infosec.mozilla.org Open in urlscan Pro
2600:9000:206f:fc00:c:1499:bd40:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://infosec.mozilla.org/guidelines/web_security
Submission: On January 01 via manual (January 1st 2022, 8:19:28 am UTC) from IN — Scanned from DE

Summary HTTP 15 Redirects Links 50 Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2600:9000:206f:fc00:c:1499:bd40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is infosec.mozilla.org.
TLS certificate: Issued by Amazon on October 23rd 2021. Valid for: a year.

This is the only time infosec.mozilla.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
15	2600:9000:206... 2600:9000:206f:fc00:c:1499:bd40:93a1		16509 (AMAZON-02) (AMAZON-02)
15	2

15 2600:9000:206f:fc00:c:1499:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)

infosec.mozilla.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	mozilla.org infosec.mozilla.org	293 KB
0	Failed function sub() { [native code] }. Failed
15	2

	Domain	Requested by
15	infosec.mozilla.org	infosec.mozilla.org
0	truncated Failed	infosec.mozilla.org
15	2

This site contains links to these domains. Also see Links.

Domain
www.mozilla.org
github.com
wiki.mozilla.org
mozilla.github.io
hstspreload.org
developer.mozilla.org
tools.ietf.org
noncombatant.org
scotthelme.co.uk
www.html5rocks.com
www.w3.org
csp-evaluator.withgoogle.com
www.contributejson.org
w3c.github.io
www.adobe.com
msdn.microsoft.com
en.wikipedia.org
cheatsheetseries.owasp.org
example.com
www.robotstxt.org
www.srihash.org
www.owasp.org
twitter.com
www.facebook.com
www.youtube.com

Subject Issuer	Validity	Valid
infosec.mozilla.org Amazon	`2021-10-23` - `2022-11-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://infosec.mozilla.org/guidelines/web_security
Frame ID: EC1785699CD9A6DFEB9E6C5E83413CF6
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Web Security

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

293 kB
Transfer

480 kB
Size

0
Cookies

50 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mozilla.org/
Title: Mozilla

Search URL Search Domain Scan URL

URL: https://github.com/mozilla/infosec.mozilla.org/blob/master/docs/guidelines/web_security.md
Title: Improve this document

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/firefox/products/
Title: Discover Firefox

Search URL Search Domain Scan URL

URL: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
Title: Intermediate

Search URL Search Domain Scan URL

URL: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
Title: Mozilla modern TLS configuration

Search URL Search Domain Scan URL

URL: https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_(default)
Title: Mozilla intermediate TLS configuration

Search URL Search Domain Scan URL

URL: https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility
Title: Mozilla backwards compatible TLS configuration

Search URL Search Domain Scan URL

URL: https://wiki.mozilla.org/Security/Server_Side_TLS
Title: Mozilla Server Side TLS Guidelines

Search URL Search Domain Scan URL

URL: https://mozilla.github.io/server-side-tls/ssl-config-generator/
Title: Mozilla Server Side TLS Configuration Generator

Search URL Search Domain Scan URL

URL: https://hstspreload.org/
Title: HSTS preload list

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/docs/Web/Security/HTTP_strict_transport_security
Title: MDN on HTTP Strict Transport Security

Search URL Search Domain Scan URL

URL: https://tools.ietf.org/html/rfc6797
Title: RFC6797: HTTP Strict Transport Security (HSTS)

Search URL Search Domain Scan URL

URL: https://noncombatant.org/2015/05/01/about-http-public-key-pinning/
Title: About Public Key Pinning

Search URL Search Domain Scan URL

URL: https://scotthelme.co.uk/hpkp-toolset/
Title: The HPKP Toolset

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Security/MixedContent
Title: MDN on Mixed Content

Search URL Search Domain Scan URL

URL: https://www.html5rocks.com/en/tutorials/security/content-security-policy/
Title: An Introduction to Content Security Policy

