB	39ms 38ms	Script text/javascript	172.217.22.102 Google LLC
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/instream/video/client.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol SPDY Server 172.217.22.102 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f102.1e100.net Software sffe / Resource Hash 62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:13 GMT content-encoding gzip x-content-type-options nosniff server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, max-age=900 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 10523 x-xss-protection 1; mode=block expires Tue, 05 Jun 2018 14:51:13 GMT
GET S	200	integrator.js Show response adservice.google.com/adsid/ Frame 0FD2	109 B 171 B	17ms 17ms	Script application/javascript	172.217.21.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.sitepoint.com Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol SPDY Server 172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s12-in-f194.1e100.net Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers timing-allow-origin * date Tue, 05 Jun 2018 14:51:13 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 104 x-xss-protection 1; mode=block
GET S	200	ads Show response securepubads.g.doubleclick.net/gampad/	128 KB 35 KB	360ms 360ms	XHR text/javascript	172.217.22.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=974469092923033&correlator=1398538328660852&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061508%2C21060610%2C21060697%2C21061300%2C22322687&vrg=212&npa=1&guci=1.2.0.0.2.1.0&sc=1&sfv=1-0-27&iu_parts=8691100%2CSitePoint_728x90_ArticlesLeaderboard_Content_Articles%2CSitePoint_300x250_ArticlesMedRec_Side_Articles%2CSitePoint_300x600_ArticlesHalfPage_Side_Articles&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%2C300x250%2C300x600%7C160x600%7C300x250&eri=1&cust_params=channel%3Druby%26post_id%3D5196%26AOL%3Dtrue%252Cfalse%26OpenX%3Dtrue%252Cfalse%26Tribal%3Dtrue%252Cfalse%26_ex%3D%257C49%257C%26bsas2s%3Dtrue%26bsas2spub%3Dsitepoint%26tags%3D&cookie_enabled=1&bc=7&abxe=1&lmt=1528210273&dt=1528210273092&frm=20&biw=1585&bih=1200&oid=2&adxs=263%2C1101%2C1101&adys=429%2C750%2C1016&adks=2485334518%2C3654220586%2C1985278635&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&dssz=53&icsg=2199625842943&std=0&rumc=7238338180823504&rume=1&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1%7C300x250%7C300x600&ga_vid=1141886411.1528210272&ga_sid=1528210273&ga_hid=774022032 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js Protocol SPDY Server 172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f2.1e100.net Software cafe / Resource Hash beb539afe44bf98c2567a1a2d1e5c33d4ed56be16fd2aa7688d6eff63bed80d0 Security Headers Name Value Content-Security-Policy child-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12778404555178464445/index.html;frame-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12778404555178464445/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHZ5fPivNsCFQEo4Aod1pQDwg&gqi=&layout=/sadbundle/%24csp%253Der3%2526dns%253Doff%24/12778404555178464445/index.html X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com Response headers content-security-policy child-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12778404555178464445/index.html;frame-src 'self' 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3%26dns%3Doff$/12778404555178464445/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMHZ5fPivNsCFQEo4Aod1pQDwg&gqi=&layout=/sadbundle/%24csp%253Der3%2526dns%253Doff%24/12778404555178464445/index.html content-encoding gzip x-content-type-options nosniff google-creative-id -1,-1,-1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35049 x-xss-protection 1; mode=block google-lineitem-id -1,-1,-1 pragma no-cache server cafe date Tue, 05 Jun 2018 14:51:13 GMT content-type text/javascript; charset=UTF-8 access-control-allow-origin https://www.sitepoint.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	pubads_impl_rendering_212.js Show response securepubads.g.doubleclick.net/gpt/	44 KB 17 KB	40ms 40ms	Script text/javascript	172.217.22.98 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_212.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js Protocol SPDY Server 172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f2.1e100.net Software sffe / Resource Hash d6fd7c7bb087d6fbbcbbf86a16eb93a7e26782c321517af9f9b42484584ff5de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:13 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 31 May 2018 13:55:01 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 16996 x-xss-protection 1; mode=block expires Tue, 05 Jun 2018 14:51:13 GMT
GET S	200	container.html tpc.googlesyndication.com/safeframe/1-0-27/html/	0 0	7ms 7ms	Other text/html	172.217.22.97 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-27/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js Protocol SPDY Server 172.217.22.97 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f1.1e100.net Software / Resource Hash Request headers Purpose prefetch Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers expires Wed, 29 May 2019 19:31:40 GMT cache-control public, immutable, max-age=31536000 last-modified Mon, 14 May 2018 14:45:16 GMT content-type text/html
GET S	200	rum.js Show response pagead2.googlesyndication.com/pagead/js/	40 KB 15 KB	6ms 5ms	Script text/javascript	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/rum.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js Protocol SPDY Server 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash c634c3e95aaa938105a64c90dc40e4ca63d1a824c19c493eeedb8606a50423d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:01:48 GMT content-encoding gzip x-content-type-options nosniff age 2965 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 15454 x-xss-protection 1; mode=block server cafe etag 14842888045265482263 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Tue, 05 Jun 2018 15:01:48 GMT
