we45.com Open in urlscan Pro
162.159.135.42  Public Scan

10 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

• https://widget.getgist.com/ HTTP 302
• https://dyr2dbqz8u9mp.cloudfront.net/gist-0f757f46ff.min.js

Request Chain 91

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D217627%26time%3D1647528024233%26url%3Dhttps%253A%252F%252Fwe45.com%252Fblog%252Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%252F%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&liSync=true&e_ipv6=AQIXL9yCjAOH-gAAAX-YUpqZ9ez--7ANjem3Fjd52KTm-pDJOtWUnpSJQz9aeRBOxOaiQ71bsw

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/	198 KB 44 KB	684ms 654ms	Document text/html	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bdabc73f9f04469826109ead22c1ccfa390f56eda571b080724bcd3a88d9f2cb Security Headers Name Value X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-type text/html; charset=UTF-8 cf-ray 6ed67bbc8b4a915f-FRA link <https://we45.com/wp-json/>; rel="https://api.w.org/", <https://we45.com/wp-json/wp/v2/posts/3516>; rel="alternate"; type="application/json", <https://we45.com/?p=3516>; rel=shortlink vary Accept-Encoding cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" ki-cache-type None ki-cf-cache-status BYPASS ki-edge v=17.1 x-content-type-options nosniff x-edge-location-klb 1 x-kinsta-cache HIT x-pingback https://we45.com/xmlrpc.php server cloudflare content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.min.css we45.com/wp-includes/css/dist/block-library/	50 KB 8 KB	674ms 669ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:42:37 GMT server cloudflare etag W/"6040c7ad-c88a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0be82915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	style-index.css we45.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/	70 B 156 B	676ms 670ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1641502745 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 06 Jan 2022 20:59:05 GMT server cloudflare etag W/"61d75819-46" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce8f915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	styles.css we45.com/wp-content/plugins/contact-form-7/includes/css/	3 KB 975 B	671ms 665ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:03 GMT server cloudflare etag W/"6040c8b7-a46" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce90915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	cookie-law-info-public.css we45.com/wp-content/plugins/cookie-law-info/public/css/	3 KB 1006 B	691ms 685ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.0.0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8fa20af264fcdd99621fc4e3a770927452b0fe382599e0d890a3bfa31152f80 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:12 GMT server cloudflare etag W/"6040c8c0-c25" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce91915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	cookie-law-info-gdpr.css we45.com/wp-content/plugins/cookie-law-info/public/css/	28 KB 5 KB	696ms 691ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.0.0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a82fb0df229ab511ba5e585874443b97a62bfbd76c369a6944ed9e0750ebf698 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:12 GMT server cloudflare etag W/"6040c8c0-6ecf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce93915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	theme.css we45.com/wp-content/plugins/popup-builder/public/css/	71 KB 11 KB	666ms 660ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/popup-builder/public/css/theme.css?ver=3.76 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f811323ff442047c7a4f441c1b262be22291d2e2d45e500f9751d9d03a640c7d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:22 GMT server cloudflare etag W/"6040c8ca-11a25" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce95915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	style.min.css we45.com/wp-content/themes/hello-elementor/	6 KB 2 KB	677ms 671ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/themes/hello-elementor/style.min.css?ver=2.2.0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4aa0c20954c4243d81fdc203c1c05fc647794da5f84e813b16f891b05b842cb1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Sun, 08 Nov 2020 08:40:50 GMT server cloudflare etag W/"5fa7af12-19f1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce97915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	theme.min.css we45.com/wp-content/themes/hello-elementor/	5 KB 2 KB	662ms 657ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/themes/hello-elementor/theme.min.css?ver=2.2.0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 17a591d6036783118c6356690f7a4e22d60ad7c224db3897df5b46ccea09054c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Sun, 08 Nov 2020 08:40:50 GMT server cloudflare etag W/"5fa7af12-146f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce98915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	dynamic-mobmenu.css we45.com/wp-content/uploads/	9 KB 2 KB	672ms 667ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/uploads/dynamic-mobmenu.css?ver=2.8.1.8.1-345 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d70275b384d4c39a5c60c3027a726c4ee399cd756af6f4366a93e53a6af35759 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 03 Dec 2020 07:10:44 GMT server cloudflare etag W/"5fc88f74-257d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ce9c915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	1 KB 931 B	44ms 16ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7be9e5f63b77a88b00d5be374fb63b5b560c1aa06cc9b0421f967095b50222d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 13:50:57 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 14:40:23 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 14:40:23 GMT
GET H2	200	elementor-icons.min.css we45.com/wp-content/plugins/elementor/assets/lib/eicons/css/	17 KB 4 KB	667ms 662ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-4350" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cea0915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	animations.min.css we45.com/wp-content/plugins/elementor/assets/lib/animations/	18 KB 3 KB	683ms 678ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-4824" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cea4915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	frontend-legacy.min.css we45.com/wp-content/plugins/elementor/assets/css/	4 KB 584 B	680ms 676ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 237b283acb14c3a3f8d959bda8906c6d16ff7d765457b925978b4a2d0e0b37b6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:05 GMT server cloudflare etag W/"6040c8b9-f0e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cea5915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	frontend.min.css we45.com/wp-content/plugins/elementor/assets/css/	112 KB 17 KB	675ms 674ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2f0be5a55767208b950f45d9d08309fca187fd69a7ca3fd959fe8476869e56c0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-1c173" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cea7915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	post-8.css we45.com/wp-content/uploads/elementor/css/	980 B 444 B	683ms 682ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/uploads/elementor/css/post-8.css?ver=1614858465 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 416bd7ec02216e99bc5fee825ba6cffffae7f836a1d89b6ef6e7ebb8997e3ca3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:45 GMT server cloudflare etag W/"6040c8e1-3d4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ceaa915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	all.min.css we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/	58 KB 13 KB	664ms 664ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.2.4 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-e7d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ceac915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	v4-shims.min.css we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/	26 KB 4 KB	677ms 676ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=4.5.2 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-684e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ceaf915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	global.css we45.com/wp-content/uploads/elementor/css/	59 KB 4 KB	671ms 668ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/uploads/elementor/css/global.css?ver=1614858466 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e207809f1a31d7193e96fa2d876921b47f2e3164fd3adc89d8161615c15e2ff Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:46 GMT server cloudflare etag