Search URL Search Domain Scan URL

URL: https://www.w3.org/TR/CSP2/
Title: Content Security Policy Level 2 Standard

Search URL Search Domain Scan URL

URL: https://csp-evaluator.withgoogle.com/
Title: Google CSP Evaluator

Search URL Search Domain Scan URL

URL: https://www.contributejson.org/
Title: The contribute.json Standard

Search URL Search Domain Scan URL

URL: https://tools.ietf.org/html/rfc6265
Title: RFC 6265 (HTTP Cookies)

Search URL Search Domain Scan URL

URL: https://tools.ietf.org/html/draft-west-cookie-prefixes
Title: HTTP Cookie Prefixes

Search URL Search Domain Scan URL

URL: https://tools.ietf.org/html/draft-west-first-party-cookies-07
Title: Same-site Cookies

Search URL Search Domain Scan URL

URL: https://w3c.github.io/webappsec-cors-for-developers/
Title: CORS for Developers

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
Title: MDN on HTTP access control (CORS)

Search URL Search Domain Scan URL

URL: https://www.adobe.com/devnet/adobe-media-server/articles/cross-domain-xml-for-streaming.html
Title: Adobe on Setting crossdomain.xml

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/library/cc197955%28v=vs.95%29.aspx
Title: Microsoft on Setting clientaccesspolicy.xml

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/CAPTCHA
Title: CAPTCHA

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Cross-site_request_forgery#Prevention
Title: Wikipedia on CRSF Attacks and Prevention

Search URL Search Domain Scan URL

URL: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
Title: OWASP CSRF Prevention Cheat Sheet

Search URL Search Domain Scan URL

URL: https://example.com/page.html
Title: https://example.com/page.html

Search URL Search Domain Scan URL

URL: https://example.com/
Title: https://example.com/

Search URL Search Domain Scan URL

URL: https://w3c.github.io/webappsec-referrer-policy/#referrer-policy-same-origin
Title: Referrer Policy standard

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
Title: MDN on Referrer Policy

Search URL Search Domain Scan URL

URL: https://www.robotstxt.org/robotstxt.html
Title: About robots.txt

Search URL Search Domain Scan URL

URL: https://www.srihash.org/
Title: SRI Hash Generator

Search URL Search Domain Scan URL

URL: https://w3c.github.io/webappsec-subresource-integrity/
Title: Subresource Integrity W3C Standard

Search URL Search Domain Scan URL

URL: https://msdn.microsoft.com/en-us/library/gg622941%28v=vs.85%29.aspx
Title: Microsoft on Reducing MIME Type Security Risks

Search URL Search Domain Scan URL

URL: https://developer.mozilla.org/en-US/docs/Web/HTTP/X-Frame-Options
Title: MDN on X-Frame-Options

Search URL Search Domain Scan URL

URL: https://www.w3.org/TR/CSP2/#directive-frame-ancestors
Title: CSP standard on ‘frame-ancestors’

Search URL Search Domain Scan URL

URL: https://www.owasp.org/index.php/Clickjacking_Defense_Cheat_Sheet
Title: OWASP Clickjacking Defense Cheat Sheet

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/foundation/licensing/website-content/
Title: Creative Commons license

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/privacy/
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.mozilla.org/privacy/websites/#cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: https://twitter.com/mozillaSecurity
Title: Twitter (@mozillaSecurity)

Search URL Search Domain Scan URL

URL: https://twitter.com/mozilla
Title: Twitter (@mozilla)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mozilla
Title: Facebook (Mozilla)

Search URL Search Domain Scan URL

URL: https://twitter.com/firefox
Title: Twitter (@firefox)

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Firefox
Title: Facebook (Firefox)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/firefoxchannel
Title: YouTube (firefoxchannel)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request web_security Show response
infosec.mozilla.org/guidelines/ 74 KB
18 KB 79ms
37ms Document
text/html 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/guidelines/web_security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