POST S	200	/ Show response sumo.com/api/load/	954 B 1 KB	195ms 194ms	XHR application/json	54.148.199.253 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/load/ Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol SPDY Server 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-199-253.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 426a9728a912175537c735d9375cd638208db76974d5c276a48a9d90d17535a0 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 05 Jun 2018 14:51:13 GMT vary Origin, Accept-Encoding server nginx/1.12.1 status 200 x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://www.sitepoint.com access-control-allow-credentials true x-robots-tag noindex, nofollow content-length 954
POST S	204	csi csi.gstatic.com/ Frame 0FD2	0 56 B	119ms 119ms	Other image/gif	74.125.126.94 Google LLC
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ji1sxtdh&c=3019314472495&alt=0&sdkv=h.3.211.3&pid=ca-video-pub-5278973888786334&mrd=4&aab=1&itv=1&slotId=1170083389&met.4=ar.3o~vl.f7 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js Protocol SPDY Server 74.125.126.94 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS ik-in-f94.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:13 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 status 204 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/	28 KB 10 KB	6ms 6ms	Script text/javascript	2.18.233.40 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/roundtrip.js Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Protocol HTTP/1.1 Server 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 9ebaf737318f5cfb3d1296a653fb76f23eaefb55ccb215786c068a6e41505b8b Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers x-amz-version-id fe4AtoPY44Q_XVJsjMlGlfcxDDg6G1sV Content-Encoding gzip ETag "5bca57374ef1a8f2aacb7b06405a820d" x-amz-request-id 89E500D38887B2EB Connection keep-alive Vary Accept-Encoding Content-Length 9149 x-amz-id-2 gcHDj7OR5gJjP7vqtwBl30hsf892WxDoliuCF/5qng/FmSAdStKtpITfdoKhoCIsD5qKKg5EiFg= Last-Modified Tue, 29 May 2018 18:16:55 GMT Server AmazonS3 Date Tue, 05 Jun 2018 14:51:13 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=300, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H/1.1	200 OK	DJI3I3WGJBGL7PDJEDAYHV Show response d.adroll.com/consent/check/	27 B 187 B	140ms 35ms	Script application/javascript	79.125.3.6 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/DJI3I3WGJBGL7PDJEDAYHV?_s=149616dbeab579b4b1c9e5d9169aa6c4 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/roundtrip.js Protocol HTTP/1.1 Server 79.125.3.6 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-79-125-3-6.eu-west-1.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 01d1b1378f2c2e8d7c108db3114916ee5a3c20f33a07ea167f7495869e084801 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:13 GMT Server nginx/1.12.1 Connection keep-alive Content-Length 27 Content-Type application/javascript
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-27/html/ Frame 0547	0 0	6ms 6ms	Document text/html	172.217.22.97 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-27/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_212.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.217.22.97 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /safeframe/1-0-27/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6E82C2117BFF3D85D56450678B861879 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 1479 date Tue, 29 May 2018 19:31:40 GMT expires Wed, 29 May 2019 19:31:40 GMT last-modified Mon, 14 May 2018 14:45:16 GMT x-content-type-options nosniff server sffe x-xss-protection 1; mode=block cache-control public, immutable, max-age=31536000 age 587973 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35"
GET S	200	osd.js Show response pagead2.googlesyndication.com/pagead/	71 KB 26 KB	6ms 5ms	Script text/javascript	172.217.16.194 Google LLC
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_212.js Protocol SPDY Server 172.217.16.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra16s08-in-f2.1e100.net Software cafe / Resource Hash c5f08ac7d47bad7fdd476e7aebe5db8780bc439ee66aec208994bcadf592cb74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 13:52:48 GMT content-encoding gzip x-content-type-options nosniff age 3505 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" status 200 content-disposition attachment; filename="f.txt" alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 26450 x-xss-protection 1; mode=block server cafe etag 14519992632048792591 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Tue, 05 Jun 2018 14:52:48 GMT
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-27/html/ Frame 6D13	0 0	7ms 6ms	Document text/html	172.217.22.97 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-27/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_212.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.217.22.97 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /safeframe/1-0-27/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6E82C2117BFF3D85D56450678B861879 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 1479 date Tue, 29 May 2018 19:31:40 GMT expires Wed, 29 May 2019 19:31:40 GMT last-modified Mon, 14 May 2018 14:45:16 GMT x-content-type-options nosniff server sffe x-xss-protection 1; mode=block cache-control public, immutable, max-age=31536000 age 587973 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35"
GET H2	200	container.html tpc.googlesyndication.com/safeframe/1-0-27/html/ Frame 5D1F	0 0	7ms 6ms	Document text/html	172.217.22.97 Google LLC