W/"6040c8e2-ea0e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ceb0915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	addtoany.min.css we45.com/wp-content/plugins/add-to-any/	1 KB 527 B	660ms 658ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:01 GMT server cloudflare etag W/"6040c8b5-5ba" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ceba915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mobmenu-icons.css we45.com/wp-content/plugins/mobile-menu/includes/css/	5 KB 1 KB	670ms 668ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8418d36538970ba3a9a2f0e019991b7e9a25b185fa957e85cfa860ef98c8e49 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:20 GMT server cloudflare etag W/"6040c8c8-156d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cebd915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mobmenu.css we45.com/wp-content/plugins/mobile-menu/includes/css/	8 KB 2 KB	671ms 669ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/mobile-menu/includes/css/mobmenu.css?ver=2.8.1.8.1 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 826532b218087b62a405d63eaceed0af37830df617a61480e054d9bef6489b4e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:20 GMT server cloudflare etag W/"6040c8c8-20ad" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cebf915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	css fonts.googleapis.com/	70 KB 2 KB	40ms 18ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e850241f0a71c660b4cc32b270f64ae576afb33ba4c291a1e4c63f6500e05557 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 13:30:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 14:40:23 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 14:40:23 GMT
GET H2	200	jquery.min.js Show response we45.com/wp-includes/js/jquery/	87 KB 32 KB	675ms 673ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:42:37 GMT server cloudflare etag W/"6040c7ad-15d98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cec0915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-migrate.min.js Show response we45.com/wp-includes/js/jquery/	11 KB 4 KB	679ms 678ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:42:37 GMT server cloudflare etag W/"6040c7ad-2bd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cec2915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	frontend.js Show response we45.com/wp-content/plugins/stop-user-enumeration/frontend/js/	486 B 318 B	686ms 684ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.29 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bbc0a7737643dd7c2344ba961592632153cb5353c92c5127339627e14b09143 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:26 GMT server cloudflare etag W/"6040c8ce-1e6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cec4915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	addtoany.min.js Show response we45.com/wp-content/plugins/add-to-any/	129 B 225 B	679ms 677ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:01 GMT server cloudflare etag W/"6040c8b5-81" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cec5915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	cookie-law-info-public.js Show response we45.com/wp-content/plugins/cookie-law-info/public/js/	34 KB 9 KB	688ms 686ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.0.0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c96a4e8e5c17e860ba23499da982857936823deba867697fd327f97d95025cfc Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:12 GMT server cloudflare etag W/"6040c8c0-889f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cec6915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	Popup.js Show response we45.com/wp-content/plugins/popup-builder/public/js/	38 KB 8 KB	668ms 667ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/popup-builder/public/js/Popup.js?ver=3.76 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71a2a2dff02bf28bb47ad8f8cdd15056fae19132347598cc28864fb861b10423 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:22 GMT server cloudflare etag W/"6040c8ca-97b1" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cec7915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	PopupConfig.js Show response we45.com/wp-content/plugins/popup-builder/public/js/	6 KB 2 KB	688ms 687ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/popup-builder/public/js/PopupConfig.js?ver=3.76 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fe8c79d67b21039a5d059ef40761950fb76e1d17933d61509f7eb3c68f5aeeb Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:22 GMT server cloudflare etag W/"6040c8ca-177a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ceca915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	PopupBuilder.js Show response we45.com/wp-content/plugins/popup-builder/public/js/	80 KB 18 KB	676ms 674ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/popup-builder/public/js/PopupBuilder.js?ver=3.76 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4dc04671b9e2923b55575340c29912733cc7adcfbc0d1d481ca393bf88a697d0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:22 GMT server cloudflare etag W/"6040c8ca-1409e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0cecf915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	v4-shims.min.js Show response we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/	15 KB 4 KB	682ms 681ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=4.5.2 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-3acf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ced1915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mobmenu.js Show response we45.com/wp-content/plugins/mobile-menu/includes/js/	14 KB 4 KB	676ms 675ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=2.8.1.8.1 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc303c88e9ae311b8c5f011a4cf7b2aee3a8f37ae18833fbc47971d30450f7b0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:20 GMT server cloudflare etag W/"6040c8c8-38e9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0ced3915f-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	wp-emoji-release.min.js Show response we45.com/wp-includes/js/	14 KB 5 KB	643ms 643ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:42:37 GMT server cloudflare etag W/"6040c7ad-3795" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc0dfcb9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	css2 fonts.googleapis.com/	10 KB 661 B	33ms 17ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Raleway:wght@200;300;400;500;600;700&display=swap Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash aa6a6e14481b48b8937da68498d9ef953b1cca2f21728ef1e22dd910e95f9059 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 14:28:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 14:40:23 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 14:40:23 GMT
GET H2	200	slick-theme.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/	2 KB 1 KB	90ms 19ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick-theme.min.css Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 234255 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 657 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-956" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGs7j1P%2BQwGRxcM0dcS1ZYxyCXvFhpHIklsdRMuURMolrnQxWRWyHlUt1Ia%2Bb0axjJkWFIVeFnJerAO4nautOcWEpa5cALI72IB8O51QKDuOBRnCQDbbiZSi%2Bw8nrNLmFEJeRPz%2FZCe8PXPlwFJlohMH"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6ed67bc20c100215-ZRH expires Tue, 07 Mar 2023 14:40:23 GMT
GET H2	200	slick.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/	1 KB 713 B	91ms 20ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1265835 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 394 timing-allow-origin * last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-559" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsaM1JjJYYWDbncfFRgs75%2FkxU4R8Efw6gkHZirJu83tZwG6EfvaYgGssTnZbWAaGSad%2FR7WI11B22qB%2FH4P2UrQ3%2BmvyfoDj%2FFWx5bkr9hoI6TmV2Xil%2FbJ3oKmxIabcPolufueaS1uYiQHMA71g9Z8"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6ed67bc20c120215-ZRH expires Tue, 07 Mar 2023 14:40:23 GMT