61f4962cb7249d7fe40e57308f02232cff34bc2970e141630cdea6b69419e91e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
content-length: 17798
server: GitHub.com
permissions-policy: interest-cohort=()
last-modified: Mon, 20 Dec 2021 18:58:26 GMT
access-control-allow-origin: *
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 2C14:6A40:14A7D7A:154F91A:61C5EF7A
accept-ranges: bytes
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-served-by: cache-hhn4052-HHN
x-cache-hits: 0
x-timer: S1640361850.058448,VS0,VE89
x-fastly-request-id: d34e03fe3a3a5d36021a132ff304cf9b4708661d
date: Sat, 01 Jan 2022 08:15:16 GMT
cache-control: max-age=600
expires: Sat, 01 Jan 2022 08:25:16 GMT
etag: W/"61c0d252-12733"
vary: Accept-Encoding
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: vJ_D95kijeHQ45xKzl-OCRKaJpTRaC7iw3sTmdsic3072uscmEAbbw==
age: 248

GET
H2 200 jquery-1.12.4.min.js Show response
infosec.mozilla.org/assets/js/ 95 KB
34 KB 33ms
32ms Script
application/javascript 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/js/jquery-1.12.4.min.js

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/guidelines/web_security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/guidelines/web_security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 07a14eb6f5af78ce348631e841aada8db9fa8121
date: Sat, 01 Jan 2022 08:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 33997
x-xss-protection: 1; mode=block
x-served-by: cache-fra19178-FRA
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: C4C2:7BB9:15B7472:165CACF:61CE8B39
x-timer: S1640926009.484717,VS0,VE90
x-frame-options: DENY
etag: W/"61c0d24e-17b8b"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: ix9nOlK-WggVZmEBcbf-FxWMXsRCHp9JNtap32Cx4xU1C3EMa6nJQg==
expires: Sat, 01 Jan 2022 08:25:16 GMT

GET
H2 200 anchor.min.js Show response
infosec.mozilla.org/assets/js/ 5 KB
3 KB 38ms
37ms Script
application/javascript 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/js/anchor.min.js

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/guidelines/web_security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

95969184aae2df9032252ca95d7b38a3a38f1536d3994a25b416c309b7737a08

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/guidelines/web_security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 2df147cefbde294aa81e1411701e376f874def00
date: Sat, 01 Jan 2022 08:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 2469
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4059-HHN
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: 2552:1FD2:218D6AD:229939F:61CC2489
x-timer: S1640768650.967150,VS0,VE87
x-frame-options: DENY
etag: W/"61c0d24e-150d"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: GGPG9_tc-kgSgAmqg_YOoGjtzSsqZHX_cTNrbRO10FE8VPb3gNJ4Pw==
expires: Sat, 01 Jan 2022 08:25:16 GMT

GET
H2 200 anchor.js Show response
infosec.mozilla.org/assets/js/ 189 B
1 KB 42ms
41ms Script
application/javascript 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/js/anchor.js

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/guidelines/web_security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e0fa6d34bc92de2b1f6938b1f7e4757e882af8aaf8c65ad128cb844afefc6221

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/guidelines/web_security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 1a16150d499417b8f08c00927ee1c79d00b6ecad
date: Sat, 01 Jan 2022 08:15:16 GMT
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 248
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 189
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4083-HHN
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: 889A:12F8F:13F9596:1501940:61CBFB3A
x-timer: S1640768650.970301,VS0,VE88
x-frame-options: DENY
etag: "61c0d24e-bd"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-amz-cf-id: JTJpVUzcXByqcCs-W6ofO6OGldKLsfF4U4LVXSQmsx49yHtdCwN_wA==
expires: Sat, 01 Jan 2022 08:25:16 GMT

GET
H2 200 style.css
infosec.mozilla.org/assets/css/ 68 KB
13 KB 39ms
39ms Stylesheet
text/css 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/guidelines/web_security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