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-27/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_212.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 172.217.22.97 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f1.1e100.net Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /safeframe/1-0-27/html/container.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ accept-encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-DevTools-Emulate-Network-Conditions-Client-Id 6E82C2117BFF3D85D56450678B861879 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html timing-allow-origin * content-length 1479 date Tue, 29 May 2018 19:31:40 GMT expires Wed, 29 May 2019 19:31:40 GMT last-modified Mon, 14 May 2018 14:45:16 GMT x-content-type-options nosniff server sffe x-xss-protection 1; mode=block cache-control public, immutable, max-age=31536000 age 587973 alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35"
GET H/1.1	200 OK	v1.CountDown.json Show response s3-us-west-2.amazonaws.com/janus-data-production/	325 B 961 B	194ms 188ms	XHR application/json	52.218.208.168 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://s3-us-west-2.amazonaws.com/janus-data-production/v1.CountDown.json Protocol HTTP/1.1 Server 52.218.208.168 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS s3-us-west-2.amazonaws.com Software AmazonS3 / Resource Hash 5a10c6616306b4fa0d2854403e62d815171bb494bb47f331879ca9317a2821e7 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/json Response headers Date Tue, 05 Jun 2018 14:51:14 GMT Last-Modified Tue, 05 Jun 2018 14:00:29 GMT Server AmazonS3 x-amz-request-id E86AE89CEE7B2AF2 ETag "648bf509f5a2149c82200dd3a3d97ea9" Vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method Access-Control-Allow-Methods GET x-amz-meta-resulthash b7e4ab82e42ef92cbb22b958c688c3cf8122cae4 Access-Control-Allow-Origin https://www.sitepoint.com Access-Control-Allow-Credentials true Accept-Ranges bytes Content-Type application/json Content-Length 325 x-amz-id-2 7Xp0slS9TOjw2G/MpvZky23MOFgciWNBtBsXmIh6eb9lQlcZvei3wfZI/0aO+wQ+szcy85hT3Bs=
GET H/1.1	200 OK	LO4TP2UD6JCT5HI4PCTLIH.js Show response s.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW/ Redirect Chain https://d.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW?pv=92763796817.6404&cookie=&adroll_s_ref=&keyw=&arrfrr=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-l... https://s.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW/LO4TP2UD6JCT5HI4PCTLIH.js	5 KB 2 KB	9ms 8ms	Script text/javascript	2.18.233.40 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW/LO4TP2UD6JCT5HI4PCTLIH.js Protocol HTTP/1.1 Server 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 5f20bc2c572a82d5150da3c6d068728d8978633b203bf6828dd8a31b655993da Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers x-amz-version-id ScDU6KzJZUqNsazgaPvs3wVKjfUkZxh_ Content-Encoding gzip ETag "5a5f08bffdb4a04386e67c84b21bed79" x-amz-request-id 111DBEB7E2A13CB8 Connection keep-alive Vary Accept-Encoding Content-Length 1576 x-amz-id-2 mhyGiaw86akqB3dJeIFGxUMOeKe/nireZSL2MEzWl7AIJ1AauiQ8RD8AdSaWVZja07YbchAUA9E= Last-Modified Tue, 05 Jun 2018 12:35:03 GMT Server AmazonS3 Date Tue, 05 Jun 2018 14:51:13 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=300, must-revalidate Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers * Redirect headers Date Tue, 05 Jun 2018 14:51:13 GMT X-Segment-Display-Name P3P CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" Connection keep-alive Content-Length 0 Pragma no-cache X-Conversion-Value 0.0 Server nginx/1.12.1 X-Rule * X-Segment-Eid LO4TP2UD6JCT5HI4PCTLIH Location https://s.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW/LO4TP2UD6JCT5HI4PCTLIH.js Cache-Control no-store, no-cache, must-revalidate X-Pixel-Eid 4RKMV6N56FGA7ANPGL4FQW X-Segment-Name * X-Advertisable-Eid DJI3I3WGJBGL7PDJEDAYHV X-Conversion-Currency
OPTIONS S	204	services Show response sumo.com/	0 258 B	212ms 212ms	XHR text/plain	54.148.199.253 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://sumo.com/services Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol SPDY Server 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-199-253.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method POST Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Access-Control-Request-Headers x-sumo-auth Response headers date Tue, 05 Jun 2018 14:51:13 GMT server nginx/1.12.1 access-control-allow-origin https://www.sitepoint.com access-control-max-age 2592000 access-control-allow-methods GET,HEAD,PUT,POST,DELETE status 204 access-control-allow-credentials true access-control-allow-headers pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
GET S	200	fbevents.js Show response connect.facebook.net/en_US/	41 KB 13 KB	8ms 7ms	Script application/x-javascript	185.60.216.19 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: s.adroll.com URL: https://s.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW/LO4TP2UD6JCT5HI4PCTLIH.js Protocol SPDY Server 185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash 0cabc69de1b245da2421673f4aef8c88e74215ed8dd571f1b30542f34096984f Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers pragma public x-fb-debug fHvlZ4zUgnNfQ1LfQSXRWowXubU7pwCnls2YSZnSxnny2qPPsnBmaBmz/FPzrFcwJLQgJEIkcHLsl8zmCJKd+g== content-encoding gzip x-content-type-options nosniff date Tue, 05 Jun 2018 14:51:13 GMT x-frame-options DENY content-type application/x-javascript; charset=utf-8 status 200 cache-control public, max-age=1200 content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self'; strict-transport-security max-age=31536000; preload; includeSubDomains vary Accept-Encoding content-length 13035 x-xss-protection 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H/1.1	200 OK	sendrolling.js Show response s.adroll.com/j/	9 KB 3 KB	7ms 6ms	Script text/javascript	2.18.233.40 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/sendrolling.js Requested by Host: s.adroll.com URL: https://s.adroll.com/pixel/DJI3I3WGJBGL7PDJEDAYHV/4RKMV6N56FGA7ANPGL4FQW/LO4TP2UD6JCT5HI4PCTLIH.js Protocol HTTP/1.1 Server 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-40.