GET H3	200	logo-110.png we45.com/wp-content/uploads/2020/11/	6 KB 7 KB	637ms 637ms	Image image/png	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://we45.com/wp-content/uploads/2020/11/logo-110.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 965c141d3bfad237f8efee0086d4bbbfb95507358283f1aaf1a6cb8d3b203416 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6496 ki-cf-cache-status BYPASS last-modified Tue, 10 Nov 2020 12:31:27 GMT server cloudflare etag "5faa881f-1960" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None accept-ranges bytes cf-ray 6ed67bc199899c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	xss_03.jpg cdn2.hubspot.net/hubfs/1805608/	13 KB 14 KB	1073ms 1003ms	Image image/jpeg	2606:4700::6811:f2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.hubspot.net/hubfs/1805608/xss_03.jpg Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 019a616a7fb76dc6838424c9b58a61786efcb1e318e1d5015be8e6a9e3ceae1b Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-methods GET date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 7245e91891539560c1f484b1e46159c8.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-meta-cache-tag F-8879295455,P-1805608,FLS-ALL x-amz-cf-pop ZRH50-C1 edge-cache-tag F-8879295455,P-1805608,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 14 x-amz-request-id Y4R225NGCP43Q38R x-amz-id-2 /x239vlMvA4oOt29mQ3xBfek7TOV5fYZrX18oKxz1UjjnQK4tdQN7PUdCcVBcaU1HXaarumHxT4= accept-ranges bytes last-modified Mon, 15 Apr 2019 10:57:47 GMT server cloudflare etag "294e3a26be43abe0432af231aa9c6ba2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKQ5OjD5Hlg80fAXBck8rbnqNNQmZvXLn4Uw%2FkaOdZ7WMnQOO0FBeQRVp542QJnN%2FnBfQaPFJq9HrUkax3XqTn1L9q7GYbLCScSepL0t%2BXi0dvoq4N03muyKeSCuB0ij%2FMcRwviVw0QaAbFB54s%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-version-id UvGPEm8VlOqnffCHaqvJN0GmL4s21q92 content-length 13796 cf-ray 6ed67bc20849cc56-ZRH x-amz-cf-id mGc9UGo83dwIzA0yj5B76b83nTQlq3waRvDa2uogqGr467JjcX5bQQ== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 14
GET H2	200	Screen%20Shot%202019-04-15%20at%204.38.58%20PM.png cdn2.hubspot.net/hubfs/1805608/	59 KB 60 KB	592ms 590ms	Image image/png	2606:4700::6811:f2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.hubspot.net/hubfs/1805608/Screen%20Shot%202019-04-15%20at%204.38.58%20PM.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 84409f907914e2160bca0155b7ebc2cc45dec3660e44a02122a3ee08601a18a6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-methods GET date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-meta-cache-tag F-8879506587,P-1805608,FLS-ALL x-amz-cf-pop ZRH50-C1 edge-cache-tag F-8879506587,P-1805608,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 14 x-amz-request-id Y4R06KQ5TV3QDG3X x-amz-id-2 DfIrnj4Xb/oX/qs5FTsQtHajsAeS0fq4CJxk1PaiQ6r2QzGRR9s+h5aejXdOppMwDkkw/+Bjs+Y= accept-ranges bytes last-modified Mon, 15 Apr 2019 11:09:52 GMT server cloudflare etag "6d765e93bce33131d93dd56b525d9852" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tE3s%2FRFu3fMlWCjKr53sYUSIdq22HumhWBTY%2BGYZ6eklRzSMdak2v%2BQTuE%2FLUveRYwO%2B6LnkNR85nj%2B0DvV4XXCx1PrXRCwSR2IWOWF39AcWwg5aqzTVdMmgSBpKJa92n5XLtbGrKdwDYik6Pis%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-version-id 1mNAggiC5ITjgDlddI6SgvtGtdbgx8nH content-length 60562 cf-ray 6ed67bc278becc56-ZRH x-amz-cf-id 3ighOQdc439JNmWfyZPqtA4xdh_nf8BEEL8ubtxK8V552sjMOjSBuA== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 14
GET H2	200	ref_xss2.png cdn2.hubspot.net/hubfs/1805608/	21 KB 22 KB	880ms 877ms	Image image/png	2606:4700::6811:f2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.hubspot.net/hubfs/1805608/ref_xss2.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bd9baf57f960c339ca6f7e767583e1cbe8d92ce48a601949c582eb39490ef5f Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-methods GET date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-meta-cache-tag F-8878172137,P-1805608,FLS-ALL x-amz-cf-pop ZRH50-C1 edge-cache-tag F-8878172137,P-1805608,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 14 x-amz-request-id Y4RC1FE5M1A1P6KQ x-amz-id-2 i0NWObVvISgudsXjfBCUAfEy0ZEuwynl5mH3pqg1QfxByGx3FqNW6V5GIDDFTcW2yC2q+Atq0f4= accept-ranges bytes last-modified Mon, 15 Apr 2019 10:57:47 GMT server cloudflare etag "cffeab62e18ddefb60a0a33cd736c515" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABRu89oVR7antFAFNO2Ci%2BAmuKdiOlAF4cOWg8ku3EklRrdi1fsC7wMuINBko303lIbuPjrLb3TPAlS8wOdouFkFrjNfngpUxcUEBwNARnAtSofjwzS%2BvAtZpbEbvuyxY0PBQwhvbz8ntd634wI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-version-id Cxmr2pSbYPYhYXf.wQmrbtblY5CRaYo3 content-length 21956 cf-ray 6ed67bc278c0cc56-ZRH x-amz-cf-id haKUVloOs6gNcQRku9m5TRYlpfmnUwixRyrQcjqr_apEi0_I2VauAw== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 14
GET H2	200	st_xss2.png cdn2.hubspot.net/hubfs/1805608/	33 KB 34 KB	607ms 605ms	Image image/png	2606:4700::6811:f2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.hubspot.net/hubfs/1805608/st_xss2.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df519debf9fe8e977c92e7dbbfe40cc68ad0d8229d7641dbeb66e930001a25d6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-methods GET date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-meta-cache-tag F-8879295456,P-1805608,FLS-ALL x-amz-cf-pop ZRH50-C1 edge-cache-tag F-8879295456,P-1805608,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 14 x-amz-request-id Y4RFHBMSZMNJG29Q x-amz-id-2 Q9ssPUlWvILBMWvfFmAV5WPyIikwVGO0EVAfe58OHRCdu/Q7dP5lY/uukqlsyeaVcEmpefsOVOQ= accept-ranges bytes last-modified Mon, 15 Apr 2019 10:57:47 GMT server cloudflare etag "3768a78f88606600513f336e3bb1f700" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXVABM91HKrfDs5oGgIESOmbEAjFrrujJqD502HCYo0srJsSRpMpkBykdHh%2B9sgOmNebQL%2F2fL%2FwcFNrpvetXdgMoD3nT7WneXLyZg9e0P2mW68AFSJ1HurnHeVjMYFJGbTSa9y%2FKYwo6mIG3fI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-version-id NAuDTj3qnl6TiHJwB6ANbXyNO4hg2k02 content-length 33724 cf-ray 6ed67bc278c1cc56-ZRH x-amz-cf-id Kk-MxEJnZ3wDfC2R4n_mwX4uzytIyADBRpv7McwBWYLJj1F8mNxWxA== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 14
GET H2	200	st_xss3.png cdn2.hubspot.net/hubfs/1805608/	34 KB 35 KB	604ms 600ms	Image image/png	2606:4700::6811:f2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.hubspot.net/hubfs/1805608/st_xss3.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46eb63432cf8af3e5587a140e828683800f00bb3063a11cc9db288de821df0ba Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-methods GET date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-meta-cache-tag F-8878172117,P-1805608,FLS-ALL x-amz-cf-pop ZRH50-C1 edge-cache-tag F-8878172117,P-1805608,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 14 x-amz-request-id Y4R27ZJNQ6JEP3PM x-amz-id-2 xuiSaWYf9emiKL9pU8cGSjT3zE0WXyhoB97kU/4JosxKg6rf6drBrxwlQcQVJD+djt/XujuVfm8= accept-ranges bytes last-modified Mon, 15 Apr 2019 10:57:12 GMT server cloudflare etag "1d400a6ad9ccb32201e4364cbf493ad3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOZErM0ONkHB%2BDK3ouDYSgHhN5O38PpREa2Z%2F56iH6W05Uck4I8Dg%2FkSZKPB83AsmvQykayHC1no7i%2FIDvfWD4QU5LweP5g37yfMh7f1d7St7kawxm0XokvQHXUBvE7B7Va6GGb6kOuGjK3W%2B%2BE%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-version-id RhWKAZlqgCVJgYiYfEVmra4EHkCw9qUg content-length 34817 cf-ray 6ed67bc288c2cc56-ZRH x-amz-cf-id mR_zhWFgO4voeC9AhxiSRCA7yBnsNKUoJq3ohVpwmE_OfZg3zkiP-g== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 14
GET H2	200	st_xss4.png cdn2.hubspot.net/hubfs/1805608/	11 KB 11 KB	924ms 921ms	Image image/png	2606:4700::6811:f2cc CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn2.hubspot.net/hubfs/1805608/st_xss4.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:f2cc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 592215aaef7141f94178849e5252eaa9f59e0c1151d218a8bf399ea45fe1c5c3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-methods GET date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-meta-cache-tag F-8879295454,P-1805608,FLS-ALL x-amz-cf-pop ZRH50-C1 edge-cache-tag F-8879295454,P-1805608,FLS-ALL x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.enforceAclForReadsProd 14 x-amz-request-id Y4RAZ12BN97GANCR x-amz-id-2 NMB70vqz3JH0zGtZyEBTXirM5bFsE8fdbxFPKNNOkWBmNkHJBSDOq7x+KtSMvuF5QYUfPZzNvB4= accept-ranges bytes last-modified Mon, 15 Apr 2019 10:57:47 GMT server cloudflare etag "77d1c77d54606d79a78b194d085ce020" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlkggD10SobmZ39sZbtxSChvDcEtlHY%2BwTptmKRlLDIxBjLIuRrn8K1xK%2FmV43mGgdCewzhWmo3jAQQBVjjyacuEkrUZya7swXTuZnVsnw7NtgJM22UgaCcYREbX9e92%2FYE5k09N44%2BcIUByYe4%3D"}],"group":"cf-nel","max_age":604800} content-type image/png access-control-allow-origin * cache-control s-maxage=1814400, max-age=1209600, stale-while-revalidate=900 x-amz-version-id L3dY.kaxKbv0otSfagGE_CweZatUa5d1 content-length 10995 cf-ray 6ed67bc288c5cc56-ZRH x-amz-cf-id eTFU5VIRv9G5Wr3-fjmkUEaP7t-ZJrAK2V2QEfdIVSb4wy707Kiruw== x-hs-cf-lambda-enforce us-east-1.enforceAclForReadsProd 14