0cc2f14831ebe0d874cf153bbe6753ec2813cf6a72bfd11be97f0b9d448af910

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/guidelines/web_security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: a3216c7a5d9d32334dbec1478ee5bf1331a42f29
date: Sat, 01 Jan 2022 08:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 12078
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4033-HHN
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 18:58:26 GMT
server: GitHub.com
x-github-request-id: 5502:43F5:5C46B:686B3:61CC2489
x-timer: S1640768650.985586,VS0,VE89
x-frame-options: DENY
etag: W/"61c0d252-111a3"
strict-transport-security: max-age=63072000
content-type: text/css; charset=utf-8
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: 1F-oiPrBc2QLmvyugPwvxNbT_MD7vDg1LDHBH_DxYGjUPQIEZQdrUQ==
expires: Sat, 01 Jan 2022 08:25:16 GMT

GET
H2 200 jquery.tablesorter.min.js Show response
infosec.mozilla.org/assets/js/ 30 KB
11 KB 48ms
47ms Script
application/javascript 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/js/jquery.tablesorter.min.js

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/guidelines/web_security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

f657fdef7a21c246cd57ae1736f47f8045a1b90148ac3a3d762fbaea67f2d7a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/guidelines/web_security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 59b42aa5d196f65b880910f9fc75c98763c4a414
date: Sat, 01 Jan 2022 08:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 10537
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4083-HHN
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: 9F76:529B:7C043C:81CC6D:61C5EA40
x-timer: S1640361850.416586,VS0,VE88
x-frame-options: DENY
etag: W/"61c0d24e-78b7"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: TuSMGEOjLVNwTcS3TpYKbifey9W4R2YUXXzEE5HLzR6hfF_t8KBG6A==
expires: Sat, 01 Jan 2022 08:25:16 GMT

GET
H2 200 sortable.js Show response
infosec.mozilla.org/assets/js/ 87 B
983 B 26ms
26ms Script
application/javascript 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/js/sortable.js

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/guidelines/web_security

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

f806253a9a369322f27e502eeb175ca39196ed334d6524287d072fc80af98f47

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/guidelines/web_security
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 6c061466e0bccf5bd74ecc474d49d64f8cdab4fa
date: Sat, 01 Jan 2022 08:15:16 GMT
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 248
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 87
x-xss-protection: 1; mode=block
x-served-by: cache-fra19181-FRA
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: D96A:5FE9:3B92D7:3EA2B8:61C62756
x-timer: S1640380818.370942,VS0,VE87
x-frame-options: DENY
etag: "61c0d24e-57"
strict-transport-security: max-age=63072000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-amz-cf-id: czpYnwjcezQaol44zJAwgfYyNrOpVR-p0rE8QJetl1vYMzMpSOaj4A==
expires: Sat, 01 Jan 2022 08:25:16 GMT

GET
H2 200 mozilla-wordmark-black.svg
infosec.mozilla.org/assets/images/ 1 KB
2 KB 25ms
25ms Image
image/svg+xml 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.mozilla.org/assets/images/mozilla-wordmark-black.svg

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

2def4c73a165fe4ab8d91f2b0df09a626783288aebe1f03f3341daa6deb6c640

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 89ab05fa4ce4de7a38b96a2fbe37d3f3825d420a
date: Sat, 01 Jan 2022 08:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 698
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4028-HHN
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: 0FB8:7BB9:8B3618:8F7DF1:61CC248A
x-timer: S1640768650.427986,VS0,VE94
x-frame-options: DENY
etag: W/"61c0d24e-536"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: pShlRU7RCL8sl_0MLwPDpfzl4QiSAZ80luSku1Es_V4_GJ15YMr9AA==
expires: Sat, 01 Jan 2022 08:25:17 GMT

GET
H2 200 icon-sprite.svg
infosec.mozilla.org/assets/images/ 3 KB
2 KB 45ms
45ms Image
image/svg+xml 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.mozilla.org/assets/images/icon-sprite.svg