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 2739cf70a13b93c9eb0d4ebe43027962bb45557e5b177f2ec6ce7f7734de7f2b Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers x-amz-version-id r7iuHly0Lo6BQnqAUGxtK4zD9KwRav9z Content-Encoding gzip ETag "9c75cbd7818ca10405cc43f31bcf04ca" x-amz-request-id B3FC6C77E9BAB5F2 Connection keep-alive Vary Accept-Encoding Content-Length 2038 x-amz-id-2 HWVyZHIo+sVd+iICpkdG/NAXRa+an1x2kqbmNd6Ed6lYV4Gnn/n/QWxjLEsR9up3kVTOLKDOjcA= Last-Modified Tue, 01 May 2018 20:06:38 GMT Server AmazonS3 Date Tue, 05 Jun 2018 14:51:13 GMT Access-Control-Max-Age 600 Access-Control-Allow-Methods GET Content-Type text/javascript Access-Control-Allow-Origin * Cache-Control max-age=3600 Access-Control-Allow-Credentials false Accept-Ranges bytes Access-Control-Allow-Headers *
GET H/1.1	200 OK	pixel ads.yahoo.com/ Redirect Chain https://d.adroll.com/cm/r/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_con...	0 1 KB	118ms 34ms	Image text/plain	217.12.15.54 YAHOO-IRD
General Check archive.org Show headers Download Go to Show image Full URL https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Protocol HTTP/1.1 Server 217.12.15.54 , United Kingdom, ASN34010 (YAHOO-IRD, GB), Reverse DNS mpr2.ngd.vip.ir2.yahoo.com Software ATS / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:13 GMT Server ATS Age 0 Expect-CT max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" Strict-Transport-Security max-age=31536000 Public-Key-Pins-Report-Only max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only" Connection keep-alive Content-Length 0 Redirect headers Pragma no-cache Date Tue, 05 Jun 2018 14:51:13 GMT Server nginx/1.12.1 P3P CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" Location https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 248
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV https://x.bidswitch.net/sync?dsp_id=44&user_id=Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ	43 B 575 B	13ms 13ms	Image image/gif	18.153.11.23 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ Protocol HTTP/1.1 Server 18.153.11.23 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-153-11-23.eu-central-1.compute.amazonaws.com Software nginx/1.12.0 / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Tue, 05 Jun 2018 14:51:13 GMT Server nginx/1.12.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Keep-Alive timeout=10 Content-Length 43 Redirect headers Date Tue, 05 Jun 2018 14:51:13 GMT Server nginx/1.12.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Keep-Alive timeout=10 Content-Length 0
GET H/1.1	200 OK	pxj ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ%27)	0 591 B	23ms 8ms	Image text/html	37.252.172.40 AppNexus
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ%27) Protocol HTTP/1.1 Server 37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US), Reverse DNS 155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Jun 2018 14:51:15 GMT X-Proxy-Origin 148.251.45.254; 148.251.45.254; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.20:80 AN-X-Request-Uuid 5dab117a-8a65-405b-b8d0-b89c649f5d5e Server nginx/1.13.4 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Tue, 05 Jun 2018 14:51:13 GMT Server nginx/1.12.1 P3P CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" Location https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('Yzk5YzQxMGI5YzY4MGFmOTliZmVlMTNjMDljMmI3OWQ') Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Length 113
GET H/1.1	200 OK	377928.gif idsync.rlcdn.com/ Redirect Chain https://d.adroll.com/cm/l/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV https://idsync.rlcdn.com/377928.gif?partner_uid=c99c410b9c680af99bfee13c09c2b79d https://idsync.rlcdn.com/377928.gif?partner_uid=c99c410b9c680af99bfee13c09c2b79d&redirect=1	43 B 533 B	101ms 101ms	Image image/gif	52.201.84.35 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/377928.gif?partner_uid=c99c410b9c680af99bfee13c09c2b79d&redirect=1 Protocol HTTP/1.1 Server 52.201.84.35 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-52-201-84-35.compute-1.amazonaws.com Software / Resource Hash afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache, no-store Connection keep-alive P3P CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE" Content-Length 43 Content-Type image/gif; charset=ISO-8859-1 Redirect headers Location https://idsync.rlcdn.com/377928.gif?partner_uid=c99c410b9c680af99bfee13c09c2b79d&redirect=1 Expires Thu, 01 Jan 1970 00:00:00 GMT Cache-Control no-cache, no-store Connection keep-alive Content-Type image/gif; charset=ISO-8859-1 Content-Length 0 P3P CP: "NON DSP COR PSDo SAMo BUS IND UNI COM NAV INT POL PRE"
GET H/1.1	200 OK	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV https://us-u.openx.net/w/1.0/sd?id=537103138&val=c99c410b9c680af99bfee13c09c2b79d https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c99c410b9c680af99bfee13c09c2b79d	43 B 318 B	14ms 13ms	Image image/gif	173.241.240.143 OPENX TECHNOLOGIES
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c99c410b9c680af99bfee13c09c2b79d Protocol HTTP/1.1 Server 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US), Reverse DNS ox-173-241-240-143.xa.dc.openx.org Software OXGW/16.24.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Jun 2018 14:51:13 GMT Server OXGW/16.24.0 Vary Accept P3P CP="CUR ADM OUR NOR STA NID" Cache-Control private, max-age=0, no-cache Content-Type image/gif Content-Length 43 Expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers Location https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=c99c410b9c680af99bfee13c09c2b79d Date Tue, 05 Jun 2018 14:51:13 GMT Server OXGW/16.24.0 Content-Length 0 P3P CP="CUR ADM OUR NOR STA NID"
