urlscan.io logo urlscan.io
SecurityTrails logo

blog.skylight.org Open in urlscan Pro
54.194.170.100  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ok.com/sonarapi=3fconnectionkeepalive=3dfalse"
Effective URL: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse"
Submission: On November 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 8 domains to perform 15 HTTP transactions. The main IP is 54.194.170.100, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is blog.skylight.org.
TLS certificate: Issued by R3 on September 27th 2022. Valid for: 3 months.
This is the only time blog.skylight.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    99.83.190.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
ok.com
2    54.194.170.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-170-100.eu-west-1.compute.amazonaws.com
www.ok.com
blog.skylight.org
3    2600:9000:2182:5c00:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets-global.website-files.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    18.65.40.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-40-53.ams1.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
5 gstatic.com
fonts.gstatic.com
162 KB
3 website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 11898
301 KB
3 ok.com
ok.com — Cisco Umbrella Rank: 896497
www.ok.com
677 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
113 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 304
fonts.googleapis.com — Cisco Umbrella Rank: 43
125 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2536
349 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 skylight.org
blog.skylight.org
2 KB
15 8
Domain Requested by
5 fonts.gstatic.com fonts.googleapis.com
3 assets-global.website-files.com blog.skylight.org
assets-global.website-files.com
2 www.googletagmanager.com blog.skylight.org
www.googletagmanager.com
2 ok.com 2 redirects
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net blog.skylight.org
1 ajax.googleapis.com blog.skylight.org
1 blog.skylight.org
1 www.ok.com 1 redirects
15 10

This site contains no links.

Subject Issuer Validity Valid
blog.skylight.org
R3		 2022-09-27 -
2022-12-26		 3 months crt.sh
*.website-files.com
Amazon		 2022-10-12 -
2023-11-09		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-10-25 -
2023-01-17		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse"
Frame ID: C0A91949EC6B33C95FE74A9B96F62DC3
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ok.com - Oops... something went wrong.

Page URL History Show full URLs

  1. http://ok.com/sonarapi=3fconnectionkeepalive=3dfalse" HTTP 301
    https://ok.com/sonarapi=3fconnectionkeepalive=3dfalse" HTTP 301
    https://www.ok.com/sonarapi=3fconnectionkeepalive=3dfalse" HTTP 301
    https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse" Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

15
Requests

100 %
HTTPS

67 %
IPv6

8
Domains

10
Subdomains

8
IPs

3
Countries

733 kB
Transfer

2086 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ok.com/sonarapi=3fconnectionkeepalive=3dfalse&quot; HTTP 301
    https://ok.com/sonarapi=3fconnectionkeepalive=3dfalse&quot; HTTP 301
    https://www.ok.com/sonarapi=3fconnectionkeepalive=3dfalse&quot; HTTP 301
    https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot; Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request sonarapi=3fconnectionkeepalive=3dfalse&quot;
blog.skylight.org/
Redirect Chain
  • http://ok.com/sonarapi=3fconnectionkeepalive=3dfalse&quot;
  • https://ok.com/sonarapi=3fconnectionkeepalive=3dfalse&quot;
  • https://www.ok.com/sonarapi=3fconnectionkeepalive=3dfalse&quot;
  • https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.194.170.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-170-100.eu-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
abea04dd1b57bbab1586499936fbfd2c1eae1b5993a39e6743fde84e5969a809

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html
date
Tue, 15 Nov 2022 19:41:27 GMT
etag
W/"facdb50fb3178710237ab6f63694a9f2"
last-modified
Mon, 14 Nov 2022 15:28:57 GMT
server
openresty
vary
Accept-Encoding,x-wf-forwarded-proto
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cluster-name
eu-west-1-prod-edge-blue
x-served-by
cache-iad-kjyo7100103-IAD, cache-dub4323-DUB
x-timer
S1668541288.668779,VS0,VE189