GET H3	200	we45-logo-dark.png we45.com/wp-content/uploads/2020/11/	16 KB 16 KB	667ms 665ms	Image image/png	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://we45.com/wp-content/uploads/2020/11/we45-logo-dark.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 35a272863225cb421075bf7d75f8329ed82e5313cd3de24c048cb0d6bbdfed71 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16024 ki-cf-cache-status BYPASS last-modified Mon, 09 Nov 2020 12:18:02 GMT server cloudflare etag "5fa9337a-3e98" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None accept-ranges bytes cf-ray 6ed67bc27b579c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	embed.php Show response we45.activehosted.com/f/	24 KB 6 KB	520ms 464ms	Script text/javascript	2606:4700::6811:586d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.activehosted.com/f/embed.php?static=0&id=1&6233427869C73&nostyles=0&preview=0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:586d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db282162ec13cd972beec356fcc4614a54b06e24f03511f6a9151589f1657495 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Thu, 17 Mar 2022 14:40:23 GMT content-encoding gzip cf-cache-status MISS last-modified Thu, 17 Mar 2022 14:40:23 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/javascript;charset=UTF-8 cache-control public, max-age=14400 cf-ray 6ed67bc2d85dcc4e-ZRH x-request-id 1d02046214d5fb14cc22b9ffccb54896 expires Thu, 17 Mar 2022 18:40:23 GMT
GET H3	200	site_tracking.js Show response we45.com/wp-content/plugins/activecampaign-subscription-forms/	1 KB 973 B	657ms 655ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 06 Jan 2022 20:59:05 GMT server cloudflare etag W/"61d75819-57b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc27b599c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	wp-polyfill.min.js Show response we45.com/wp-includes/js/dist/vendor/	97 KB 35 KB	696ms 693ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 05 Nov 2020 13:48:05 GMT server cloudflare etag W/"5fa40295-183ee" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc27b5e9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	i18n.min.js Show response we45.com/wp-includes/js/dist/	9 KB 4 KB	672ms 669ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/dist/i18n.min.js?ver=9e36b5da09c96c657b0297fd6f7cb1fd Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dfefc107bdfac35ba9cff9237a29bf190fea64d2f96d19e2eb596fc8daccf1d Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 09 Sep 2021 13:49:07 GMT server cloudflare etag W/"613a10d3-2556" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b619c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	lodash.min.js Show response we45.com/wp-includes/js/dist/vendor/	71 KB 27 KB	663ms 661ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.21 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 09 Sep 2021 13:49:07 GMT server cloudflare etag W/"613a10d3-11d37" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b659c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	url.min.js Show response we45.com/wp-includes/js/dist/	14 KB 5 KB	656ms 654ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/dist/url.min.js?ver=1b4bb2b3f526a1db366ca3147ac39562 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5cc8aa0883ab7a05139e3ac18ea457e8236f3faec1966d5e6fba7b893de019e6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 09 Sep 2021 13:49:07 GMT server cloudflare etag W/"613a10d3-361b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b669c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	hooks.min.js Show response we45.com/wp-includes/js/dist/	6 KB 3 KB	674ms 671ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/dist/hooks.min.js?ver=d0d9f43e03080e6ace9a3dabbd5f9eee Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f147531c5a51171826972a5ccf168f6dba24514ac8735ca1f6d4f0215c9a8f2e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 09 Sep 2021 13:49:07 GMT server cloudflare etag W/"613a10d3-1840" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b679c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	api-fetch.min.js Show response we45.com/wp-includes/js/dist/	12 KB 4 KB	674ms 672ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/dist/api-fetch.min.js?ver=c207d2d188ba8bf763f7acd50b7fd5a9 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ecaa50b86130b59f4c203ba5a3525ad3f60e872961f9e5d04c0f95016d2d72c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 09 Sep 2021 13:49:07 GMT server cloudflare etag W/"613a10d3-30d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b699c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	index.js Show response we45.com/wp-content/plugins/contact-form-7/includes/js/	11 KB 4 KB	677ms 674ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:03 GMT server cloudflare etag W/"6040c8b7-2ac2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b6d9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 1001 B	44ms 20ms	Script text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&ver=3.0 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2ede9bf8fdf5fd0e3e6f19d573fad5d69f6a475418a2b8edabb3dff3abc33031 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:23 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 588 x-xss-protection 1; mode=block expires Thu, 17 Mar 2022 14:40:23 GMT
GET H3	200	index.js Show response we45.com/wp-content/plugins/contact-form-7/modules/recaptcha/	4 KB 2 KB	663ms 661ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 671792033b9675a4d8ddbdfbb6b048da36b11b6d569c4f92ad3f785e71bba8de Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:03 GMT server cloudflare etag W/"6040c8b7-e8b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b6e9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	wp-embed.min.js Show response we45.com/wp-includes/js/	1 KB 1 KB	681ms 679ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/wp-embed.min.js?ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:42:37 GMT server cloudflare etag W/"6040c7ad-592" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b6f9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	comment-reply.min.js Show response we45.com/wp-includes/js/	3 KB 2 KB	664ms 661ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/comment-reply.min.js?ver=5.6.8 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 15 Apr 2021 13:49:10 GMT server cloudflare etag W/"60784456-ba8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b709c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	form.js Show response we45.com/wp-content/plugins/akismet/_inc/	700 B 658 B	688ms 686ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/akismet/_inc/form.js?ver=4.1.9 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:01 GMT server cloudflare etag W/"6040c8b5-2bc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b729c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	webpack.runtime.min.js Show response we45.com/wp-content/plugins/elementor/assets/js/	5 KB 2 KB	677ms 675ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11cd8b9721b7b60336f93c6347acbc15c1b75fcc280d07782c8b6fe52d10902e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-1212" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b739c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	frontend-modules.min.js Show response we45.com/wp-content/plugins/elementor/assets/js/	63 KB 20 KB	674ms 672ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b8ddb0c12b4549692835a16fae1a88211079db4e560babb672d5a1facdaa6a15 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-fd92" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b769c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	core.min.js Show response we45.com/wp-includes/js/jquery/ui/	20 KB 7 KB	657ms 654ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 15 Apr 2021 13:49:10 GMT server cloudflare etag W/"60784456-5133" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b789c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	dialog.min.js Show response we45.com/wp-content/plugins/elementor/assets/lib/dialog/	11 KB 4 KB	672ms 670ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-2a6f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b799c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	waypoints.min.js Show response we45.com/wp-content/plugins/elementor/assets/lib/waypoints/	12 KB 3 KB	698ms 696ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-2fa6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b7a9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	share-link.min.js Show response we45.com/wp-content/plugins/elementor/assets/lib/share-link/	3 KB 1 KB	681ms 680ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-a12" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b7b9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	swiper.min.js Show response we45.com/wp-content/plugins/elementor/assets/lib/swiper/	136 KB 37 KB	684ms 682ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-21f91" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b7c9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	frontend.min.js Show response