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

8f8e5410015456e3d2264428492a6408def7020893305af0a1034f3b120d5e09

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 2ae90c01d444732f05958b2c491f16a8de909b6d
date: Sat, 01 Jan 2022 08:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 820
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4073-HHN
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: 29D8:30F2:2DF1DA:2FF7D6:61CC248A
x-timer: S1640768650.423082,VS0,VE83
x-frame-options: DENY
etag: W/"61c0d24e-a9e"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-amz-cf-id: YBTsmRWotIOQX78jC0jhG8jjCDsg8kCpQMH2EOFJk7SOm9_whFlViw==
expires: Sat, 01 Jan 2022 08:25:17 GMT

GET
H2 200 bg_hr.png
infosec.mozilla.org/assets/images/ 78 B
941 B 23ms
23ms Image
image/png 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.mozilla.org/assets/images/bg_hr.png

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

8c30c50585ab8049ea41a4d6726da8b8b07b7fc0f3d1896dbbd813d0a43fe6c5

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 384d94358cd224efce6ca2e2bc983a0f5c64cd88
date: Sat, 01 Jan 2022 08:15:17 GMT
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 247
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 78
x-xss-protection: 1; mode=block
x-served-by: cache-fra19177-FRA
last-modified: Thu, 09 Dec 2021 19:31:45 GMT
server: GitHub.com
x-github-request-id: 51CC:B4F9:11A618E:1283717:61CC0F04
x-timer: S1640768650.423788,VS0,VE99
x-frame-options: DENY
etag: "61b259a1-4e"
strict-transport-security: max-age=63072000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: JkluHAWKS3oUS9jMQZdyhavnAU6xqSfifvELViPklYlU8pHG6NjtoQ==
expires: Sat, 01 Jan 2022 02:47:47 GMT

GET
H2 200 opensans-regular.woff2
infosec.mozilla.org/assets/fonts/ 46 KB
47 KB 204ms
203ms Font
font/woff2 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/fonts/opensans-regular.woff2

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

1f6ac6841c0f0a3c1d39139d1448f8ed33095bf423c6fdb9df13704364bb35e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
Origin: https://infosec.mozilla.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 49af6f7431609a2a97e42fd8ef76cfe7892abc88
date: Sat, 01 Jan 2022 08:19:24 GMT
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 47112
x-xss-protection: 1; mode=block
x-served-by: cache-fra19150-FRA
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: BF8C:529B:9190AE:987BE2:61C687FE
x-timer: S1640400895.669511,VS0,VE84
x-frame-options: DENY
etag: "61c0d24e-b808"
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-amz-cf-id: dtW_Lyt4I8V89przPcefrG6WnjIWPkRCFF_5RSYejg2kpxWr_mCfqQ==
expires: Sat, 01 Jan 2022 08:29:24 GMT

GET
H2 200 opensans-italic.woff2
infosec.mozilla.org/assets/fonts/ 48 KB
49 KB 144ms
143ms Font
font/woff2 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/fonts/opensans-italic.woff2

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

96b84facd684e830b50b9d38401245df805f4b5c00617c34331cee1eaea82224

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
Origin: https://infosec.mozilla.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 5e8fcd1de9c495ad0c90063b94a0a6cd510c6fff
date: Sat, 01 Jan 2022 08:19:24 GMT
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 48808
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4037-HHN
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: 2458:3CCE:1CABE42:1DA2468:61CBFB3A
x-timer: S1640758075.689027,VS0,VE88
x-frame-options: DENY
etag: "61c0d24e-bea8"
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: vGyb7qjkwpa50vaxCEh2WPuKXJXT7n6cAPUmq019IJmpHVAeYXqJjg==
expires: Sat, 01 Jan 2022 08:29:24 GMT

GET
H2 200 ZillaSlab-Bold.woff2
infosec.mozilla.org/assets/fonts/ 57 KB
58 KB 132ms
131ms Font
font/woff2 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/fonts/ZillaSlab-Bold.woff2