Redirect headers

accept-ranges
bytes
cache-control
private
content-length
166
content-type
text/html
date
Tue, 15 Nov 2022 19:41:27 GMT
location
https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
server
openresty
vary
x-wf-forwarded-proto
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
x-cache-hits
0, 0
x-cluster-name
eu-west-1-prod-edge-blue
x-served-by
cache-iad-kiad7000086-IAD, cache-dub4336-DUB
x-timer
S1668541287.382554,VS0,VE117
ok-dot-com.d100b763d.css
assets-global.website-files.com/6226967c16a127531bff826d/css/ 		236 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/6226967c16a127531bff826d/css/ok-dot-com.d100b763d.css
Requested by
Host: blog.skylight.org
URL: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:5c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eb478ed109398fd7d413d5284123ac65809953ce8fd32d98a217da3110aa68e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.skylight.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
3Y1BlQHWL6yEs7yugWHizO7jtNoGbP84
content-encoding
gzip
via
1.1 90dd5141cd2d05c51d479a582cded280.cloudfront.net (CloudFront)
date
Tue, 15 Nov 2022 15:03:59 GMT
age
16649
x-amz-cf-pop
DUS51-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30178
last-modified
Mon, 14 Nov 2022 15:28:57 GMT
server
AmazonS3
etag
"175bb577548360bee5d931724d81610b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
BUmE4w5ic1G7F6eoDIq-HCdRPfa9cDwhOLP4OupSjFMBgg4nVGhSIw==
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: blog.skylight.org
URL: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.skylight.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 06:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 06:24:23 GMT
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6226967c16a127531bff826d
Requested by
Host: blog.skylight.org
URL: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.40.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-40-53.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://blog.skylight.org/
Origin
https://blog.skylight.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 04:32:15 GMT
content-encoding
br
via
1.1 b6cf988ed9428ad8492255f2faaacfdc.cloudfront.net (CloudFront)
age
74534
x-amz-cf-pop
AMS1-P1
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
4kXFzpUT6zwk9uKYUwNYLvzBaUTuXK_yTVwzDknsVcCAxW24NjpuSg==
ok-dot-com.5d39b749a.js
assets-global.website-files.com/6226967c16a127531bff826d/js/ 		723 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets-global.website-files.com/6226967c16a127531bff826d/js/ok-dot-com.5d39b749a.js
Requested by
Host: blog.skylight.org
URL: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:5c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03be9601f084746586621e52d98f57972182f9335114757bea5e4fbcf5ad3794