GET H/1.1	200 OK	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?advertisable=DJI3I3WGJBGL7PDJEDAYHV&google_nid=adroll5 https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=yZxBC5xoCvmb_uE8CcK3nQ&google_ula=1535926 https://d.adroll.com/cm/g/in?google_ula=1535926,0	35 B 503 B	40ms 35ms	Image image/gif	46.137.123.11 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in?google_ula=1535926,0 Protocol HTTP/1.1 Server 46.137.123.11 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-46-137-123-11.eu-west-1.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash ce4e964329e64bb7128c1c1d602433a744b48f6dbc1212e65b2b5184bd8c6617 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Pragma no-cache Date Tue, 05 Jun 2018 14:51:13 GMT Server nginx/1.12.1 P3P CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Content-Type image/gif Content-Length 35 X-Result g.-1.-1.1535926.0.-1 Redirect headers pragma no-cache date Tue, 05 Jun 2018 14:51:13 GMT server HTTP server (unknown) status 302 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://d.adroll.com/cm/g/in?google_ula=1535926,0 cache-control no-cache, must-revalidate content-type text/html; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 246 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	168037960209485 Show response connect.facebook.net/signals/config/	56 KB 13 KB	8ms 7ms	Script application/x-javascript	185.60.216.19 Facebook
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/168037960209485?v=2.8.15&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol SPDY Server 185.60.216.19 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS Software / Resource Hash ba04a5febacee9b33dee8bb745ffb6baa78f0238d206eefa0e6d2c221b674a5a Security Headers Name Value Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers content-security-policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm; content-encoding gzip x-content-type-options nosniff status 200 vary Origin, Accept-Encoding content-length 13439 x-xss-protection 0 pragma public x-fb-debug pOTQok8N8mhwaQhFAtk0snAWoaUibQsBdEiWdw2JYHOI6cC7vypF1kFzsuALlNU2Mc8DkJdEN0YLDYvfsCP8fQ== x-frame-options DENY date Tue, 05 Jun 2018 14:51:13 GMT strict-transport-security max-age=31536000; preload; includeSubDomains access-control-allow-methods OPTIONS content-type application/x-javascript; charset=utf-8 access-control-allow-origin https://connect.facebook.net access-control-expose-headers X-FB-Debug, X-Loader-Length cache-control public, max-age=1200 access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET S	200	/ www.facebook.com/tr/	44 B 248 B	14ms 11ms	Image image/gif	157.240.20.38 Facebook
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=168037960209485&ev=PageView&dl=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&rl=&if=false&ts=1528210273733&cd[segment_eid]=LO4TP2UD6JCT5HI4PCTLIH&sw=1600&sh=1200&v=2.8.15&r=stable&ec=0&o=29&it=1528210273700 Protocol SPDY Server 157.240.20.38 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US), Reverse DNS edge-star-z-mini-shv-02-frt3.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:13 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt content-type image/gif status 200 cache-control no-cache, must-revalidate, max-age=0 content-length 44 expires Tue, 05 Jun 2018 14:51:13 GMT
POST S	200	services Show response sumo.com/	1 MB 76 KB	283ms 279ms	XHR application/json	54.148.199.253 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://sumo.com/services Protocol SPDY Server 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-199-253.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash da6905ee943424935c2e88856c5384ead9b5b0a64cd60df45ab380e62f1aad52 Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com Content-Type application/x-www-form-urlencoded; charset=UTF-8 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-Sumo-Auth KnUEXmjzshgR1mtQowneG6tZ Response headers date Tue, 05 Jun 2018 14:51:14 GMT content-encoding gzip vary Origin, Accept-Encoding server nginx/1.12.1 status 200 x-frame-options SAMEORIGIN p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin https://www.sitepoint.com access-control-allow-credentials true content-type application/json; charset=utf-8
GET S	200	collect www.google-analytics.com/r/	35 B 111 B	19ms 16ms	Image image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/r/collect?v=1&_v=j68&a=774022032&t=event&ni=1&_s=9&dl=https%3A%2F%2Fwww.sitepoint.com%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&ul=en-us&de=UTF-8&dt=Anatomy%20of%20an%20Exploit%3A%20An%20In-depth%20Look%20at%20the%20Rails%20YAML%20Vulnerability%20%E2%80%94%20SitePoint&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Device&ea=Orientation&el=Landscape&_u=aHBACAADB~&jid=536314747&gjid=1369905147&cid=1141886411.1528210272&tid=UA-30131-1&_gid=542523363.1528210272&_r=1&cd2=ruby&_av=1.0.0&_au=26&did=i5iSjo&z=1874566384 Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:13 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	track track1.aniview.com/ Frame 7871	0 79 B	109ms 105ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=&cou=DE&cos=Linux&r=www.sitepoint.com&rs=www.sitepoint.com&sid=66140&t=1528210272&cip=148.251.45.254&sn=&tgt=0&osv=&bv=&brn=Chrome&wi=544&he=306&app=&AV_PUBLISHERID=5961f0e6073ef42d7843d002&test=&cb=56226617491&asid=5a5fbfab28a0617e26654433%7C5a55e8a828a06104010d3f5d&pid=5961f0e6073ef42d7843d002%7C5858ed930b8ee8851941a7bb&cid=5a30fb2728a06159ea245973%7C5a5fbf4928a061327368bfbd&h=fe29bd4157bc1931026c5fc3ad626247007459b5&e=unmute&cb=1528210272878 Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:13 GMT cache-control max-age=0, no-cache, no-store content-length 0