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

7cce0971bb6d3a87be99755907128aff6672154fbeaa70640e065225fd4dc2a0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
Origin: https://infosec.mozilla.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 3828127951ceb42897166202da7baedeb3e28b9d
date: Sat, 01 Jan 2022 08:19:24 GMT
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 58244
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4030-HHN
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: C0D2:9D2F:2CAEEDF:2E0F5C9:61CE6BAC
x-timer: S1640917932.043145,VS0,VE89
x-frame-options: DENY
etag: "61c0d24e-e384"
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
accept-ranges: bytes
x-proxy-cache: MISS
x-amz-cf-id: 3CmMq8ExzXYO1RFxTtl8yWxicPleYbPGAVZDlkRutLb977hSlvNCHg==
expires: Sat, 01 Jan 2022 08:29:24 GMT

GET
H2 200 opensans-bold.woff2
infosec.mozilla.org/assets/fonts/ 52 KB
52 KB 124ms
124ms Font
font/woff2 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://infosec.mozilla.org/assets/fonts/opensans-bold.woff2

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

d4bb0f643b99a83ff115de9d66a5e89de36a17ef7e4ad6263c49ce61b6e9f808

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
Origin: https://infosec.mozilla.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 2766f7484813587d785fff7d497f3e5ef621c8a6
date: Sat, 01 Jan 2022 08:19:24 GMT
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 52788
x-xss-protection: 1; mode=block
x-served-by: cache-fra19135-FRA
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: 38AE:43F7:1616A2:1700EF:61CBFB3A
x-timer: S1640758075.975222,VS0,VE84
x-frame-options: DENY
etag: "61c0d24e-ce34"
strict-transport-security: max-age=63072000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-amz-cf-id: C8Z2W6Lpd-j31lkE4vud8_7Ce0rkXUW_31tk8Zg9laZVCrpANttxKA==
expires: Sat, 01 Jan 2022 06:52:37 GMT

GET
H2 200 mozilla-wordmark-white.svg
infosec.mozilla.org/assets/images/ 1 KB
2 KB 27ms
26ms Image
image/svg+xml 2600:9000:206f:fc00:c:1499:bd40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://infosec.mozilla.org/assets/images/mozilla-wordmark-white.svg

Requested by

Host: infosec.mozilla.org
URL: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:fc00:c:1499:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

d3e8b4cf3413e0ac282cde2d466890d74cd32a30d295c255f811fbe1d515c930

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://infosec.mozilla.org/assets/css/style.css?v=e7fc46fb34f4052acfc6d554fdb9e777d2bbcee1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-fastly-request-id: 05e0ee3767400a7dca57f4692569cbff831b3998
date: Sat, 01 Jan 2022 08:15:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
x-cache: Hit from cloudfront
x-cache-hits: 0
vary: Accept-Encoding
content-length: 698
x-xss-protection: 1; mode=block
x-served-by: cache-fra19158-FRA
access-control-allow-origin: *
last-modified: Mon, 20 Dec 2021 18:58:22 GMT
server: GitHub.com
x-github-request-id: DCA4:E63B:2568B4B:269CC55:61CC248A
x-timer: S1640768650.469630,VS0,VE83
x-frame-options: DENY
etag: W/"61c0d24e-536"
strict-transport-security: max-age=63072000
content-type: image/svg+xml
via: 1.1 varnish, 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600
permissions-policy: interest-cohort=()
content-security-policy: default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-amz-cf-id: jR3KeUwF2LKpcfeYHdafbexLCjR6iN__4s2ez8hRhnyKSTcZlFmpEA==
expires: Sat, 01 Jan 2022 08:25:17 GMT

GET truncated
/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: truncated
URL: data:truncated

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| AnchorJS object| anchors

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security	error	URL: https://infosec.mozilla.org/guidelines/web_security Message: Refused to load the font 'data:n/a;base64,AAEAAAALAIAAAwAwT1MvMg8yG2cAAAE4AAAAYGNtYXDp3gC3AAABpAAAAExnYXNwAAAAEAAAA9wAAAAIZ2x5ZlQCcfwAAAH4AAABCGhlYWQHFvHyAAAAvAAAADZoaGVhBnACFwAAAPQAAAAkaG10eASAADEAAAGYAAAADGxvY2EACACEAAAB8AAAAAhtYXhwAAYAVwAAARgAAAAgbmFtZQGOH9cAAAMAAAAAunBvc3QAAwAAAAADvAAAACAAAQAAAAEAAHzE2p9fDzz1AAkEAAAAAADRecUWAAAAANQA6R8AAAAAAoACwAAAAAgAAgAAAAAAAAABAAADwP/AAAACgAAA/9MCrQABAAAAAAAAAAAAAAAAAAAAAwABAAAAAwBVAAIAAAAAAAIAAAAAAAAAAAAAAAAAAAAAAAMCQAGQAAUAAAKZAswAAACPApkCzAAAAesAMwEJAAAAAAAAAAAAAAAAAAAAARAAAAAAAAAAAAAAAAA...cWFAcHBgYjARQGDAUtLXoWOR8fORYtLTgKGwoKCjgaGg0gEhIgDXoaGgkJBQwHdR85Fi0tOAobCgoKOBoaDSASEiANehoaCQkKGwotLXoWOR8BMwUFLYEuehYXFxYugC44CQkKGwo4GkoaDQ0NDXoaShoKGwoFBe8XFi6ALjgJCQobCjgaShoNDQ0NehpKGgobCgoKLYEuehYXAAAADACWAAEAAAAAAAEACAAAAAEAAAAAAAIAAwAIAAEAAAAAAAMACAAAAAEAAAAAAAQACAAAAAEAAAAAAAUAAQALAAEAAAAAAAYACAAAAAMAAQQJAAEAEAAMAAMAAQQJAAIABgAcAAMAAQQJAAMAEAAMAAMAAQQJAAQAEAAMAAMAAQQJAAUAAgAiAAMAAQQJAAYAEAAMYW5jaG9yanM0MDBAAGEAbgBjAGgAbwByAGoAcwA0ADAAMABAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAH//wAP' because it violates the following Content Security Policy directive: "font-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self'; img-src 'self'; font-src 'self'; style-src 'self' 'sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU='; object-src 'self'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

infosec.mozilla.org
truncated
truncated
2600:9000:206f:fc00:c:1499:bd40:93a1
0cc2f14831ebe0d874cf153bbe6753ec2813cf6a72bfd11be97f0b9d448af910
1f6ac6841c0f0a3c1d39139d1448f8ed33095bf423c6fdb9df13704364bb35e0
2def4c73a165fe4ab8d91f2b0df09a626783288aebe1f03f3341daa6deb6c640
61f4962cb7249d7fe40e57308f02232cff34bc2970e141630cdea6b69419e91e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7cce0971bb6d3a87be99755907128aff6672154fbeaa70640e065225fd4dc2a0
8c30c50585ab8049ea41a4d6726da8b8b07b7fc0f3d1896dbbd813d0a43fe6c5
8f8e5410015456e3d2264428492a6408def7020893305af0a1034f3b120d5e09
95969184aae2df9032252ca95d7b38a3a38f1536d3994a25b416c309b7737a08
96b84facd684e830b50b9d38401245df805f4b5c00617c34331cee1eaea82224
d3e8b4cf3413e0ac282cde2d466890d74cd32a30d295c255f811fbe1d515c930
d4bb0f643b99a83ff115de9d66a5e89de36a17ef7e4ad6263c49ce61b6e9f808
e0fa6d34bc92de2b1f6938b1f7e4757e882af8aaf8c65ad128cb844afefc6221
f657fdef7a21c246cd57ae1736f47f8045a1b90148ac3a3d762fbaea67f2d7a5
f806253a9a369322f27e502eeb175ca39196ed334d6524287d072fc80af98f47

infosec.mozilla.org Open in urlscan Pro 2600:9000:206f:fc00:c:1499:bd40:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

293 kBTransfer

480 kBSize

0 Cookies

50 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Security Headers

Indicators

infosec.mozilla.org Open in urlscan Pro
2600:9000:206f:fc00:c:1499:bd40:93a1 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

293 kB
Transfer

480 kB
Size

0
Cookies

15 HTTP transactions
1 data transactions