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.skylight.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ZeTzYFrnaPSvkzWslEq9DK3YQ5pnG_v4
content-encoding
gzip
via
1.1 90dd5141cd2d05c51d479a582cded280.cloudfront.net (CloudFront)
date
Mon, 14 Nov 2022 20:19:11 GMT
age
84137
x-amz-cf-pop
DUS51-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
150225
last-modified
Mon, 31 Oct 2022 17:39:21 GMT
server
AmazonS3
etag
"0f681147b6d92a2f87d1137d577c0ab2"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
accept-ranges
bytes
x-amz-cf-id
lTE0q5PDWWav4CFzg0jVjD45fuKP7K1ULvNIRUme4WFA_nPyRptW_w==
css
fonts.googleapis.com/ 		431 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNoto+Sans+HK:regular,500,700
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2257d820156bea6ee75b638844c9bc806b64471678d689f4950a2d88d6fc01d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.skylight.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Nov 2022 19:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 19:41:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Nov 2022 19:41:28 GMT
gtm.js
www.googletagmanager.com/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WQ84TDC
Requested by
Host: blog.skylight.org
URL: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b1c2022dd0feed8e53fe8a5e93cc7f96279c3a3d32c7fbf50aaf8ce90eea1b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.skylight.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 19:41:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38638
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 15 Nov 2022 19:41:28 GMT
6226967c16a127dd66ff82a6_aidan-hancock-428761-unsplash%20copy.jpg
assets-global.website-files.com/6226967c16a127531bff826d/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/6226967c16a127531bff826d/6226967c16a127dd66ff82a6_aidan-hancock-428761-unsplash%20copy.jpg
Requested by
Host: assets-global.website-files.com
URL: https://assets-global.website-files.com/6226967c16a127531bff826d/css/ok-dot-com.d100b763d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:5c00:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a92fd6af794e8d64c1c8e60e42ef6301e73c89ece64cc988b20f61538a3f130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets-global.website-files.com/6226967c16a127531bff826d/css/ok-dot-com.d100b763d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 01 Nov 2022 23:42:10 GMT
x-amz-version-id
qXRV5Rc68uq_T7pOqGhJqlr2abVcU.wJ
via
1.1 90dd5141cd2d05c51d479a582cded280.cloudfront.net (CloudFront)
age
1195159
x-amz-cf-pop
DUS51-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
126047
last-modified
Mon, 07 Mar 2022 23:34:22 GMT
server
AmazonS3
etag
"45e02bba30fc7d12587f2a536d14e10b"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
zUDUsqn0RYAf_XUVLK3W2RTlqNYCqdqSYeky_9RpMSd1F1b1FDFTPw==
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MYK7L2L7GC&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WQ84TDC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
77651039353f1f6506e9ce7f2547a21f911ea2a1cd85ace3eddecb40b64393fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.skylight.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 19:41:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75996
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 15 Nov 2022 19:41:28 GMT
nKKP-GM_FYFRJvXzVXaAPe9ZiF9TH63iMrASx9ZaserX6q2vzTj-NOg9lDlpiMTLVMI0Og.119.woff2
fonts.gstatic.com/s/notosanshk/v21/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanshk/v21/nKKP-GM_FYFRJvXzVXaAPe9ZiF9TH63iMrASx9ZaserX6q2vzTj-NOg9lDlpiMTLVMI0Og.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNoto+Sans+HK:regular,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21caac6a07fadc30574ae152c090f477b74ce7a7e43721036a61675053eb02eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.skylight.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 11 Nov 2022 13:20:29 GMT
x-content-type-options
nosniff
age
368459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23932
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:37:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Nov 2023 13:20:29 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNoto+Sans+HK:regular,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.skylight.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 16:15:31 GMT
x-content-type-options
nosniff
age
271557
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 16:15:31 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNoto+Sans+HK:regular,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.skylight.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 18:54:08 GMT
x-content-type-options
nosniff
age
89240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Nov 2023 18:54:08 GMT
nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.119.woff2
fonts.gstatic.com/s/notosanshk/v21/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanshk/v21/nKKQ-GM_FYFRJvXzVXaAPe9hMRhvEPeWV8Ydw9dTvaja5emiwCL1Dv89rTx5gtGuOA.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNoto+Sans+HK:regular,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdd0ac6e717da35ba439a8410bb8c356fc57b332acb78033817436c790d88b90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.skylight.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 12 Nov 2022 16:13:49 GMT
x-content-type-options
nosniff
age
271659
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23644
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:50:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 Nov 2023 16:13:49 GMT
nKKP-GM_FYFRJvXzVXaAPe9ZwFlTH63iMrASx9ZaserX6q2vzTj-NOg9lDlpiMTLVMI0Og.119.woff2
fonts.gstatic.com/s/notosanshk/v21/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanshk/v21/nKKP-GM_FYFRJvXzVXaAPe9ZwFlTH63iMrASx9ZaserX6q2vzTj-NOg9lDlpiMTLVMI0Og.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CNoto+Sans+HK:regular,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae59325510c5f351d34c0ac0185bf197020ce4a6401ac3e748373af238a25e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blog.skylight.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 10 Nov 2022 10:15:59 GMT
x-content-type-options
nosniff
age
465929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23908
x-xss-protection
0
last-modified
Mon, 09 May 2022 19:57:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 10 Nov 2023 10:15:59 GMT
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-MYK7L2L7GC&gtm=2oeb90&_p=724558918&cid=1789016082.1668541288&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668541288&sct=1&seg=0&dl=https%3A%2F%2Fblog.skylight.org%2Fsonarapi%3D3fconnectionkeepalive%3D3dfalse%26quot%3B&dt=Ok.com%20-%20Oops...%20something%20went%20wrong.&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MYK7L2L7GC&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://blog.skylight.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 15 Nov 2022 19:41:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blog.skylight.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont object| dataLayer function| $ function| jQuery function| tram object| Webflow object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Domain/Path Name / Value
.skylight.org/ Name: _ga
Value: GA1.1.1789016082.1668541288
.skylight.org/ Name: _ga_MYK7L2L7GC
Value: GS1.1.1668541288.1.1.1668541288.0.0.0

1 Console Messages

Source Level URL
Text
network error URL: https://blog.skylight.org/sonarapi=3fconnectionkeepalive=3dfalse&quot;
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-global.website-files.com
blog.skylight.org
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ok.com
region1.google-analytics.com
www.googletagmanager.com
www.ok.com
18.65.40.53
2001:4860:4802:32::36
2600:9000:2182:5c00:12:9e5f:cac0:93a1
2a00:1450:4001:806::2003
2a00:1450:4001:812::200a
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
54.194.170.100
99.83.190.102
03be9601f084746586621e52d98f57972182f9335114757bea5e4fbcf5ad3794
21caac6a07fadc30574ae152c090f477b74ce7a7e43721036a61675053eb02eb
2a92fd6af794e8d64c1c8e60e42ef6301e73c89ece64cc988b20f61538a3f130
77651039353f1f6506e9ce7f2547a21f911ea2a1cd85ace3eddecb40b64393fc
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
abea04dd1b57bbab1586499936fbfd2c1eae1b5993a39e6743fde84e5969a809
ae59325510c5f351d34c0ac0185bf197020ce4a6401ac3e748373af238a25e25
b1c2022dd0feed8e53fe8a5e93cc7f96279c3a3d32c7fbf50aaf8ce90eea1b5b
cdd0ac6e717da35ba439a8410bb8c356fc57b332acb78033817436c790d88b90
e2257d820156bea6ee75b638844c9bc806b64471678d689f4950a2d88d6fc01d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb478ed109398fd7d413d5284123ac65809953ce8fd32d98a217da3110aa68e1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d