GET S	200	track track1.aniview.com/ Frame 7871	0 79 B	109ms 108ms	Image text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://track1.aniview.com/track?d=&cou=DE&cos=Linux&r=www.sitepoint.com&rs=www.sitepoint.com&sid=66140&t=1528210272&cip=148.251.45.254&sn=&tgt=0&osv=&bv=&brn=Chrome&wi=544&he=306&app=&AV_PUBLISHERID=5961f0e6073ef42d7843d002&test=&cb=56226617491&asid=5a5fbfab28a0617e26654433%7C5a55e8a828a06104010d3f5d&pid=5961f0e6073ef42d7843d002%7C5858ed930b8ee8851941a7bb&cid=5a30fb2728a06159ea245973%7C5a5fbf4928a061327368bfbd&h=fe29bd4157bc1931026c5fc3ad626247007459b5&e=mute&cb=1528210272878 Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:13 GMT cache-control max-age=0, no-cache, no-store content-length 0
POST S	204	csi csi.gstatic.com/	0 56 B	119ms 118ms	Other image/gif	74.125.126.94 Google LLC
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ji1sxthp&c=7238338180823504&e=21061508%2C21060610%2C21060697%2C21061300%2C22322687&ctx=1&met.9=1.2o9~1.2oc~2.2qt~7_4.1~7_5.1~7_6.1~8.0~3_4.388~4_4.3if~5_4.3ig~5_5.3ir~5_6.3iy~6_4.3o1~6_6.3oe~6_5.3rw&met.3=112.39w_1~113.3gu_1~157.3jy_1~157.3k1~155.3jm_f~132.3kw_1~157.3lv~157.3lv~132.3lu_1~132.3lv~132.3m2~132.3m8~132.3nb~132.3nc~157.3nm~157.3nr_8~157.3ny~132.3nl_d~132.3nz~415.3o1_1~130.3o2~415.3oe_1~132.3ow~132.3ox~132.3ox~157.3r5_a~157.3rg~157.3rg~143.3r3_n~132.3rp~415.3rv~130.3rw~132.3rw~132.3rz~132.3s3~132.3s4~132.3tu~132.3u5~157.3ui~157.3ui~157.3ui~143.3uh_3~132.3ut~132.3wi~132.3wx~157.3xf~157.3xf~157.3xf~143.3xe_2~132.3xo~132.3zb~132.3zp~157.409~157.409~157.409~143.408_1~132.40e~132.40v~132.422~132.42j~157.433~157.434~157.434~143.433_2~132.435~132.44u~132.45c~132.45x~157.45y~157.45y~157.45y~143.45x_2~132.47r~132.48a~132.48u~157.48v~157.48v~157.48v~143.48u_2~132.4an~132.4b2&met.1=1.ji1sxq7s~6.0~7.1~8.1~9.1~10.ev~11.4w~12.ev~13.1nt~14.24p~15.1zu~16.30o~17.30q~18.31c~19.3gh~20.3gh~21.3gl~22.2m8~23.2m8&qqid.4=CJ-25vPivNsCFZuJdwodCl0Lvw&qqid.5=CMHZ5fPivNsCFQEo4Aod1pQDwg&qqid.6=CK2k5fPivNsCFciWdwodJ10EpA Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/rum.js Protocol SPDY Server 74.125.126.94 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS ik-in-f94.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:14 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 status 204 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	service.js Show response sumo.b-cdn.net/virtual/88e9ca92de5ebe638f076d08f4e894d77cb62d28/client/js/156085c5-0017-4150-b225-a731ad248f38/	978 KB 301 KB	8ms 8ms	Script application/javascript	62.113.194.2 TTM
General Check archive.org Show headers Download Go to Full URL https://sumo.b-cdn.net/virtual/88e9ca92de5ebe638f076d08f4e894d77cb62d28/client/js/156085c5-0017-4150-b225-a731ad248f38/service.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol SPDY Server 62.113.194.2 , Germany, ASN47447 (TTM, DE), Reverse DNS Software BunnyCDN-DE1-367 / Resource Hash f344ed771358d56b0407052f650db362e0acab6109a6d7d7e69df9d5dd233e32 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:14 GMT content-encoding gzip last-modified Mon, 04 Jun 2018 21:13:36 GMT server BunnyCDN-DE1-367 vary Accept-Encoding p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control max-age=2592000 cdn-pullzone 31826 cdn-cachedat 2018-06-05 16:51:14 cdn-requestid de2487f279c8c68a945cd7239d8645de content-type application/javascript cdn-cache HIT expires Wed, 04 Jul 2018 21:16:11 GMT
GET S	200	services.js Show response sumo.b-cdn.net/virtual/84401f8f7c1adcecc60a24eec68b38bd3da0130d/client/js/services/	434 KB 134 KB	24ms 24ms	Script application/javascript	62.113.194.2 TTM
General Check archive.org Show headers Download Go to Full URL https://sumo.b-cdn.net/virtual/84401f8f7c1adcecc60a24eec68b38bd3da0130d/client/js/services/services.js Requested by Host: load.sumo.com URL: https://load.sumo.com/ Protocol SPDY Server 62.113.194.2 , Germany, ASN47447 (TTM, DE), Reverse DNS Software BunnyCDN-DE1-367 / Resource Hash ad3d597d021b5922957bf2fb93da558a15a58c7ea5eabfbbc4050d3f62e9ef84 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:14 GMT content-encoding gzip last-modified Wed, 16 May 2018 22:23:22 GMT server BunnyCDN-DE1-367 vary Accept-Encoding p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control max-age=2592000 cdn-pullzone 31826 cdn-cachedat 2018-06-05 16:51:14 cdn-requestid c994de2c29b5def47027d7110a8f6d82 content-type application/javascript cdn-cache HIT expires Fri, 15 Jun 2018 22:24:37 GMT
GET S	200	scroll sumo.com/apps/contentanalytics/	43 B 214 B	192ms 192ms	Image image/gif	54.200.150.117 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://sumo.com/apps/contentanalytics/scroll?site_id=64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300&last=&read=9&path=%2Fanatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability%2F&_=0.08177141401498522 Protocol SPDY Server 54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-200-150-117.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers status 200 date Tue, 05 Jun 2018 14:51:14 GMT server nginx/1.12.1 content-type image/gif content-length 43 x-frame-options SAMEORIGIN p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
GET S	200	listbuilder-popup.css sumo.b-cdn.net/virtual/89a2307c97386e5d690225cb803aa5bd7392bf2a/client/css/listbuilder/	1 MB 83 KB	12ms 11ms	Stylesheet text/css	62.113.194.2 TTM