we45.com/wp-content/plugins/elementor/assets/js/	79 KB 24 KB	681ms 680ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc79c129ef8c07cca0b3d5c12e178115e3123abad3379b7a55c7be79cb3762bd Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-13cd9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b7e9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	preloaded-elements-handlers.min.js Show response we45.com/wp-content/plugins/elementor/assets/js/	37 KB 12 KB	670ms 668ms	Script application/javascript	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/js/preloaded-elements-handlers.min.js?ver=3.1.3 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b36b8efed831470d9e7fb42787d21243bf35f78814eec348782d841480bfc1d4 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-9420" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b809c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	all.min.css we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/	58 KB 13 KB	680ms 679ms	Stylesheet text/css	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.21.6 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag W/"6040c8ba-e7d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc28b829c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	page.js Show response static.addtoany.com/menu/	72 KB 26 KB	56ms 26ms	Script application/javascript	2606:4700:10::6816:46c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/page.js Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT via e1s x-content-type-options nosniff cf-cache-status HIT age 22544 p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 01 Dec 2021 08:23:25 GMT server cloudflare etag W/"11ee2-5d2116348919c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=172800 cf-ray 6ed67bc648a0cc4a-ZRH cf-bgj minify
GET H2	200	gist-0f757f46ff.min.js Show response dyr2dbqz8u9mp.cloudfront.net/ Redirect Chain https://widget.getgist.com/ https://dyr2dbqz8u9mp.cloudfront.net/gist-0f757f46ff.min.js	171 KB 38 KB	82ms 22ms	Script application/javascript	2600:9000:2204:9200:c:7018:1040:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dyr2dbqz8u9mp.cloudfront.net/gist-0f757f46ff.min.js Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Server 2600:9000:2204:9200:c:7018:1040:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e2eb2926223449f424c515517b114554f14b9ffbd9403d99b182ab74341aaced Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 10:27:18 GMT content-encoding gzip last-modified Tue, 15 Mar 2022 10:02:05 GMT server AmazonS3 age 187987 etag W/"0f757f46ffd4ae2fcc6ce005b83d161e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 fb60efae608d5d8f2d160585f251caae.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop AMS50-C1 x-amz-cf-id lyy1tpFiMnnklFIt7tJGvs2V3NGf4yEWyrzXCBqBEOkZjW0OqOtr4g== Redirect headers date Thu, 17 Mar 2022 14:40:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsKDPDnnoKx9VM3PTUslvBhuSzwO2IyEEj53C%2B%2FcJc210yhCH%2BTKQrAUTMaFB8z5eMc4Za7zd0ctvIph7V5t9uYEmc%2FlzrLe9wBfPaJQBugjYnR%2FTjYzfLhpieda0vZkEG0l6idgPZ2%2BY9jQT264FA%3D%3D"}],"group":"cf-nel","max_age":604800} location https://dyr2dbqz8u9mp.cloudfront.net/gist-0f757f46ff.min.js cache-control private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 6ed67bc66b073755-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	164 KB 58 KB	48ms 25ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MV2PHFB Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b6d67aa864aa92a6a954ba0e29228a478f3567aea5e9cf8aa395e533835377bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 59393 x-xss-protection 0 last-modified Thu, 17 Mar 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 17 Mar 2022 14:40:24 GMT
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v26/	46 KB 46 KB	39ms 17ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://we45.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 06:13:05 GMT x-content-type-options nosniff age 203239 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47312 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:15:33 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 15 Mar 2023 06:13:05 GMT
GET H3	200	fa-solid-900.woff2 we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/	78 KB 79 KB	189ms 189ms	Font application/font-woff2	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 Requested by Host: we45.com URL: https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.2.4 Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.2.4 Origin https://we45.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 80300 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag "6040c8ba-139ac" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None accept-ranges bytes cf-ray 6ed67bc62b749c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v29/	15 KB 16 KB	22ms 8ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://we45.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 11 Mar 2022 09:48:03 GMT x-content-type-options nosniff age 535941 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15688 x-xss-protection 0 last-modified Wed, 22 Sep 2021 16:13:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 11 Mar 2023 09:48:03 GMT
GET H2	200	1Ptsg8zYS_SKggPNyCg4TYFq.woff2 fonts.gstatic.com/s/raleway/v26/	48 KB 48 KB	24ms 9ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v26/1Ptsg8zYS_SKggPNyCg4TYFq.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRaleway%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.6.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash da371145053a4c90d5bacecd88637a6fddb529f32f82bfe008508c4c14e15c8d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://we45.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 16 Mar 2022 07:17:55 GMT x-content-type-options nosniff age 112949 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49284 x-xss-protection 0 last-modified Thu, 03 Feb 2022 00:16:04 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 16 Mar 2023 07:17:55 GMT
GET H3	200	24-Preventing-XSS-with-Base64-encoding-The-False-sense-of-web-application-security.jpg we45.com/wp-content/uploads/2019/04/	18 KB 18 KB	643ms 642ms	Image image/jpeg	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://we45.com/wp-content/uploads/2019/04/24-Preventing-XSS-with-Base64-encoding-The-False-sense-of-web-application-security.jpg Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75bebe721d51dc140969d83a9a0defa2a28842a93aaad0304edf29740eab2c2f Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 18519 ki-cf-cache-status BYPASS last-modified Fri, 20 Nov 2020 11:35:25 GMT server cloudflare etag "5fb7a9fd-4857" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None accept-ranges bytes cf-ray 6ed67bc65bb69c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	2019-footer-bg.png we45.com/wp-content/uploads/2020/11/	35 KB 35 KB	199ms 199ms	Image image/png	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://we45.com/wp-content/uploads/2020/11/2019-footer-bg.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c0a475b62fc2f1913a0af934a5de1a51499af051ccd0ac9443c145d257986480 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 35400 ki-cf-cache-status BYPASS last-modified Mon, 09 Nov 2020 12:23:17 GMT server cloudflare etag "5fa934b5-8a48" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None accept-ranges bytes cf-ray 6ed67bc66bd39c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	Add-a-subheading-2-1024x225.png we45.com/wp-content/uploads/2021/06/	125 KB 126 KB	654ms 654ms	Image image/png	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://we45.com/wp-content/uploads/2021/06/Add-a-subheading-2-1024x225.png Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19f1ddaba2b5594ba20b5f4d98dac961bee35075ef0dd1f285479346cc933cb7 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 128400 ki-cf-cache-status BYPASS last-modified Fri, 04 Jun 2021 10:52:36 GMT server cloudflare etag "60ba05f4-1f590" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None accept-ranges bytes cf-ray 6ed67bc66bd49c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	css2 fonts.googleapis.com/	5 KB 698 B	17ms 16ms	Stylesheet text/css	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato&family=Montserrat&family=Roboto&display=swap Requested by Host: we45.activehosted.com URL: https://we45.activehosted.com/f/embed.php?static=0&id=1&6233427869C73&nostyles=0&preview=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 25c29ec40bd0d0578a383bb69ed23d700f199a547eeb65b9a6b2adacbf824ea3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 17 Mar 2022 13:14:22 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Thu, 17 Mar 2022 14:40:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 17 Mar 2022 14:40:24 GMT
GET H3	200	fa-brands-400.woff2 we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/	77 KB 77 KB	188ms 187ms	Font application/font-woff2	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 Requested by Host: we45.com URL: https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.2.4 Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://we45.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=4.2.4 Origin https://we45.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 78460 ki-cf-cache-status BYPASS last-modified Thu, 04 Mar 2021 11:47:06 GMT server cloudflare etag "6040c8ba-1327c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/font-woff2 access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None accept-ranges bytes cf-ray 6ed67bc67c029c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	sm.23.html Show response static.addtoany.com/menu/ Frame B4AE	741 B 820 B	46ms 29ms	Document text/html	2606:4700:10::6816:46c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/sm.23.html Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/page.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-type text/html; charset=utf-8 p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" last-modified Wed, 22 Sep 2021 23:42:51 GMT etag W/"2e5-5cc9e128a4c38" cache-control max-age=315360000, immutable vary Accept-Encoding via e2s cf-cache-status HIT age 649859 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff server cloudflare cf-ray 6ed67bc6fd420221-ZRH content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	34 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	icons.30.svg.js Show response static.addtoany.com/menu/svg/	77 KB 33 KB	24ms 24ms	Script application/javascript	2606:4700:10::6816:46c5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.addtoany.com/menu/svg/icons.30.svg.js Requested by Host: static.addtoany.com URL: https://static.addtoany.com/menu/page.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT via e1s x-content-type-options nosniff cf-cache-status HIT age 10999595 p3p CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT" content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 10 Nov 2021 01:49:04 GMT server cloudflare etag W/"132a9-5d0656e4a26b3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 vary Accept-Encoding cache-control max-age=315360000, immutable cf-ray 6ed67bc70d5f0221-ZRH cf-bgj minify
GET H2	200	diffuser.js Show response diffuser-cdn.app-us1.com/diffuser/	24 KB 6 KB	56ms 28ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Requested by Host: we45.com URL: https://we45.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=5.6.8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding gzip cf-cache-status HIT age 123 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront last-modified Thu, 21 Oct 2021 17:42:06 GMT server cloudflare etag W/"4d482a43613d3966f353ec9d97452e0c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript via 1.1 25d46f0dbca17b9a78cca036e17d8ad3.cloudfront.net (CloudFront) cache-control public, max-age=300 x-amz-cf-pop ZRH50-C1 cf-ray 6ed67bc73826233d-ZRH x-amz-cf-id uBsPkXu5wkoRgjA3IEYdJeQ9Y-mnrSMFFNrr7jr9zwcr9__42XWp6Q==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV2PHFB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 3934 date Thu, 17 Mar 2022 13:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Thu, 17 Mar 2022 15:34:50 GMT
GET H/1.1	200 OK	insight.min.js Show response snap.licdn.com/li.lms-analytics/	8 KB 3 KB	55ms 16ms	Script application/x-javascript	2a02:26f0:f7::5c7b:e053 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MV2PHFB Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:f7::5c7b:e053 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Thu, 17 Mar 2022 14:40:24 GMT Content-Encoding gzip Last-Modified Wed, 09 Mar 2022 20:16:02 GMT X-CDN AKAM Vary Accept-Encoding Content-Type application/x-javascript;charset=utf-8 Cache-Control max-age=37643 Connection keep-alive Accept-Ranges bytes Content-Length 3073
GET H2	200	plugin.js Show response static.orginfo.io/js/	4 KB 2 KB	48ms 7ms	Script application/javascript	2600:1901:0:e909:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.orginfo.io/js/plugin.js Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:e909:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 59fae392dbfae57fbe4acce91a661841cb274fd2b61f049848f2f47f612c2ec5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:39:45 GMT content-encoding gzip age 39 x-guploader-uploadid ADPycdtP1HAWBDCP5kf9jXDzuJdxxX0Ww3kuCKiWLyJT--nq3R_pvL3l5gCkFIAHPynT0iT15PM1PxFaoMc0SHG2LxQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc clear content-length 1499 last-modified Mon, 21 Dec 2020 13:23:57 GMT server UploadServer etag "595a5895e92ff20d48ce0d179b3b0fc2" vary Accept-Encoding x-goog-hash crc32c=6vCGlA==, md5=WVpYlekv8g1Izg0XmzsPwg== content-language en x-goog-generation 1608557037374190 cache-control public, max-age=600 x-goog-stored-content-length 1499 accept-ranges bytes content-type application/javascript expires Thu, 17 Mar 2022 14:49:45 GMT
GET H2	200	lftracker_v1_lYNOR8xn3Lg4WQJZ.js Show response sc.lfeeder.com/	26 KB 10 KB	74ms 23ms	Script application/javascript	2600:9000:21c7:2e00:1f:f723:6fc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_lYNOR8xn3Lg4WQJZ.js Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21c7:2e00:1f:f723:6fc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c66dd34abe6240b83f0449b0ebe310d3d091cd6ad0a8c663557150130dc26978 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-amz-version-id NAwRFDzfVu1B8yzLbYxvtWxUcwdvjFlz content-encoding gzip last-modified Tue, 15 Mar 2022 11:17:48 GMT server AmazonS3 age 2317 etag W/"3fab9fc21069021c8f4e7055a6cb6f93" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 df4167ab0949b4d2c15466bdfdc05f94.cloudfront.net (CloudFront) cache-control max-age=3600 date Thu, 17 Mar 2022 14:01:48 GMT x-amz-cf-pop AMS54-C1 x-amz-cf-id Cn3WdKR_djQpa2ucablxcib65sWJVsoKHGitDJn4sAfKyhbEQoLJ7Q==
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	29ms 14ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1565631791&t=pageview&_s=1&dl=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&ul=en-us&de=UTF-8&dt=How%20to%20Prevent%20XSS%3A%20Why%20Base64%20is%20Not%20Enough%20%7C%20we45&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1968279465&gjid=426455329&cid=275487010.1647528024&tid=UA-12164530-1&_gid=1519742319.1647528024&_r=1&gtm=2wg3e0MV2PHFB&cd3=275487010.1647528024&cd6=20220317%7C09762474&cd4=14%3A40%3A24&z=237507447 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://we45.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://we45.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	401	fe Show response api.orginfo.io/data/v1/org/	55 B 225 B	165ms 113ms	XHR application/json	2600:1901:0:72d4:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://api.orginfo.io/data/v1/org/fe?rf=&pt=How%20to%20Prevent%20XSS%3A%20Why%20Base64%20is%20Not%20Enough%20%7C%20we45&ct=1647528024228&tz=0 Requested by Host: static.orginfo.io URL: https://static.orginfo.io/js/plugin.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:72d4:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx/1.14.2 / Express Resource Hash 6753213e86605af75cbe9c0cf55ffe067e66637d342d7d5cb39eba0d6ac67220 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 google etag W/"37-6Jl09lTfyOrsB5ewac7+QZgoKI4" server nginx/1.14.2 x-powered-by Express content-type application/json; charset=utf-8 access-control-allow-origin * alt-svc clear content-length 55
GET H2	200	/ Show response prism.app-us1.com/	248 B 395 B	184ms 184ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prism.app-us1.com/?a=610904716&u=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.28 Resource Hash 07a80bd38108f78bd1b8b8dc8e7498303c13566dc72bb6ba95235a16c12c2f54 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.28 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript cache-control no-cache, private x-envoy-upstream-service-time 63 cf-ray 6ed67bc77888233d-ZRH
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D217627%26time%3D1647528024233%26url%3Dhttps%253A%252F%252Fwe45.com%252Fblog%252Fp... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&l... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&...	0 263 B	177ms 158ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&liSync=true&e_ipv6=AQIXL9yCjAOH-gAAAX-YUpqZ9ez--7ANjem3Fjd52KTm-pDJOtWUnpSJQz9aeRBOxOaiQ71bsw Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 2978D3EE04464C4AA67FA858C7CB70DA Ref B: FRAEDGE0908 Ref C: 2022-03-17T14:40:24Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-proto http/2 content-length 0 x-li-uuid AAXaawKv4HS9WnCyg2PQeA== x-li-fabric prod-ltx1 Redirect headers date Thu, 17 Mar 2022 14:40:24 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 286A8B71701D45CDA08C5FF4BF167848 Ref B: FRAEDGE1213 Ref C: 2022-03-17T14:40:24Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=217627&time=1647528024233&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&liSync=true&e_ipv6=AQIXL9yCjAOH-gAAAX-YUpqZ9ez--7ANjem3Fjd52KTm-pDJOtWUnpSJQz9aeRBOxOaiQ71bsw x-li-proto http/2 content-length 0 x-li-uuid AAXaawKrsTb63uVyKOq45A==
GET H3	200	favicon.ico we45.com/wp-content/uploads/2021/04/	15 KB 5 KB	636ms 636ms	Image image/x-icon	162.159.135.42 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://we45.com/wp-content/uploads/2021/04/favicon.ico Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 162.159.135.42 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b79151aead47feb4e4ef7b4b72300260eb2cb04cb6b9de8b8e676ee9167ed13b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Origin https://we45.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC ki-edge v=17.1 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 ki-cf-cache-status BYPASS last-modified Mon, 26 Apr 2021 08:30:13 GMT server cloudflare etag W/"60867a15-3c2e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/x-icon access-control-allow-origin * cache-control max-age=315360000 ki-cache-type None cf-ray 6ed67bc7ae8e9c04-FRA x-edge-location-klb 1 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 437 B	60ms 20ms	XHR text/plain	2a00:1450:400c:c01::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-12164530-1&cid=275487010.1647528024&jid=1968279465&gjid=426455329&_gid=1519742319.1647528024&_u=YEBAAEAAAAAAAC~&z=1555909216 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://we45.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Thu, 17 Mar 2022 14:40:24 GMT content-type text/plain access-control-allow-origin https://we45.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ tr.lfeeder.com/	43 B 292 B	85ms 43ms	Image image/gif	13.227.219.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr.lfeeder.com/?sid=lYNOR8xn3Lg4WQJZ&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTEyMTY0NTMwLTEiXSwiZ2FDbGllbnRJZHMiOlsiMjc1NDg3MDEwLjE2NDc1MjgwMjQiXSwiY29udGV4dCI6eyJsaWJyYXJ5Ijp7Im5hbWUiOiJsZnRyYWNrZXIiLCJ2ZXJzaW9uIjoiMi40MC4xIn0sInBhZ2VVcmwiOiJodHRwczovL3dlNDUuY29tL2Jsb2cvcHJldmVudGluZy14c3Mtd2l0aC1iYXNlNjQtZW5jb2RpbmctdGhlLWZhbHNlLXNlbnNlLW9mLXdlYi1hcHBsaWNhdGlvbi1zZWN1cml0eS8iLCJwYWdlVGl0bGUiOiJIb3cgdG8gUHJldmVudCBYU1M6IFdoeSBCYXNlNjQgaXMgTm90IEVub3VnaCB8IHdlNDUiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjlmNWRkOTVkN2M0ZjEzMTYiLCJjbGllbnRUaW1lc3RhbXAiOiIyMDIyLTAzLTE3VDE0OjQwOjI0LjI3NVoiLCJjbGllbnRUaW1lem9uZSI6MCwic2NyaXB0SWQiOiJsWU5PUjh4bjNMZzRXUUpaIiwiY29va2llc0VuYWJsZWQiOnRydWUsImNvbnNlbnRMZXZlbCI6Im5vbmUiLCJhbm9ueW1pemVJcCI6ZmFsc2UsImxmQ2xpZW50SWQiOiJMRjEuMS5lMjkwZDRjMDA5MjcyZWQ4LjE2NDc1MjgwMjQyNzMiLCJmb3JlaWduQ29va2llcyI6W10sInByb3BlcnRpZXMiOnt9LCJhdXRvVHJhY2tpbmdFbmFibGVkIjp0cnVlfQ== Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.227.219.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-227-219-49.ams54.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS54-C1 x-cache LambdaGeneratedResponse from cloudfront content-type image/gif content-length 43 x-amz-cf-id k9P4mIa-PQhWpjg9E_wwqx8xMBY_Ob3BIflRzr6u2mbsuwcnO51YZg==
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	52ms 33ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12164530-1&cid=275487010.1647528024&jid=1968279465&_u=YEBAAEAAAAAAAC~&z=251112598 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	54ms 32ms	Image image/gif	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-12164530-1&cid=275487010.1647528024&jid=1968279465&_u=YEBAAEAAAAAAAC~&z=251112598 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Thu, 17 Mar 2022 14:40:24 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 6ms	Image image/gif	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1565631791&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&ul=en-us&de=UTF-8&dt=How%20to%20Prevent%20XSS%3A%20Why%20Base64%20is%20Not%20Enough%20%7C%20we45&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=orgInfo&ea=undefined&_u=aHDAAEABAAAAAC~&jid=&gjid=&cid=275487010.1647528024&tid=UA-12164530-1&_gid=1519742319.1647528024&gtm=2wg3e0MV2PHFB&cd7=(not%20set)&cd9=(not%20set)&z=1677745536 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Thu, 17 Mar 2022 05:08:46 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 34298 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	t_prism_sitemessages.php Show response trackcmp.net/	0 362 B	164ms 124ms	Script text/javascript	2606:4700::6812:10c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://trackcmp.net/t_prism_sitemessages.php?trackid=610904716&prismid=bf3bc82c-4158-4487-a5b7-ecf53161ee7b&url=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:10c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.1.33 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.1.33 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" p3p CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM" content-type text/javascript;charset=UTF-8 cache-control no-cache, private x-privacy-policy You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/ cf-ray 6ed67bc8d9340229-ZRH content-length 0
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/	360 KB 142 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&ver=3.0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://we45.com/ Origin https://we45.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:28:23 GMT content-encoding gzip x-content-type-options nosniff age 721 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 145081 x-xss-protection 0 last-modified Mon, 07 Mar 2022 05:02:21 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 17 Mar 2023 14:28:23 GMT
GET H2	200	hotjar-1707891.js Show response static.hotjar.com/c/	6 KB 3 KB	82ms 50ms	Script application/javascript	52.222.137.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1707891.js?sv=6 Requested by Host: we45.com URL: https://we45.com/blog/preventing-xss-with-base64-encoding-the-false-sense-of-web-application-security/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.137.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-137-30.ams50.r.cloudfront.net Software / Resource Hash 37801c9aeffc591f95940a017729f8b8a2309c3255241384d722ec9d349efd97 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop AMS50-C1 etag W/319a0cf2c2f2e17fbb52cb1cdf38f4df vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id 7eUz4wRCde-d4VL5Pgr5gAG2E1S-NqdWIkRYgUZN6WY3MNEwDBUeuw== via 1.1 d11ab7cc015083593a9e8e8e2dac0692.cloudfront.net (CloudFront)
GET H2	200	project_4e6bw7ct.txt Show response d258lu9myqkejp.cloudfront.net/widget/settings/	4 KB 2 KB	66ms 15ms	XHR text/plain	2600:9000:21c7:2e00:1a:3012:2940:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d258lu9myqkejp.cloudfront.net/widget/settings/project_4e6bw7ct.txt Requested by Host: widget.getgist.com URL: https://widget.getgist.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21c7:2e00:1a:3012:2940:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 807ad96b19f5ac60fa70ef160892a11fa0d99c590d5f8e80933010f600bf478c Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 14 Mar 2022 16:29:59 GMT content-encoding gzip vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method age 252626 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 14 Mar 2022 16:26:56 GMT server AmazonS3 etag W/"5c1a72455addafc70ec2bd3edf5a1c0e" access-control-max-age 3000 access-control-allow-methods GET content-type text/plain via 1.1 acf9ad664f94bee3e3cf93077b65edea.cloudfront.net (CloudFront) cache-control no-cache x-amz-cf-pop AMS54-C1 x-amz-cf-id 58lnEaGorRG31NSrXoUaXnpkJSbT9_nSAXyCsPoCHVJpTz0a-gnNag==
GET H2	200	/ Show response prism.app-us1.com/	248 B 224 B	179ms 179ms	Script application/javascript	2606:4700::6811:925b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://prism.app-us1.com/?a=610904716&u=https%3A%2F%2Fwe45.com%2Fblog%2Fpreventing-xss-with-base64-encoding-the-false-sense-of-web-application-security%2F&t=bf3bc82c-4158-4487-a5b7-ecf53161ee7b Requested by Host: diffuser-cdn.app-us1.com URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.28 Resource Hash 07a80bd38108f78bd1b8b8dc8e7498303c13566dc72bb6ba95235a16c12c2f54 Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-powered-by PHP/7.4.28 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type application/javascript cache-control no-cache, private x-envoy-upstream-service-time 52 cf-ray 6ed67bc92b80233d-ZRH
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame FA67	41 KB 21 KB	32ms 32ms	Document text/html	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9161de01129ab04271a90c75931903d0a06e8553d0290cf94833fe409f5c25c8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Ky9TEIaQTrVoXmoTSd185A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy require-corp report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Thu, 17 Mar 2022 14:40:24 GMT content-security-policy script-src 'report-sample' 'nonce-Ky9TEIaQTrVoXmoTSd185A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 21758 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	422	event_data Show response data.getgist.com/v1/	31 B 503 B	142ms 116ms	XHR application/json	34.149.136.106 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data.getgist.com/v1/event_data Requested by Host: widget.getgist.com URL: https://widget.getgist.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.149.136.106 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 106.136.149.34.bc.googleusercontent.com Software nginx/1.18.0 + Phusion Passenger(R) 6.0.10 / Phusion Passenger(R) 6.0.10 Resource Hash 5bd885681ddc6a978ba2dae4e55fd5c8ca3e1966b4283d45254944f826c2c488 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://we45.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Thu, 17 Mar 2022 14:40:24 GMT via 1.1 google x-content-type-options nosniff x-powered-by Phusion Passenger(R) 6.0.10 status 422 Unprocessable Entity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block x-request-id 5ea0178e-41d8-4bd5-9c5e-42732f3e03e5 x-runtime 0.021562 server nginx/1.18.0 + Phusion Passenger(R) 6.0.10 x-frame-options SAMEORIGIN access-control-max-age 1728000 access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://we45.com vary Origin cache-control no-cache access-control-allow-credentials true
GET H2	200	bundle-xzg3zldl32.min.js Show response dyr2dbqz8u9mp.cloudfront.net/messenger/ Frame BB6D	963 KB 220 KB	19ms 19ms	Script application/javascript	2600:9000:2204:9200:c:7018:1040:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-xzg3zldl32.min.js Requested by Host: widget.getgist.com URL: https://widget.getgist.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2204:9200:c:7018:1040:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cf882a5af0b6068060486bdab78c1c426809767a2121e1068a53464fdfe63db4 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 10:27:19 GMT content-encoding gzip last-modified Tue, 15 Mar 2022 09:47:37 GMT server AmazonS3 age 187986 etag W/"937ff6078fe79862d735daf64709ad77" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 fb60efae608d5d8f2d160585f251caae.cloudfront.net (CloudFront) cache-control max-age=31536000,public x-amz-cf-pop AMS50-C1 x-amz-cf-id FT5radG_GJwG7UtLb2ibg0GYCh4qi4ICQ8Bf-zZXDle06tprfu31TQ==
GET H2	200	modules.7d3f952308caf42c2b67.js Show response script.hotjar.com/	236 KB 62 KB	35ms 11ms	Script application/javascript	108.157.4.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.7d3f952308caf42c2b67.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1707891.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-38.dus51.r.cloudfront.net Software / Resource Hash 43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 10 Mar 2022 09:02:06 GMT content-encoding br x-content-type-options nosniff age 625098 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 63048 access-control-allow-origin * last-modified Thu, 10 Mar 2022 09:01:33 GMT etag "2f5d47da7be4d107a04726029158797c" vary Accept-Encoding content-type application/javascript via 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop DUS51-P2 accept-ranges bytes x-robots-tag none x-amz-cf-id -N2m5pmI2xxk469WbBDt5pHbNkqbebPcYckHkl_k4IsjLIwoAkV43w==
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame FA67	51 KB 24 KB	23ms 8ms	Stylesheet text/css	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 13:55:56 GMT content-encoding gzip x-content-type-options nosniff age 2668 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 07 Mar 2022 05:02:21 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 17 Mar 2023 13:55:56 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ Frame FA67	360 KB 142 KB	22ms 8ms	Script text/javascript	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 15f9c75454fbc8c7a512938af4ebbe852cd2fe82b8bd32ec98222a231b8a7e12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:28:23 GMT content-encoding gzip x-content-type-options nosniff age 721 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 145081 x-xss-protection 0 last-modified Mon, 07 Mar 2022 05:02:21 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 17 Mar 2023 14:28:23 GMT
GET H2	200	box-acca23410e696f2ca3087d947271c3d0.html Show response vars.hotjar.com/ Frame 134A	2 KB 1 KB	32ms 10ms	Document text/html	108.157.4.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1707891.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.7 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-7.dus51.r.cloudfront.net Software / Resource Hash e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://we45.com/ Response headers content-type text/html content-length 1044 date Fri, 04 Feb 2022 08:52:06 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin etag "6f65fac4e8efe167ff5132c0c54c5729" last-modified Fri, 04 Feb 2022 08:51:39 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P2 x-amz-cf-id mXrGqZt_aKb8RxlsTbX1YUgTWUBE0qHmVY3Qr5U95ZLWpKhyWl0xYw== age 3563298
GET BLOB	200 OK	29f3d53e-f539-49eb-9b5c-a49a0a2b2f2a https://we45.com/ Frame BB6D	12 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://we45.com/29f3d53e-f539-49eb-9b5c-a49a0a2b2f2a Requested by Host: dyr2dbqz8u9mp.cloudfront.net URL: https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-xzg3zldl32.min.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash a45e454cb7897b8bad2153ac0223cc7774f1bc804829a7aeb8b3b74ee7d92632 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Length 12436 Content-Type text/css
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame FA67	2 KB 2 KB	7ms 7ms	Image image/png	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 18:59:48 GMT x-content-type-options nosniff age 157236 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 22 Mar 2022 18:59:48 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame FA67	15 KB 15 KB	23ms 7ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 17:06:41 GMT x-content-type-options nosniff age 164023 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 15 Mar 2023 17:06:41 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame FA67	15 KB 15 KB	24ms 9ms	Font font/woff2	2a00:1450:4001:803::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 15 Mar 2022 14:17:54 GMT x-content-type-options nosniff age 174150 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 15 Mar 2023 14:17:54 GMT
GET		newMessage.mp3 d258lu9myqkejp.cloudfront.net/audios/ Frame BB6D	0 0
GET		newConversation.mp3 d258lu9myqkejp.cloudfront.net/audios/ Frame BB6D	0 0
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame FA67	102 B 134 B	16ms 16ms	Other text/javascript	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=85AXn53af-oJBEtL2o2WpAjZ Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f98ff8ab059bdef9ea7fe9165a4e74fce15166abdbb8dd25307b7b7d9ac26ddd Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Thu, 17 Mar 2022 14:40:24 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Thu, 17 Mar 2022 14:40:24 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/1707891/	146 B 321 B	105ms 41ms	XHR application/json	54.155.9.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/1707891/visit-data?sv=6 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.155.9.137 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-155-9-137.eu-west-1.compute.amazonaws.com Software / Resource Hash 5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d Request headers Referer https://we45.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Thu, 17 Mar 2022 14:40:25 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame FA67	32 KB 18 KB	50ms 50ms	XHR application/json	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 16f32fe7647f6fe3a508e1f2ea5a4615deb1dcd828e02566769dfafb7d0e8e2c Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeJQusZAAAAAKo1VwKC7f1uDGGvgRAfKF6sCJ5I&co=aHR0cHM6Ly93ZTQ1LmNvbTo0NDM.&hl=de&v=85AXn53af-oJBEtL2o2WpAjZ&size=invisible&cb=tkgpwx3j0tj0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-protobuffer Response headers date Thu, 17 Mar 2022 14:40:25 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18336 x-xss-protection 1; mode=block expires Thu, 17 Mar 2022 14:40:25 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

d258lu9myqkejp.cloudfront.net

URL

https://d258lu9myqkejp.cloudfront.net/audios/newMessage.mp3

Domain

d258lu9myqkejp.cloudfront.net

URL

https://d258lu9myqkejp.cloudfront.net/audios/newConversation.mp3