General Check archive.org Show headers Download Go to Full URL https://sumo.b-cdn.net/virtual/89a2307c97386e5d690225cb803aa5bd7392bf2a/client/css/listbuilder/listbuilder-popup.css Requested by Host: sumo.b-cdn.net URL: https://sumo.b-cdn.net/virtual/84401f8f7c1adcecc60a24eec68b38bd3da0130d/client/js/services/services.js Protocol SPDY Server 62.113.194.2 , Germany, ASN47447 (TTM, DE), Reverse DNS Software BunnyCDN-DE1-367 / Resource Hash 6d3b05160df15279c3480896963c82c60e1cbdbd22e5cbb18b1b978ebb0658d1 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:14 GMT content-encoding gzip access-control-allow-origin * p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cdn-cachedat 2018-06-05 16:51:14 cdn-pullzone 31826 expires Sun, 17 Jun 2018 18:31:15 GMT last-modified Fri, 18 May 2018 18:30:37 GMT server BunnyCDN-DE1-367 vary Accept-Encoding content-type text/css cdn-cache HIT cdn-uid a61f2e95-f685-45ef-9e80-35f4adfb29cb cache-control max-age=2592000 cdn-requestid f4f93f56ac99988f179dc5a3397909d4 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Range access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Range
GET S	200	css fonts.googleapis.com/	2 KB 491 B	17ms 16ms	Stylesheet text/css	172.217.22.106 Google LLC
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800 Protocol SPDY Server 172.217.22.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f106.1e100.net Software ESF / Resource Hash 529519f78c116aecf89fba86148302132377cf3d5006d2396244902816d8c562 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers date Tue, 05 Jun 2018 14:51:14 GMT content-encoding gzip server ESF status 200 x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400 timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" x-xss-protection 1; mode=block expires Tue, 05 Jun 2018 14:51:14 GMT
OPTIONS S	204	features Show response sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/	0 258 B	191ms 190ms	XHR text/plain	54.148.199.253 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/features?site_id=64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300 Requested by Host: sumo.b-cdn.net URL: https://sumo.b-cdn.net/virtual/88e9ca92de5ebe638f076d08f4e894d77cb62d28/client/js/156085c5-0017-4150-b225-a731ad248f38/service.js Protocol SPDY Server 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-199-253.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method GET Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Access-Control-Request-Headers x-sumo-auth Response headers date Tue, 05 Jun 2018 14:51:15 GMT server nginx/1.12.1 access-control-allow-origin https://www.sitepoint.com access-control-max-age 2592000 access-control-allow-methods GET,HEAD,PUT,POST,DELETE status 204 access-control-allow-credentials true access-control-allow-headers pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
OPTIONS S	204	features Show response sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/	0 258 B	190ms 190ms	XHR text/plain	54.148.199.253 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/features?site_id=64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300 Requested by Host: sumo.b-cdn.net URL: https://sumo.b-cdn.net/virtual/88e9ca92de5ebe638f076d08f4e894d77cb62d28/client/js/156085c5-0017-4150-b225-a731ad248f38/service.js Protocol SPDY Server 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-199-253.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Access-Control-Request-Method GET Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Access-Control-Request-Headers x-sumo-auth Response headers date Tue, 05 Jun 2018 14:51:15 GMT server nginx/1.12.1 access-control-allow-origin https://www.sitepoint.com access-control-max-age 2592000 access-control-allow-methods GET,HEAD,PUT,POST,DELETE status 204 access-control-allow-credentials true access-control-allow-headers pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
GET S	200	features Show response sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/	1 KB 919 B	194ms 194ms	XHR application/json	54.148.199.253 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/features?site_id=64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300 Protocol SPDY Server 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-199-253.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 166c488e128c5b85f9c402e88ad8180baeaf7fc6acdc2757afaaaa2d47ba238b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-Sumo-Auth KnUEXmjzshgR1mtQowneG6tZ Response headers date Tue, 05 Jun 2018 14:51:15 GMT content-encoding gzip vary Origin, Accept-Encoding server nginx/1.12.1 status 200 etag "-92617450" x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://www.sitepoint.com access-control-allow-credentials true x-robots-tag noindex, nofollow
GET S	200	features Show response sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/	1 KB 920 B	205ms 205ms	XHR application/json	54.148.199.253 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://sumo.com/api/site/64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300/features?site_id=64b8e500e3524000ecfa2000d01e2100033e83009398f000ab804c005e0e4300 Protocol SPDY Server 54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-199-253.us-west-2.compute.amazonaws.com Software nginx/1.12.1 / Resource Hash 166c488e128c5b85f9c402e88ad8180baeaf7fc6acdc2757afaaaa2d47ba238b Security Headers Name Value X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 X-Sumo-Auth KnUEXmjzshgR1mtQowneG6tZ Response headers date Tue, 05 Jun 2018 14:51:15 GMT content-encoding gzip vary Origin, Accept-Encoding server nginx/1.12.1 status 200 etag "-92617450" x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin https://www.sitepoint.com access-control-allow-credentials true x-robots-tag noindex, nofollow
POST H/1.1	200 OK	admin-ajax.php Show response www.sitepoint.com/wp-admin/	751 B 1 KB	451ms 451ms	XHR text/html	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-admin/admin-ajax.php Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/wp-content/themes/sitepoint/assets/javascripts/scripts-foot-05d11a1c786bcae1cfb038c489b29193.js?ver=4.9.6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash 4757ba81f5d8ad0b7640a4f3d59e8078d8c0d0546671b3bae3ce4df161e41809 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Pragma no-cache Origin https://www.sitepoint.com Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept */* Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __gads=ID=1f176934f476b667:T=1528210273:S=ALNI_MasjIuZuS5AIPKK0TRnx21Jx8mo8Q; __smToken=KnUEXmjzshgR1mtQowneG6tZ; __ar_v4=%7CDJI3I3WGJBGL7PDJEDAYHV%3A20180605%3A1%7C4RKMV6N56FGA7ANPGL4FQW%3A20180605%3A1%7CLO4TP2UD6JCT5HI4PCTLIH%3A20180605%3A1; _gat=1; GED_PLAYLIST_ACTIVITY=W3sidSI6Imtuam4iLCJ0c2wiOjE1MjgyMTAyNzcsIm52IjoxLCJ1cHQiOjE1MjgyMTAyNzMsImx0IjoxNTI4MjEwMjczfV0. Connection keep-alive Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Content-Length 687 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 05 Jun 2018 14:51:17 GMT referrer-policy server Apache/2.4.10 (Debian) X-Powered-By Express x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.sitepoint.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-robots-tag noindex Vary X-Forwarded-Proto,Accept-Encoding Content-Length 751 x-content-type-options nosniff expires Wed, 11 Jan 1984 05:00:00 GMT
POST H/1.1	200 OK	admin-ajax.php Show response www.sitepoint.com/wp-admin/	0 505 B	337ms 337ms	XHR text/html	54.148.84.95 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://www.sitepoint.com/wp-admin/admin-ajax.php Requested by Host: www.sitepoint.com URL: https://www.sitepoint.com/wp-content/themes/sitepoint/assets/javascripts/scripts-foot-05d11a1c786bcae1cfb038c489b29193.js?ver=4.9.6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.148.84.95 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-54-148-84-95.us-west-2.compute.amazonaws.com Software Apache/2.4.10 (Debian) / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Pragma no-cache Origin https://www.sitepoint.com Accept-Encoding gzip, deflate Host www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept */* Cache-Control no-cache X-Requested-With XMLHttpRequest Cookie __gads=ID=1f176934f476b667:T=1528210273:S=ALNI_MasjIuZuS5AIPKK0TRnx21Jx8mo8Q; __smToken=KnUEXmjzshgR1mtQowneG6tZ; __ar_v4=%7CDJI3I3WGJBGL7PDJEDAYHV%3A20180605%3A1%7C4RKMV6N56FGA7ANPGL4FQW%3A20180605%3A1%7CLO4TP2UD6JCT5HI4PCTLIH%3A20180605%3A1; _gat=1; GED_PLAYLIST_ACTIVITY=W3sidSI6Imtuam4iLCJ0c2wiOjE1MjgyMTAyNzcsIm52IjoxLCJ1cHQiOjE1MjgyMTAyNzMsImx0IjoxNTI4MjEwMjczfV0. Connection keep-alive Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Content-Length 627 Accept */* Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 05 Jun 2018 14:51:17 GMT referrer-policy server Apache/2.4.10 (Debian) X-Powered-By Express x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://www.sitepoint.com cache-control no-cache, must-revalidate, max-age=0 access-control-allow-credentials true x-robots-tag noindex Vary X-Forwarded-Proto, Accept-Encoding Content-Length 0 x-content-type-options nosniff expires Wed, 11 Jan 1984 05:00:00 GMT
POST S	200	track Show response track1.aniview.com/ Frame 7871	0 102 B	300ms 100ms	XHR text/plain	54.88.84.54 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://track1.aniview.com/track?d=&cou=DE&cos=Linux&r=www.sitepoint.com&rs=www.sitepoint.com&sid=66140&t=1528210272&cip=148.251.45.254&sn=&tgt=0&osv=&bv=&brn=Chrome&wi=544&he=306&app=&AV_PUBLISHERID=5961f0e6073ef42d7843d002&test=&cb=56226617491 Requested by Host: player.aniview.com URL: https://player.aniview.com/script/6.1/AVmanager.js Protocol SPDY Server 54.88.84.54 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US), Reverse DNS ec2-54-88-84-54.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ Origin https://www.sitepoint.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers status 200 date Tue, 05 Jun 2018 14:51:18 GMT cache-control max-age=0, no-cache, no-store access-control-allow-origin * content-length 0
GET H/1.1	200 OK	15272112821518456468397-1024x1024-255x320-1000x1000.png dab1nmslvvntp.cloudfront.net/wp-content/uploads/2018/05/	200 KB 201 KB	7ms 7ms	Image image/png	216.137.61.196 Amazon.com
General Check archive.org Show headers Download Go to Show image Full URL https://dab1nmslvvntp.cloudfront.net/wp-content/uploads/2018/05/15272112821518456468397-1024x1024-255x320-1000x1000.png Protocol HTTP/1.1 Server 216.137.61.196 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS server-216-137-61-196.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 7958b6604f54228abaff5255213650779b1dc8b87d31ad24c3b86a32b3618ea4 Request headers Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Response headers Date Mon, 28 May 2018 01:29:47 GMT Via 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront) Last-Modified Fri, 25 May 2018 01:23:41 GMT Server AmazonS3 Age 47710 ETag "6fb4f4cad4e3efa55f9bc37e8c85dd92" x-amz-meta-sp_image_process_version 0.0.2 X-Cache Hit from cloudfront Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 205293 x-amz-meta-sp_image_process_etag "5bf6bedce39780421f17b973cb684070" X-Amz-Cf-Id UlOgQeV-GdEk4Ol3wcR8FXNvUpWqjBhVw9L-WTV8tTpNn3U3okOyoA==
POST S	200	collect www.google-analytics.com/	35 B 111 B	14ms 13ms	Other image/gif	172.217.22.110 Google LLC
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/collect Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol SPDY Server 172.217.22.110 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s18-in-f110.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Cache-Control max-age=0 Origin https://www.sitepoint.com Referer https://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 05 Jun 2018 14:51:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 status 200 content-type image/gif access-control-allow-origin https://www.sitepoint.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true alt-svc quic=":443"; ma=2592000; v="43,42,41,39,35" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT