www.fastly.com Open in urlscan Pro
2a04:4e42:400::313 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Submission: On May 31 via api (May 31st 2024, 2:12:02 am UTC) from TR — Scanned from DE

Summary HTTP 166 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 25 domains to perform 166 HTTP transactions. The main IP is 2a04:4e42:400::313, located in United States and belongs to FASTLY, US. The main domain is www.fastly.com. The Cisco Umbrella rank of the primary domain is 456434.
TLS certificate: Issued by Certainly Intermediate R1 on May 30th 2024. Valid for: a month.

This is the only time www.fastly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a04:4e42:400... 2a04:4e42:400::313	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
1 76	151.101.129.57 151.101.129.57	54113 (FASTLY) (FASTLY)
5	88.221.60.75 88.221.60.75	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.230.228.32 54.230.228.32	16509 (AMAZON-02) (AMAZON-02)
5	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	18.66.192.37 18.66.192.37	16509 (AMAZON-02) (AMAZON-02)
1 1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
1	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
6	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	152.195.15.58 152.195.15.58	15133 (EDGECAST) (EDGECAST)
11	151.101.2.91 151.101.2.91	54113 (FASTLY) (FASTLY)
2	2606:4700:440... 2606:4700:4400::ac40:90e1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.37.212 104.18.37.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:24c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.111.208.231 34.111.208.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::603	54113 (FASTLY) (FASTLY)
1	146.75.106.91 146.75.106.91	54113 (FASTLY) (FASTLY)
1	151.101.66.91 151.101.66.91	54113 (FASTLY) (FASTLY)
1	151.101.214.91 151.101.214.91	54113 (FASTLY) (FASTLY)
1	104.16.117.43 104.16.117.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	104.16.118.43 104.16.118.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.126.91 151.101.126.91	54113 (FASTLY) (FASTLY)
1	2600:9000:237... 2600:9000:237d:6400:4:8491:f2c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.40.116 108.138.40.116	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 2	18.207.58.146 18.207.58.146	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	34.224.237.84 34.224.237.84	14618 (AMAZON-AES) (AMAZON-AES)
1	146.75.118.91 146.75.118.91	54113 (FASTLY) (FASTLY)
1	18.173.187.83 18.173.187.83	16509 (AMAZON-02) (AMAZON-02)
1	146.75.122.91 146.75.122.91	54113 (FASTLY) (FASTLY)
1	146.75.58.91 146.75.58.91	54113 (FASTLY) (FASTLY)
1	151.101.130.91 151.101.130.91	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	151.101.154.91 151.101.154.91	54113 (FASTLY) (FASTLY)
1	151.101.46.91 151.101.46.91	54113 (FASTLY) (FASTLY)
1	146.75.82.91 146.75.82.91	54113 (FASTLY) (FASTLY)
166	45

4 2a04:4e42:400::313 (United States)

ASN54113 (FASTLY, US)

www.fastly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

client-registry.mutinycdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 151.101.129.57 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

www.fastly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.221.60.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.228.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-32.muc50.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o1025883.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

025-xko-469.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-37.muc50.r.cloudfront.net

rc-widget-frame.js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States) 1 redirects

ASN54113 (FASTLY, US)

fiddle.fastlydemo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

fiddle.fastly.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

lux.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 152.195.15.58 (United States)

ASN15133 (EDGECAST, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.bizibly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.2.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

www.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:90e1 (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.g2crowd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.37.212 (None, )

ASN13335 (CLOUDFLARENET, US)

js.zi-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:24c4 (United States)

ASN13335 (CLOUDFLARENET, US)

trk.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.208.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.208.111.34.bc.googleusercontent.com

ibc-flow.techtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::603 (United States)

ASN54113 (FASTLY, US)

fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.106.91 (Dallas, United States)

ASN54113 (FASTLY, US)

kdfw-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

edbe0149-7373-4c41-8102-510f7b6ed0f8.eu.u.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.214.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

yvr-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.117.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws-assets.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.126.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

yyz-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:6400:4:8491:f2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.40.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-40-116.muc50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.207.58.146 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-58-146.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.237.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-237-84.compute-1.amazonaws.com

hemsync.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.118.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bare-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-83.muc50.r.cloudfront.net

api.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.122.91 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

etou-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.58.91 (Palermo, Italy)

ASN54113 (FASTLY, US)

pmo-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

astral-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.154.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

bom-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.46.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

kteb-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.82.91 (United States)

ASN54113 (FASTLY, US)

klot-v4.pops.fastly-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	fastly.com 1 redirects www.fastly.com — Cisco Umbrella Rank: 456434	1 MB
23	fastly-insights.com www.fastly-insights.com — Cisco Umbrella Rank: 8414 fastly-insights.com — Cisco Umbrella Rank: 7573 kdfw-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 46789 edbe0149-7373-4c41-8102-510f7b6ed0f8.eu.u.fastly-insights.com yvr-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 72948 yyz-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 56216 bare-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 22573 etou-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 83007 pmo-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 98948 astral-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 24583 bom-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 94762 kteb-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 51063 klot-v4.pops.fastly-insights.com — Cisco Umbrella Rank: 48073	49 KB
6	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 312	127 KB
5	zoominfo.com ws-assets.zoominfo.com — Cisco Umbrella Rank: 11817 ws.zoominfo.com — Cisco Umbrella Rank: 4715	31 KB
5	sentry.io o1025883.ingest.sentry.io	511 B
5	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3868	6 KB
4	clickagy.com 1 redirects tags.clickagy.com — Cisco Umbrella Rank: 23885 aorta.clickagy.com — Cisco Umbrella Rank: 2218 hemsync.clickagy.com — Cisco Umbrella Rank: 20348	15 KB
4	bizible.com cdn.bizible.com — Cisco Umbrella Rank: 7752	26 KB
4	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 6908 lux.speedcurve.com — Cisco Umbrella Rank: 19989	9 KB
3	techtarget.com trk.techtarget.com — Cisco Umbrella Rank: 26104 ibc-flow.techtarget.com — Cisco Umbrella Rank: 23444	2 KB
3	zi-scripts.com js.zi-scripts.com — Cisco Umbrella Rank: 6903	4 KB
3	driftt.com js.driftt.com — Cisco Umbrella Rank: 5864 rc-widget-frame.js.driftt.com — Cisco Umbrella Rank: 106213 Failed	60 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	223 KB
2	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 272 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	654 B
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1370 insight.adsrvr.org — Cisco Umbrella Rank: 691	5 KB
2	g2crowd.com tracking.g2crowd.com — Cisco Umbrella Rank: 7754	1 KB
2	mutinycdn.com client-registry.mutinycdn.com — Cisco Umbrella Rank: 18650	17 KB
1	google.de www.google.de — Cisco Umbrella Rank: 7810	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095	254 B
1	company-target.com api.company-target.com — Cisco Umbrella Rank: 4111	935 B
1	bizibly.com cdn.bizibly.com — Cisco Umbrella Rank: 11942	205 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 533	304 B
1	fastly.dev fiddle.fastly.dev	3 KB
1	fastlydemo.net 1 redirects fiddle.fastlydemo.net	205 B
1	mktoresp.com 025-xko-469.mktoresp.com Failed	318 B
166	25

	Domain	Requested by
80	www.fastly.com	1 redirects www.fastly.com
11	www.fastly-insights.com	www.googletagmanager.com www.fastly-insights.com
6	cdn.cookielaw.org	www.fastly.com cdn.cookielaw.org
5	o1025883.ingest.sentry.io	www.fastly.com
5	munchkin.marketo.net	www.fastly.com munchkin.marketo.net
4	ws.zoominfo.com	www.fastly.com
4	cdn.bizible.com	www.googletagmanager.com cdn.bizible.com
3	js.zi-scripts.com	www.fastly.com
3	lux.speedcurve.com
3	www.googletagmanager.com	www.fastly.com www.googletagmanager.com
2	aorta.clickagy.com	1 redirects www.fastly.com
2	ibc-flow.techtarget.com	www.fastly.com
2	tracking.g2crowd.com	www.fastly.com tracking.g2crowd.com
2	js.driftt.com	www.fastly.com
2	client-registry.mutinycdn.com	www.fastly.com
1	klot-v4.pops.fastly-insights.com	www.fastly.com
1	kteb-v4.pops.fastly-insights.com	www.fastly.com
1	bom-v4.pops.fastly-insights.com	www.fastly.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	astral-v4.pops.fastly-insights.com	www.fastly.com
1	pmo-v4.pops.fastly-insights.com	www.fastly.com
1	etou-v4.pops.fastly-insights.com	www.fastly.com
1	api.company-target.com	www.fastly.com
1	bare-v4.pops.fastly-insights.com	www.fastly.com
1	hemsync.clickagy.com	www.fastly.com
1	cm.g.doubleclick.net
1	insight.adsrvr.org	js.adsrvr.org
1	js.adsrvr.org	www.fastly.com
1	tags.clickagy.com	www.fastly.com
1	yyz-v4.pops.fastly-insights.com	www.fastly.com
1	ws-assets.zoominfo.com	js.zi-scripts.com
1	yvr-v4.pops.fastly-insights.com	www.fastly.com
1	edbe0149-7373-4c41-8102-510f7b6ed0f8.eu.u.fastly-insights.com	www.fastly.com
1	kdfw-v4.pops.fastly-insights.com	www.fastly.com
1	fastly-insights.com	www.fastly.com
1	cdn.bizibly.com
1	trk.techtarget.com	www.fastly.com
1	geolocation.onetrust.com	www.fastly.com
1	cdn.speedcurve.com	www.fastly.com
1	fiddle.fastly.dev
1	fiddle.fastlydemo.net	1 redirects
1	rc-widget-frame.js.driftt.com	js.driftt.com
1	025-xko-469.mktoresp.com	munchkin.marketo.net
166	45

This site contains links to these domains. Also see Links.

Domain
support.fastly.com
manage.fastly.com
www.wordfence.com
patchstack.com
wpscan.com
blog.sucuri.net
wordpress.org
www.joomunited.com
www.facebook.com
twitter.com
www.linkedin.com
www.fastlystatus.com
investors.fastly.com
www.twitter.com
www.instagram.com
www.youtube.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.fastly.com Certainly Intermediate R1	`2024-05-30` - `2024-06-29`	a month	crt.sh
*.google-analytics.com WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh
client-registry.mutinycdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-06` - `2025-04-07`	a year	crt.sh
*.marketo.net DigiCert TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-12-11`	a year	crt.sh
drift.com Amazon RSA 2048 M02	`2023-08-15` - `2024-09-11`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.mktoresp.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-07` - `2024-10-07`	a year	crt.sh
*.drift.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-21` - `2025-02-21`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
io.bizible.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-01` - `2024-07-01`	a year	crt.sh
fastly-insights.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-20` - `2025-01-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-24` - `2024-07-23`	a year	crt.sh
zi-scripts.com GTS CA 1P5	`2024-05-27` - `2024-08-25`	3 months	crt.sh
trk.techtarget.com GTS CA 1P5	`2024-05-24` - `2024-08-22`	3 months	crt.sh
ibc-flow.techtarget.com GTS CA 1D4	`2024-05-06` - `2024-08-04`	3 months	crt.sh
zoominfo.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh
*.clickagy.com Amazon ECDSA 256 M02	`2023-09-22` - `2024-10-20`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
api.demandbase.com Go Daddy Secure Certificate Authority - G2	`2023-09-27` - `2024-09-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-13` - `2024-08-05`	3 months	crt.sh
*.google.de WR2	`2024-05-13` - `2024-08-05`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Frame ID: 3932EF29B0227A460B231F06256280F5
Requests: 165 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=d42f1587-0f04-452b-a604-f90b8f06f4ae&sessionStarted=1717121514.405&campaignRefreshToken=9d6f7854-d974-4bd6-94ff-b289060bac31&pageLoadStartTime=1717121513819&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F
Frame ID: 40BD773B22459E4C1A8E1B9E492A2902
Requests: 1 HTTP requests in this frame

Frame: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=d42f1587-0f04-452b-a604-f90b8f06f4ae&sessionStarted=1717121514.405&campaignRefreshToken=9d6f7854-d974-4bd6-94ff-b289060bac31&pageLoadStartTime=1717121514421&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F
Frame ID: BD388D651ECC550C56B4C18F6047502A
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=siw7zzj&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&upid=srcqgs0&upv=1.1.0
Frame ID: 53F01F0F101D94C7F34668CFD144B9DB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ HTTP 301
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

166
Requests

96 %
HTTPS

27 %
IPv6

25
Domains

45
Subdomains

45
IPs

5
Countries

1765 kB
Transfer

7670 kB
Size

20
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://support.fastly.com/
Title: Support Center

Search URL Search Domain Scan URL

URL: https://manage.fastly.com/
Title: Einloggen

Search URL Search Domain Scan URL

URL: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-statistics/wp-statistics-145-unauthenticated-stored-cross-site-scripting
Title: CVE-2024-2194

Search URL Search Domain Scan URL

URL: https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/wp-meta-seo/wp-meta-seo-4512-unauthenticated-stored-cross-site-scripting-via-referer-header
Title: CVE-2023-6961

Search URL Search Domain Scan URL

URL: https://patchstack.com/database/vulnerability/litespeed-cache/wordpress-litespeed-cache-plugin-5-7-unauthenticated-site-wide-stored-xss-vulnerability/
Title: CVE-2023-40000

Search URL Search Domain Scan URL

URL: https://wpscan.com/blog/surge-of-javascript-malware-in-sites-with-vulnerable-versions-of-litespeed-cache-plugin/
Title: 1

Search URL Search Domain Scan URL

URL: https://blog.sucuri.net/2023/10/balada-injector-targets-unpatched-tagdiv-plugin-newspaper-theme-wordpress-admins.html
Title: 2

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-statistics/
Title: WP Statistics plugin

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-statistics/advanced/
Title: versions lower than 14.5

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-meta-seo
Title: WP Meta SEO plugin

Search URL Search Domain Scan URL

URL: https://www.joomunited.com/wordpress-products/wp-meta-seo/404-errors-and-url-redirect-manager
Title: 404 & Redirects page

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/wp-meta-seo/advanced/
Title: versions lower than 4.5

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/litespeed-cache/
Title: LiteSpeed Cache plugin

Search URL Search Domain Scan URL

URL: https://wordpress.org/plugins/litespeed-cache/advanced/
Title: versions lower than 5.7

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/&text=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&title=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins&url=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/

Search URL Search Domain Scan URL

URL: https://www.fastlystatus.com/
Title: Netzwerkstatus

Search URL Search Domain Scan URL

URL: https://investors.fastly.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fastly
Title: X

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/fastly
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fastlyinc
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC2Zx8R9llwwyNBB6thfIwxg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ HTTP 301
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://fiddle.fastlydemo.net/embed.js HTTP 301
https://fiddle.fastly.dev/embed.js

Request Chain 140

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Yzo4NzVmYTM2YzczMDdhYjk5Yjc2MTdmYjE3ZmI1ZDhmNg

166 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Show response
www.fastly.com/blog/ 634 KB
91 KB 232ms
177ms Document
text/html 2a04:4e42:400::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d544371ecb9105be2c36b69bbb3c2bfac1c7c727820f6eb613dc211a546f72c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=0, must-revalidate
content-encoding: gzip
content-length: 93010
content-type: text/html
date: Fri, 31 May 2024 02:11:53 GMT
etag: "a41eb796db8aa2c9f1c8ea087f726c27"
link: </g-static/fonts/subsetting/inter-var.woff2>; rel=preload; as=font; crossorigin; nopush, <https://user-data.mutinycdn.com>; rel=preconnect, <https://client.mutinycdn.com>; rel=preconnect, <https://client-registry.mutinycdn.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect
server: Artisanal bits
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
x-cache-hits: 0, 0, 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-sjc10044-SJC, cache-sjc10063-SJC, cache-fra-etou8220054-FRA
x-timer: S1717121514.620782,VS0,VE153
x-xss-protection: 1; mode=block

GET
H2 200 inter-var.woff2
www.fastly.com/g-static/fonts/subsetting/ 77 KB
77 KB 28ms
27ms Font
font/woff2 2a04:4e42:400::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/subsetting/inter-var.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37bb2fe07156e83bf66ed1214d5f27cae6bdd70549affa70372b82a9c6689ba7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10071-SJC, cache-sjc1000105-SJC, cache-fra-etou8220054-FRA
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.800971,VS0,VE1
etag: "c74946b05a04c9302636cc6106891bbd"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 78400
x-cache-hits: 0, 13, 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 412 KB
121 KB 102ms
49ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb1ff994ff6d868abb394aa5525526e1d5942b15f196a84d282a29b89e22e5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123325
x-xss-protection: 0
last-modified: Fri, 31 May 2024 00:01:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 May 2024 02:11:53 GMT

GET
H2 200 b20024ac5582424c.js Show response
client-registry.mutinycdn.com/personalize/client/ 52 KB
17 KB 78ms
21ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/b20024ac5582424c.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6c171b08e694561c3b9fc15844e5a44e0877dd6531b0bd93369adb6752fe49a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DIX0a7uXrrT6IxW0rnQzcWDNg7XmWbsn
x-continent-code: EU
content-encoding: gzip
date: Fri, 31 May 2024 02:11:53 GMT
via: 1.1 varnish
x-edge-region: EU-East
x-amz-request-id: W3WGS1DW57D3DQER
age: 3353
x-amz-server-side-encryption: AES256
x-cache: HIT
x-edge-datacenter: FRA
content-length: 17030
x-amz-id-2: FDZAmdn7X0y1CjxaNj1cpzexqHwqE2zbKjA+HfunqMLe8dDIr2b3PO/Osv79HCuoidHLVEzFzQI=
x-served-by: cache-fra-etou8220024-FRA
x-connection-speed: broadband
last-modified: Fri, 24 May 2024 15:17:07 GMT
server: AmazonS3
etag: "7769fece9327ded70486fc0d02b9dee9"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=3600, max-age=0
vary: X-Continent-Code, Accept-Encoding
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 2

GET
H3 200 icon-social-facebook.svg
www.fastly.com/g-static/icons/ 597 B
669 B 21ms
20ms Image
image/svg+xml 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-facebook.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10022-SJC, cache-sjc1000105-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.847550,VS0,VE1
etag: "bb1c97bce60b58d56b793de7b4a4bc13"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 359
x-cache-hits: 0, 34, 0

GET
H3 200 icon-social-twitter.svg
www.fastly.com/g-static/icons/ 1 KB
1 KB 22ms
21ms Image
image/svg+xml 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-twitter.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000089-SJC, cache-sjc10039-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.847653,VS0,VE2
etag: "337117f8ea61b8fe03a5e612e8314180"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
x-cache-hits: 0, 35, 0

GET
H3 200 icon-social-LinkedIn.svg
www.fastly.com/g-static/icons/ 781 B
734 B 21ms
21ms Image
image/svg+xml 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-LinkedIn.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000119-SJC, cache-sjc1000122-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.869890,VS0,VE1
etag: "de1e54a0a64e58525dbe0884c382f63a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 424
x-cache-hits: 0, 34, 0

GET
H3 200 webpack-runtime-df969cd2d846ef1c3d63.js Show response
www.fastly.com/ 17 KB
8 KB 175ms
175ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1e5f7d4d60bcb8678a98628b208e9433d415f2c6512d846c46f8eedf8137ec13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000123-SJC, cache-sjc1000133-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.927290,VS0,VE153
etag: "a21e01b206fd7fafe76be90b59bcedd5"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7646
x-cache-hits: 0, 0, 0

GET
H3 200 framework-151fc19b9b9ac4505994.js Show response
www.fastly.com/ 142 KB
45 KB 22ms
22ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

b9561116be07dfb5c239a4ff5c9414c8ffc316835e8122265b4c2b73321e04f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10074-SJC, cache-sjc1000117-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.930415,VS0,VE1
etag: "ef8201535fcede2bc23ee156acaef19b"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45805
x-cache-hits: 0, 0, 0

GET
H3 200 252f366e-d1aa38507652cb741e60.js Show response
www.fastly.com/ 1 KB
782 B 24ms
23ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/252f366e-d1aa38507652cb741e60.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

17fec48aa0d675502c93181d7307ca32e12378e24c21eec53a9f40d604017493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000141-SJC, cache-sjc1000106-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.930945,VS0,VE1
etag: "697ad6d43c89541e8b393a6a89e2e9ef"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 471
x-cache-hits: 0, 0, 0

GET
H3 200 2c56e427-01361d4940eeadfd165c.js Show response
www.fastly.com/ 277 KB
85 KB 41ms
40ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/2c56e427-01361d4940eeadfd165c.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cd182f3a350ac2d27a4ec5de75d7f39315f31c83db302387deaa56cd48f08fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10053-SJC, cache-sjc1000099-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.931063,VS0,VE3
etag: "715d965f78523bf90b11bc8855091ddd"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 86505
x-cache-hits: 0, 0, 0

GET
H3 200 f344f784-59cf6dfaf4313f3a2695.js Show response
www.fastly.com/ 307 KB
89 KB 25ms
23ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/f344f784-59cf6dfaf4313f3a2695.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d83f00e53d435070c5a0d3ff2fa641dbe8c407d9fc754403da515ca52fc4ea0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000137-SJC, cache-sjc10031-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.931172,VS0,VE2
etag: "a5050db0b9208146b92bcae8eb2ca082"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 91303
x-cache-hits: 0, 0, 0

GET
H3 200 app-c48bcfdfda7dfcf3d66b.js Show response
www.fastly.com/ 565 KB
184 KB 176ms
175ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

44730c460898f223690f1f123bf9ff9bf8992fceb2bbead5effb1ed0f20b7eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10037-SJC, cache-sjc10053-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.931233,VS0,VE151
etag: "01e34ad7e24c140e2ecdc419948d2bfd"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 187605
x-cache-hits: 0, 0, 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 80ms
24ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 x2ugb2nh7dxy.js
js.driftt.com/include/1717121700000/ 212 KB
60 KB 448ms
381ms Script
application/javascript 54.230.228.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1717121700000/x2ugb2nh7dxy.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-32.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 91e0db6ff3a77218c7993c4fa2b04cf6.cloudfront.net (CloudFront), 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
x-amz-cf-pop: IAD61-P3, MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 77
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3pD4QCpubVLeNwi8t8j39j4RQcO1x2h05J-tAzHYHba1y-AG0bwzmg==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445c32c2df2239bda46c6e62b2a6de1eb0abb24b03675b4047a435c0c24c47ad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1

Request headers

Referer
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2
www.fastly.com/static/ 56 KB
56 KB 29ms
29ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1ba7f7e31ef37d69f9541a2af99984deed19867ab8f8a24d53da8c5b47b47cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000129-SJC, cache-sjc10052-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963499,VS0,VE1
etag: "f2a8ff0942c38a6325df9a0f60277e93"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56868
x-cache-hits: 0, 1, 0

GET
H3 200 ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2
www.fastly.com/static/ 59 KB
59 KB 30ms
30ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

37e8818124561754e1c997013c3bfebfa1e87ec9338148293f7d3870d8e2ae83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10035-SJC, cache-sjc1000146-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963184,VS0,VE2
etag: "5d684e67bb303b33d0fc0303d91e76af"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59992
x-cache-hits: 0, 0, 0

GET
H3 200 roboto.woff2
www.fastly.com/g-static/fonts/ 12 KB
12 KB 31ms
31ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/roboto.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000099-SJC, cache-sjc10052-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963748,VS0,VE1
etag: "d8ab6e6b16f310580e0570584c0ce6d4"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12312
x-cache-hits: 0, 5, 0

GET
H3 200 ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2
www.fastly.com/static/ 56 KB
57 KB 32ms
32ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3109a1a489eb6cf9429c02f62539fbfeac0a730ac3e25b157afc28def5689b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10032-SJC, cache-sjc10029-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963749,VS0,VE1
etag: "3846fe18ab988be9b98be555ee4c964a"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57832
x-cache-hits: 0, 0, 0

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 836 B
1 KB 175ms
174ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300704
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=836 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 836
x-served-by: cache-sjc1000140-SJC, cache-sjc10062-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121514.962279,VS0,VE150
etag: "w55cncqW7lRXrIFtJk8yEl9DSKBo8EwB3DHcPnGO0tU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 15, 0

GET
H3 200 simran.jpeg
www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/ 699 B
1 KB 182ms
182ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/simran.jpeg?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

14ab9cffba365eab7420a6e75f65bfe85308431fbeb48fb308d21c9b426a5242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300712
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=200562 idim=1024x1024 ifmt=jpeg ofsz=699 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 699
x-served-by: cache-sjc1000091-SJC, cache-sjc1000100-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121514.962491,VS0,VE158
etag: "Z4x+XkgdmixRHKgUoQj69tvDojC5hFuAhjMFlHbO9Qk"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 14, 0

GET
H3 200 image-20240528-184030.png
www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/ 674 B
1 KB 181ms
180ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/image-20240528-184030.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

773f7d8838ae33fd62fa7cc873009886716e07091a869edbc379fbf9c1121077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300701
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=194268 idim=480x480 ifmt=png ofsz=674 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 674
x-served-by: cache-sjc10028-SJC, cache-sjc10059-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121514.962485,VS0,VE157
etag: "wUlyWlxio7aaQu5scBLaIYhCqH3vsIWHvFcT3bX98dI"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 14, 0

GET image-20240528-195447.png
www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/ 0
0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
5 KB 24ms
24ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 08 Sep 2024 02:11:54 GMT

POST visitWebPage
025-xko-469.mktoresp.com/webevents/ 0
0

POST
H2 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
308 B 101ms
29ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-data.json Show response
www.fastly.com/page-data/ 50 B
366 B 25ms
25ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/app-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1c03dd81ed43a4e618daaba34157029fcb6b82acfd09becccef85d97c0686e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10035-SJC, cache-sjc10033-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.177185,VS0,VE2
etag: "eeb1ab733e5f9635e0269593a7347831"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ 52 KB
13 KB 170ms
170ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

da5ffaa3ecfb62fb9e1d58ed51468eee919fdcb3bdc24990f1c921c3390f78c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10041-SJC, cache-sjc1000093-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.177252,VS0,VE150
etag: "2ecdb848f10352f37f2b1b4ebf111bca"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12812
x-cache-hits: 0, 0, 0

GET
H3 200 43a66a61-c84aa95f2ddfba93c469.js Show response
www.fastly.com/ 16 KB
5 KB 21ms
21ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/43a66a61-c84aa95f2ddfba93c469.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe8ee1e74a19f26f635bfd0127127df11580dede6ad1878cc864d3686bab6ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10044-SJC, cache-sjc10057-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350417,VS0,VE1
etag: "9c542dba9b59eb4a08ab445bed9e9901"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4424
x-cache-hits: 0, 1, 0

GET
H3 200 commons-d15e4fa94351ced85b96.js Show response
www.fastly.com/ 13 KB
5 KB 23ms
23ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/commons-d15e4fa94351ced85b96.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0ba0a6dc3b6c35adbbfbe6986c9284b130a088b99194c538059986b46e4b982c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000144-SJC, cache-sjc1000111-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350568,VS0,VE1
etag: "f8813d8fa5ac68732927c160f7fbdc88"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4955
x-cache-hits: 0, 0, 0

GET
H3 200 component---src-templates-blog-post-js-866d3397ebbb89925494.js Show response
www.fastly.com/ 10 KB
4 KB 25ms
25ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/component---src-templates-blog-post-js-866d3397ebbb89925494.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

15a056617d74788f1cd880c91661b8682a4dae8a7b732ed83f06a85e916a7951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000101-SJC, cache-sjc1000107-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350557,VS0,VE2
etag: "0546bd48b28535f83eaa05b4df389a39"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3853
x-cache-hits: 0, 1, 0

GET
H3 200 1727377946.json Show response
www.fastly.com/page-data/sq/d/ 61 B
360 B 21ms
21ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1727377946.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10046-SJC, cache-sjc10080-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350664,VS0,VE1
etag: "620acf1ee1d982fd3abfad3d91e15496"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-cache-hits: 0, 0, 0

GET
H3 200 1831612556.json Show response
www.fastly.com/page-data/sq/d/ 409 B
532 B 23ms
23ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1831612556.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10067-SJC, cache-sjc10021-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350745,VS0,VE2
etag: "d23265dab806df0bcfaeae0eb941f680"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 237
x-cache-hits: 0, 1, 0

GET
H3 200 2892375363.json Show response
www.fastly.com/page-data/sq/d/ 35 KB
11 KB 26ms
25ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/2892375363.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

86bf1036789fc9768f23c81cdf61c486b86228a0eddbe232e86a99a96dac5d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10045-SJC, cache-sjc10071-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.351249,VS0,VE1
etag: "808867d668fa9a7869d09468cd75a89c"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10728
x-cache-hits: 0, 1, 0

GET
H3 200 3715587086.json Show response
www.fastly.com/page-data/sq/d/ 642 B
712 B 24ms
23ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3715587086.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000113-SJC, cache-sjc10024-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.351243,VS0,VE1
etag: "062b895294b682a9dbc9adbe5d97f206"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 415
x-cache-hits: 0, 1, 0

GET
H3 200 3925522448.json Show response
www.fastly.com/page-data/sq/d/ 3 KB
2 KB 27ms
27ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3925522448.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

516e05996b0e9d097fbe55f14bb7948f16a19d043950a88d086975b976593fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10080-SJC, cache-sjc10061-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.351678,VS0,VE1
etag: "2aa5d94312606b8c9bf40c81d65812c5"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1437
x-cache-hits: 0, 1, 0

GET
H3 200 433030069.json Show response
www.fastly.com/page-data/sq/d/ 316 B
509 B 26ms
26ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/433030069.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cc4abce21cb2be565c9d4ea8b3be9b942b42eee8770694e8a3415e09f0b39803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000089-SJC, cache-sjc10022-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.351452,VS0,VE1
etag: "b81520dfa11dbb486b097182b19955a5"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 212
x-cache-hits: 0, 0, 0

GET
H3 200 668095159.json Show response
www.fastly.com/page-data/sq/d/ 495 B
605 B 27ms
26ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/668095159.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10064-SJC, cache-sjc1000091-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.351622,VS0,VE1
etag: "fc1745b05e609a8bbab6bd072c2caf79"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 310
x-cache-hits: 0, 2, 0

GET
H2

200

Primary Request active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress Show response
www.fastly.com/blog/
Redirect Chain

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

634 KB
247 B

22ms
22ms

Document
text/html

2a04:4e42:400::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:400::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d544371ecb9105be2c36b69bbb3c2bfac1c7c727820f6eb613dc211a546f72c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
content-length: 93010
content-type: text/html
date: Fri, 31 May 2024 02:11:54 GMT
etag: "a41eb796db8aa2c9f1c8ea087f726c27"
link: </g-static/fonts/subsetting/inter-var.woff2>; rel=preload; as=font; crossorigin; nopush, <https://user-data.mutinycdn.com>; rel=preconnect, <https://client.mutinycdn.com>; rel=preconnect, <https://client-registry.mutinycdn.com>; rel=preconnect, <https://www.googletagmanager.com>; rel=preconnect
server: Artisanal bits
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-etou8220108-FRA
x-timer: S1717121514.407620,VS0,VE2
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Fri, 31 May 2024 02:11:54 GMT
location: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
retry-after: 0
server: Artisanal bits
strict-transport-security: max-age=31536000
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220108-FRA

GET core
rc-widget-frame.js.driftt.com/ Frame 40BD 0
0

GET
H2 200 inter-var.woff2
www.fastly.com/g-static/fonts/subsetting/ 77 KB
0 28ms
27ms Font
font/woff2 2a04:4e42:400::313
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/subsetting/inter-var.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::313 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 13, 0
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.800971,VS0,VE1
etag: "c74946b05a04c9302636cc6106891bbd"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 78400
x-served-by: cache-sjc10071-SJC, cache-sjc1000105-SJC, cache-fra-etou8220054-FRA

GET
H2 304 b20024ac5582424c.js Show response
client-registry.mutinycdn.com/personalize/client/ 52 KB
54 B 21ms
21ms Script
application/javascript 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://client-registry.mutinycdn.com/personalize/client/b20024ac5582424c.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6c171b08e694561c3b9fc15844e5a44e0877dd6531b0bd93369adb6752fe49a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.fastly.com/
If-None-Match: "7769fece9327ded70486fc0d02b9dee9"
If-Modified-Since: Fri, 24 May 2024 15:17:07 GMT
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Fri, 31 May 2024 02:11:54 GMT
via: 1.1 varnish
x-continent-code: EU
x-connection-speed: broadband
x-edge-region: EU-East
age: 3354
etag: "7769fece9327ded70486fc0d02b9dee9"
vary: X-Continent-Code, Accept-Encoding
x-cache: HIT
cache-control: s-maxage=3600, max-age=0
x-edge-datacenter: FRA
x-country-code: DE
x-served-by: cache-fra-etou8220024-FRA

GET
H3 200 icon-social-facebook.svg
www.fastly.com/g-static/icons/ 597 B
0 21ms
20ms Image
image/svg+xml 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-facebook.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 34, 0
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.847550,VS0,VE1
etag: "bb1c97bce60b58d56b793de7b4a4bc13"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 359
x-served-by: cache-sjc10022-SJC, cache-sjc1000105-SJC, cache-fra-etou8220108-FRA

GET
H3 200 icon-social-twitter.svg
www.fastly.com/g-static/icons/ 1 KB
0 22ms
21ms Image
image/svg+xml 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-twitter.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 35, 0
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.847653,VS0,VE2
etag: "337117f8ea61b8fe03a5e612e8314180"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 792
x-served-by: cache-sjc1000089-SJC, cache-sjc10039-SJC, cache-fra-etou8220108-FRA

GET
H3 200 icon-social-LinkedIn.svg
www.fastly.com/g-static/icons/ 781 B
0 21ms
21ms Image
image/svg+xml 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/g-static/icons/icon-social-LinkedIn.svg

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 34, 0
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.869890,VS0,VE1
etag: "de1e54a0a64e58525dbe0884c382f63a"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: image/svg+xml
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 424
x-served-by: cache-sjc1000119-SJC, cache-sjc1000122-SJC, cache-fra-etou8220108-FRA

GET
H3 200 webpack-runtime-df969cd2d846ef1c3d63.js Show response
www.fastly.com/ 17 KB
0 175ms
175ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1e5f7d4d60bcb8678a98628b208e9433d415f2c6512d846c46f8eedf8137ec13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.927290,VS0,VE153
etag: "a21e01b206fd7fafe76be90b59bcedd5"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7646
x-served-by: cache-sjc1000123-SJC, cache-sjc1000133-SJC, cache-fra-etou8220108-FRA

GET
H3 200 framework-151fc19b9b9ac4505994.js Show response
www.fastly.com/ 142 KB
0 22ms
22ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

b9561116be07dfb5c239a4ff5c9414c8ffc316835e8122265b4c2b73321e04f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.930415,VS0,VE1
etag: "ef8201535fcede2bc23ee156acaef19b"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45805
x-served-by: cache-sjc10074-SJC, cache-sjc1000117-SJC, cache-fra-etou8220108-FRA

GET
H3 200 252f366e-d1aa38507652cb741e60.js Show response
www.fastly.com/ 1 KB
0 24ms
23ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/252f366e-d1aa38507652cb741e60.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

17fec48aa0d675502c93181d7307ca32e12378e24c21eec53a9f40d604017493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.930945,VS0,VE1
etag: "697ad6d43c89541e8b393a6a89e2e9ef"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 471
x-served-by: cache-sjc1000141-SJC, cache-sjc1000106-SJC, cache-fra-etou8220108-FRA

GET
H3 200 2c56e427-01361d4940eeadfd165c.js Show response
www.fastly.com/ 277 KB
0 41ms
40ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/2c56e427-01361d4940eeadfd165c.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cd182f3a350ac2d27a4ec5de75d7f39315f31c83db302387deaa56cd48f08fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.931063,VS0,VE3
etag: "715d965f78523bf90b11bc8855091ddd"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 86505
x-served-by: cache-sjc10053-SJC, cache-sjc1000099-SJC, cache-fra-etou8220108-FRA

GET
H3 200 f344f784-59cf6dfaf4313f3a2695.js Show response
www.fastly.com/ 307 KB
0 25ms
23ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/f344f784-59cf6dfaf4313f3a2695.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d83f00e53d435070c5a0d3ff2fa641dbe8c407d9fc754403da515ca52fc4ea0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.931172,VS0,VE2
etag: "a5050db0b9208146b92bcae8eb2ca082"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 91303
x-served-by: cache-sjc1000137-SJC, cache-sjc10031-SJC, cache-fra-etou8220108-FRA

GET
H3 200 app-c48bcfdfda7dfcf3d66b.js Show response
www.fastly.com/ 565 KB
0 176ms
175ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

44730c460898f223690f1f123bf9ff9bf8992fceb2bbead5effb1ed0f20b7eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.931233,VS0,VE151
etag: "01e34ad7e24c140e2ecdc419948d2bfd"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 187605
x-served-by: cache-sjc10037-SJC, cache-sjc10053-SJC, cache-fra-etou8220108-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 412 KB
0 102ms
49ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb1ff994ff6d868abb394aa5525526e1d5942b15f196a84d282a29b89e22e5b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123325
x-xss-protection: 0
last-modified: Fri, 31 May 2024 00:01:49 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 May 2024 02:11:53 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
0 80ms
24ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 729

GET
H2 200 x2ugb2nh7dxy.js Show response
js.driftt.com/include/1717121700000/ 212 KB
0 448ms
381ms Script
application/javascript 54.230.228.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1717121700000/x2ugb2nh7dxy.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-32.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: fwT06mdOrTHjuLmyd8.idzR8VPd5.dxi
strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 91e0db6ff3a77218c7993c4fa2b04cf6.cloudfront.net (CloudFront), 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
x-amz-cf-pop: IAD61-P3, MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 77
last-modified: Mon, 21 Aug 2023 14:57:31 GMT
server: istio-envoy
etag: W/"576cdc1c0941a520c47b54aef3b463f7"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10
access-control-allow-credentials: true,true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 3pD4QCpubVLeNwi8t8j39j4RQcO1x2h05J-tAzHYHba1y-AG0bwzmg==

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 836 B
0 175ms
174ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300704
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=836 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 836
x-served-by: cache-sjc1000140-SJC, cache-sjc10062-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121514.962279,VS0,VE150
etag: "w55cncqW7lRXrIFtJk8yEl9DSKBo8EwB3DHcPnGO0tU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 15, 0

GET
H3 200 simran.jpeg
www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/ 699 B
0 182ms
182ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/simran.jpeg?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

14ab9cffba365eab7420a6e75f65bfe85308431fbeb48fb308d21c9b426a5242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300712
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=200562 idim=1024x1024 ifmt=jpeg ofsz=699 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 699
x-served-by: cache-sjc1000091-SJC, cache-sjc1000100-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121514.962491,VS0,VE158
etag: "Z4x+XkgdmixRHKgUoQj69tvDojC5hFuAhjMFlHbO9Qk"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 14, 0

GET
H3 200 image-20240528-184030.png
www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/ 674 B
0 181ms
180ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/image-20240528-184030.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

773f7d8838ae33fd62fa7cc873009886716e07091a869edbc379fbf9c1121077

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300701
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=194268 idim=480x480 ifmt=png ofsz=674 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 674
x-served-by: cache-sjc10028-SJC, cache-sjc10059-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121514.962485,VS0,VE157
etag: "wUlyWlxio7aaQu5scBLaIYhCqH3vsIWHvFcT3bX98dI"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 14, 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/163/ 11 KB
0 24ms
24ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/163/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Jan 2023 02:26:40 GMT
Server: AkamaiNetStorage
ETag: "ea7826f34518d7c2295738f39c7640fa:1672972000.238769"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4741
Expires: Sun, 08 Sep 2024 02:11:54 GMT

GET
H3 200 ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2
www.fastly.com/static/ 56 KB
0 29ms
29ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Regular-3679101b453b50d72c9cf4c1ea749200.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963499,VS0,VE1
etag: "f2a8ff0942c38a6325df9a0f60277e93"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 56868
x-served-by: cache-sjc1000129-SJC, cache-sjc10052-SJC, cache-fra-etou8220108-FRA

GET
H3 200 ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2
www.fastly.com/static/ 56 KB
0 32ms
32ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Medium-f2ce73a9fe478070893781580588fc94.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963749,VS0,VE1
etag: "3846fe18ab988be9b98be555ee4c964a"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 57832
x-served-by: cache-sjc10032-SJC, cache-sjc10029-SJC, cache-fra-etou8220108-FRA

GET
H3 200 ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2
www.fastly.com/static/ 59 KB
0 30ms
30ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/static/ESRebondGrotesque-Bold-71b661c9a1cc0e17703278991732c1c7.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963184,VS0,VE2
etag: "5d684e67bb303b33d0fc0303d91e76af"
x-cache: MISS, MISS, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59992
x-served-by: cache-sjc10035-SJC, cache-sjc1000146-SJC, cache-fra-etou8220108-FRA

GET
H3 200 roboto.woff2
www.fastly.com/g-static/fonts/ 12 KB
0 31ms
31ms Font
font/woff2 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fonts/roboto.woff2

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 5, 0
date: Fri, 31 May 2024 02:11:53 GMT
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.963748,VS0,VE1
etag: "d8ab6e6b16f310580e0570584c0ce6d4"
x-cache: MISS, HIT, HIT
content-type: font/woff2
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12312
x-served-by: cache-sjc1000099-SJC, cache-sjc10052-SJC, cache-fra-etou8220108-FRA

GET
DATA 200
OK truncated
/ 377 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 445c32c2df2239bda46c6e62b2a6de1eb0abb24b03675b4047a435c0c24c47ad

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 282 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1

Request headers

Referer
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 image-20240528-195447.png
www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/ 800 B
1 KB 484ms
484ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/image-20240528-195447.png?auto=avif&fit=crop&height=40&width=40

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

b7a9abff26f10f1da273ea00346283c5aaf8a44042085661d64d2eabb1d2a9a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300714
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=3004007 idim=1345x989 ifmt=png ofsz=800 odim=40x40 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 800
x-served-by: cache-sjc1000135-SJC, cache-sjc1000138-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.538076,VS0,VE463
etag: "D8DsvJ288YRVI170Gua2jkFVuVVxywSmBkX53XA927U"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 14, 0

POST
H2 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
65 B 25ms
25ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 app-data.json Show response
www.fastly.com/page-data/ 50 B
248 B 24ms
24ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/app-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1c03dd81ed43a4e618daaba34157029fcb6b82acfd09becccef85d97c0686e85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.568108,VS0,VE2
etag: "eeb1ab733e5f9635e0269593a7347831"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70
x-cache-hits: 1

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ 52 KB
247 B 23ms
23ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

da5ffaa3ecfb62fb9e1d58ed51468eee919fdcb3bdc24990f1c921c3390f78c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.568197,VS0,VE2
etag: "2ecdb848f10352f37f2b1b4ebf111bca"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12812
x-cache-hits: 1

POST
H/1.1 200
OK visitWebPage
025-xko-469.mktoresp.com/webevents/ 2 B
318 B 753ms
190ms Ping
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://025-xko-469.mktoresp.com/webevents/visitWebPage?_mchNc=1717121514566&_mchCn=&_mchId=025-XKO-469&_mchTk=_mch-fastly.com-1717121514053-46718&_mchHo=www.fastly.com&_mchPo=&_mchRu=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/163/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:55 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: e98f74f9-25c0-4ba0-98cb-3a2575333110

GET
H2 200 core
rc-widget-frame.js.driftt.com/ Frame BD38 0
0 360ms
360ms Document
text/html 18.66.192.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=d42f1587-0f04-452b-a604-f90b8f06f4ae&sessionStarted=1717121514.405&campaignRefreshToken=9d6f7854-d974-4bd6-94ff-b289060bac31&pageLoadStartTime=1717121514421&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1717121700000/x2ugb2nh7dxy.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.37 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-37.muc50.r.cloudfront.net

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Fri, 31 May 2024 02:11:54 GMT
etag: W/"6a5cea74d414ec151635bd2880abb1c3"
last-modified: Mon, 21 Aug 2023 14:57:03 GMT
server: istio-envoy
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 6ef87569c26a159f552948d3c30a2be0.cloudfront.net (CloudFront)
x-amz-cf-id: 43oaURyNld2G5WrLt8kpzR03thlfiBtx2bMaxHGXnHdtmTt7Cn57fg==
x-amz-cf-pop: MUC50-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: hIxJdEPbt_45OV8bTT9Ad1M7VE.ABA8G
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 20

GET
H3 200 43a66a61-c84aa95f2ddfba93c469.js Show response
www.fastly.com/ 16 KB
0 21ms
21ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/43a66a61-c84aa95f2ddfba93c469.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

fe8ee1e74a19f26f635bfd0127127df11580dede6ad1878cc864d3686bab6ee2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350417,VS0,VE1
etag: "9c542dba9b59eb4a08ab445bed9e9901"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4424
x-served-by: cache-sjc10044-SJC, cache-sjc10057-SJC, cache-fra-etou8220108-FRA

GET
H3 200 commons-d15e4fa94351ced85b96.js Show response
www.fastly.com/ 13 KB
0 23ms
23ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/commons-d15e4fa94351ced85b96.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0ba0a6dc3b6c35adbbfbe6986c9284b130a088b99194c538059986b46e4b982c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 0, 0
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350568,VS0,VE1
etag: "f8813d8fa5ac68732927c160f7fbdc88"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4955
x-served-by: cache-sjc1000144-SJC, cache-sjc1000111-SJC, cache-fra-etou8220108-FRA

GET
H3 200 component---src-templates-blog-post-js-866d3397ebbb89925494.js Show response
www.fastly.com/ 10 KB
0 25ms
25ms Script
text/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/component---src-templates-blog-post-js-866d3397ebbb89925494.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/webpack-runtime-df969cd2d846ef1c3d63.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

15a056617d74788f1cd880c91661b8682a4dae8a7b732ed83f06a85e916a7951

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0, 1, 0
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121514.350557,VS0,VE2
etag: "0546bd48b28535f83eaa05b4df389a39"
vary: Accept-Encoding
x-cache: MISS, HIT, HIT
content-type: text/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3853
x-served-by: cache-sjc1000101-SJC, cache-sjc1000107-SJC, cache-fra-etou8220108-FRA

GET
H3 200 1727377946.json Show response
www.fastly.com/page-data/sq/d/ 61 B
247 B 21ms
21ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1727377946.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.595528,VS0,VE1
etag: "620acf1ee1d982fd3abfad3d91e15496"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-cache-hits: 1

GET
H3 200 1831612556.json Show response
www.fastly.com/page-data/sq/d/ 409 B
247 B 23ms
22ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/1831612556.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.595767,VS0,VE1
etag: "d23265dab806df0bcfaeae0eb941f680"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 237
x-cache-hits: 1

GET
H3 200 2892375363.json Show response
www.fastly.com/page-data/sq/d/ 35 KB
248 B 24ms
23ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/2892375363.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

86bf1036789fc9768f23c81cdf61c486b86228a0eddbe232e86a99a96dac5d71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.595745,VS0,VE2
etag: "808867d668fa9a7869d09468cd75a89c"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10728
x-cache-hits: 1

GET
H3 200 3715587086.json Show response
www.fastly.com/page-data/sq/d/ 642 B
248 B 22ms
21ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3715587086.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.595724,VS0,VE1
etag: "062b895294b682a9dbc9adbe5d97f206"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 415
x-cache-hits: 1

GET
H3 200 3925522448.json Show response
www.fastly.com/page-data/sq/d/ 3 KB
247 B 24ms
23ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/3925522448.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

516e05996b0e9d097fbe55f14bb7948f16a19d043950a88d086975b976593fc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.596315,VS0,VE2
etag: "2aa5d94312606b8c9bf40c81d65812c5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1437
x-cache-hits: 1

GET
H3 200 433030069.json Show response
www.fastly.com/page-data/sq/d/ 316 B
248 B 23ms
22ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/433030069.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

cc4abce21cb2be565c9d4ea8b3be9b942b42eee8770694e8a3415e09f0b39803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.596004,VS0,VE1
etag: "b81520dfa11dbb486b097182b19955a5"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 212
x-cache-hits: 1

GET
H3 200 668095159.json Show response
www.fastly.com/page-data/sq/d/ 495 B
247 B 24ms
24ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/sq/d/668095159.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121515.596014,VS0,VE2
etag: "fc1745b05e609a8bbab6bd072c2caf79"
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
cache-control: max-age=0, private, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 310
x-cache-hits: 1

GET
H3 200 image1.png
www.fastly.com/cimages/6pk8mg3yh2ee/799Q2Wy5RwY8pU1VwU36j4/f5a90ffa31cb91641d673baa3cb8d2b8/ 265 KB
265 KB 21ms
20ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/799Q2Wy5RwY8pU1VwU36j4/f5a90ffa31cb91641d673baa3cb8d2b8/image1.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

8e9a56ee211373fbeae846a6172d25f2bcb96429d02dc65ad6eb0d73b64146cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300710
x-cache: Hit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=825356 idim=1999x1667 ifmt=png ofsz=271246 odim=1999x1667 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 271246
x-served-by: cache-sjc1000125-SJC, cache-sjc1000140-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.680465,VS0,VE2
etag: "HzSvyHQ5nn25mTk+Z19LZeNNWXBjgttAAlKkxIqP7Pg"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 13, 0

GET
H3 200 image2.png
www.fastly.com/cimages/6pk8mg3yh2ee/nIZWS4735NptEtMORBMJ1/a5a78ef796fc7784aa2cf30a7967c1fe/ 16 KB
16 KB 23ms
23ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/nIZWS4735NptEtMORBMJ1/a5a78ef796fc7784aa2cf30a7967c1fe/image2.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

486fe4a11df8e574321f4cd832688242e2fa48e1cb1c04e7b80cd6d78c77efb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300703
x-cache: Hit from cloudfront, MISS, HIT, HIT
fastly-io-info: ifsz=41066 idim=1423x476 ifmt=png ofsz=16076 odim=1423x476 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16076
x-served-by: cache-sjc10032-SJC, cache-sjc10035-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.681501,VS0,VE1
etag: "tXI+3ypbeFye/hI37+tFWjNVflc64yMcsggEEVviPQQ"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 13, 0

GET
H3 200 image4.png
www.fastly.com/cimages/6pk8mg3yh2ee/4s7KmtpIXSg3HHeXFCnEux/ad86950bc56566545050048bbadde89b/ 14 KB
15 KB 175ms
175ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4s7KmtpIXSg3HHeXFCnEux/ad86950bc56566545050048bbadde89b/image4.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

31d5f6da756ad666a6f55091582cc4d9880a4fd4d1812e658e808d405000b199

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300713
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=46678 idim=1494x608 ifmt=png ofsz=14788 odim=1494x608 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14788
x-served-by: cache-sjc1000087-SJC, cache-sjc10046-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.681494,VS0,VE154
etag: "kuXzw9ra5QNnTVrMHYkToBICUQc+NRRDzH8ivXqMizs"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 15, 0

GET
H3 200 image3.png
www.fastly.com/cimages/6pk8mg3yh2ee/3jNL1g1PBQ38gQx6M2B5Gj/717a904d22bd16535e5d29da5179918a/ 22 KB
23 KB 381ms
381ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/3jNL1g1PBQ38gQx6M2B5Gj/717a904d22bd16535e5d29da5179918a/image3.png?auto=avif

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

a0bdaf167b258a7a6c20172a119cddb617f46c1de4b710f98b4cd33527ae3374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300701
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=62522 idim=1843x611 ifmt=png ofsz=22693 odim=1843x611 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22693
x-served-by: cache-sjc10038-SJC, cache-sjc10041-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.681661,VS0,VE360
etag: "YifkjEuwmtkVyju6RQ0RF4h49mlIxFfKU1tGel5XdSU"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 13, 0

GET
H3 200 flying_shield_96X96.png
www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/ 2 KB
3 KB 170ms
170ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/4QpydF0nY5dVbQOorbw8CN/6cdb39f282e20801cec6e80b2f2f5460/flying_shield_96X96.png?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

4faf92a677fbcb1a072cdb917b2677de95bd0792e5b7f11af4a217070dc97014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300704
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=5385 idim=96x96 ifmt=png ofsz=2487 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2487
x-served-by: cache-sjc1000140-SJC, cache-sjc10062-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.688536,VS0,VE150
etag: "P5Qd0qb2xphGdZSgPZ/Gf5BZy73qABUeiXfUbTsVzas"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 9, 0

GET
H3 200 simran.jpeg
www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/ 2 KB
2 KB 183ms
182ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/7zVMa35cHfCRpr7KfDEWrX/8ed92c6ee435716bef9c8ac95b551ad0/simran.jpeg?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

3f54c4723e33e35c4cfe06daff86e15db90c44adfb6be3842a39cec26c5a7595

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300712
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=200562 idim=1024x1024 ifmt=jpeg ofsz=1668 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1668
x-served-by: cache-sjc1000091-SJC, cache-sjc1000100-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.691788,VS0,VE160
etag: "V5JYSEbSi/hBGEJ3XXK/Y7dLuksvxavcbC+vbL3grWI"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 9, 0

GET
H3 200 image-20240528-184030.png
www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/ 1 KB
2 KB 181ms
181ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1OTvTPQFumhE8WoHSmg45a/b471d1b347898f813c1b8de5b62f4540/image-20240528-184030.png?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5b34ba53714f9472819d51c98ccb08fa80a076eb569f9cfbdf54271fb6db97b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300701
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=194268 idim=480x480 ifmt=png ofsz=1534 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1534
x-served-by: cache-sjc10028-SJC, cache-sjc10059-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.691759,VS0,VE159
etag: "fOlu28ujvlpv0PKj98f6O0kcmDe61IeqGQ3qCeGMF3g"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 8, 0

GET
H3 200 image-20240528-195447.png
www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/ 3 KB
3 KB 485ms
485ms Image
image/avif 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/image-20240528-195447.png?auto=avif&fit=crop&height=96&width=96

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/framework-151fc19b9b9ac4505994.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

5a022f06ae0b18465655eab62cc4b5ea4c81f640c5e98132a0428ea9e6e3534e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
strict-transport-security: max-age=31536000
fastly-io-served-by: vpop-haf2300714
x-cache: Hit from cloudfront, MISS, HIT, MISS
fastly-io-info: ifsz=3004007 idim=1345x989 ifmt=png ofsz=2820 odim=96x96 ofmt=avif
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2820
x-served-by: cache-sjc1000135-SJC, cache-sjc1000138-SJC, cache-fra-etou8220108-FRA
server: Artisanal bits
x-timer: S1717121515.691749,VS0,VE464
etag: "5VMF9ZnUgLiFOgBnhDkQIQFkQL5z/Wru4WBYITvxNRc"
vary: Accept
content-type: image/avif
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
x-cache-hits: 0, 8, 0

POST
H3 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 2 B
20 B 25ms
25ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

POST
H3 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 41 B
59 B 26ms
26ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3b0c469436a87037dd8de72084cee5e1a22bb2d14c1aaa200ef025bd3c7880e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

POST
H3 200 / Show response
o1025883.ingest.sentry.io/api/6048310/envelope/ 41 B
59 B 26ms
26ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o1025883.ingest.sentry.io/api/6048310/envelope/?sentry_key=d879b4c80908473fa9394fc34fd84ec7&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.70.0

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

4516d7b43866d496171f93b660077eb293df39e2198f5ffb28e08ddda5f42f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41

GET
H2

200

embed.js Show response
fiddle.fastly.dev/
Redirect Chain

https://fiddle.fastlydemo.net/embed.js
https://fiddle.fastly.dev/embed.js

6 KB
3 KB

543ms
477ms

Script
application/javascript

2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fiddle.fastly.dev/embed.js
Protocol: H2
Server: 2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 5b2cb114ad1f05c0b84daba4d01466ed5a782a5cae8a9f2841d918c022210207

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
content-encoding: gzip
age: 0
etag: W/"19db-49773873e8"
x-powered-by: Express
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600, must-revalidate
access-control-allow-credentials: true
vary: Accept
access-control-allow-headers: Content-Type
content-length: 2465

Redirect headers

date: Fri, 31 May 2024 02:11:54 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,POST,OPTIONS
location: https://fiddle.fastly.dev/embed.js
access-control-allow-origin: *
vary: Accept
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
retry-after: 0

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 22 KB
9 KB 82ms
21ms Script
application/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=4272646268
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: d65a39715ffa728f57282b58ea27a40416ae37bacd2c2850c49291a1003ab35e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Fri, 31 May 2024 02:11:54 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 1831
x-cache: HIT
content-length: 8562
x-served-by: cache-fra-etou8220063-FRA
last-modified: Fri, 31 May 2024 01:41:24 GMT
server: Apache
x-timer: S1717121515.786409,VS0,VE1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jun 2024 01:41:24 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 85ms
31ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YmFgVUTeB0lXZXM9YgX19A==
age: 19921
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6882
x-ms-lease-status: unlocked
last-modified: Wed, 29 May 2024 06:37:38 GMT
server: cloudflare
etag: 0x8DC7FA9D53A4CA6
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ec713162-b01e-0019-42e2-b16d01000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88c36f9b6c4e92a8-FRA

GET
H3 200 bundle.js Show response
www.fastly.com/g-static/fastly-swiftype/ 23 KB
9 KB 21ms
20ms Script
application/javascript 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/g-static/fastly-swiftype/bundle.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

2035a3c05a682cf60b1a965d16d52335489608ca1141d9e0b9b3f9c340901f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10039-SJC, cache-sjc1000101-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121515.725972,VS0,VE2
etag: "a41be66ad83ae00d26b9bd8a3c9d4d0e"
vary: Accept-Encoding
x-cache: MISS, MISS, HIT
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9091
x-cache-hits: 0, 0, 0

GET
H2 200 /
lux.speedcurve.com/lux/ 0
56 B 80ms
24ms Image
image/webp 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lux.speedcurve.com/lux/?v=316&id=4272646268&sid=171712151480212232&uid=171712151480212232&l=Blog%20subpage&HN=www.fastly.com&PN=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&fl=512&NT=1717121514375as0rs0re21fs21ds21de21cs21sc21ce21qs22bs44be46oi188os189oe189oc193ls199le200sr164fc164&LJS=d0t46f21c2n69e0r80x8562l129s426&PS=ns17bs1is20726ss0bc0ic559208ia8it18dd12nd640vh1200vw1600dh10131dw1600ds93010ct4G_er0nt1dm8&CPU=s|83,n|1,d|83,x|83,i|325,242|83&CLS=0.000000&UT=scripts%20done%20blocking|130,start%20widget_conductor:init|193,end%20widget_conductor:init|198,onInitialClientRender|322,widget_conductor:init|193|5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-fra-etou8220052-FRA
date: Fri, 31 May 2024 02:11:54 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1717121515.873002,VS0,VE0
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 /
lux.speedcurve.com/error/ 0
42 B 80ms
24ms Image
text/plain 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lux.speedcurve.com/error/?v=316&id=4272646268&fn=https%3A%2F%2Fwww.fastly.com%2Fframework-151fc19b9b9ac4505994.js&ln=2&cn=44395&msg=Uncaught%20Error%3A%20Minified%20React%20error%20%23425%3B%20visit%20https%3A%2F%2Freactjs.org%2Fdocs%2Ferror-decoder.html%3Finvariant%3D425%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.&l=Blog%20subpage&ct=4G&HN=www.fastly.com&PN=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Fri, 31 May 2024 02:11:54 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1717121515.872886,VS0,VE0
x-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
retry-after: 0
x-served-by: cache-fra-etou8220052-FRA

GET
H2 204 /
lux.speedcurve.com/error/ 0
145 B 79ms
24ms Image
text/plain 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lux.speedcurve.com/error/?v=316&id=4272646268&fn=https%3A%2F%2Fwww.fastly.com%2Fframework-151fc19b9b9ac4505994.js&ln=2&cn=49211&msg=Uncaught%20Error%3A%20Minified%20React%20error%20%23418%3B%20visit%20https%3A%2F%2Freactjs.org%2Fdocs%2Ferror-decoder.html%3Finvariant%3D418%20for%20the%20full%20message%20or%20use%20the%20non-minified%20dev%20environment%20for%20full%20errors%20and%20additional%20helpful%20warnings.&l=Blog%20subpage&ct=4G&HN=www.fastly.com&PN=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Fri, 31 May 2024 02:11:54 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1717121515.872882,VS0,VE0
x-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
retry-after: 0
x-served-by: cache-fra-etou8220052-FRA

GET
H2 200 d8606fe0-eb46-49e2-9118-e39304fc0f7b.json Show response
cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/ 5 KB
2 KB 85ms
39ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/d8606fe0-eb46-49e2-9118-e39304fc0f7b.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b479ed0b2477c2cbddf91a0c9cea1b73c017f9bf787e31c6d9573b2eed9e0b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 31 May 2024 02:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 16069
content-md5: agLfML9ZkE/EGDSFfL4/9A==
content-length: 1828
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 16:59:33 GMT
server: cloudflare
etag: 0x8DC36EC4E4A8439
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5f303b72-901e-0060-74d5-68451c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88c36f9bed263a91-FRA
expires: Sat, 01 Jun 2024 02:11:54 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 101ms
40ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept: application/json
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 88c36f9c8d108f38-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.20.0/ 376 KB
84 KB 39ms
38ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 31 May 2024 02:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jOOTzA5W9ewbfwCUPpt/mw==
age: 21558
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 86053
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:48 GMT
server: cloudflare
etag: 0x8D941124BEC2620
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d90e7eed-d01e-0095-1237-23d136000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88c36f9ccccf92a8-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/31547220-4f5f-469a-a5e2-f49331357eb1/ 74 KB
18 KB 39ms
39ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/d8606fe0-eb46-49e2-9118-e39304fc0f7b/31547220-4f5f-469a-a5e2-f49331357eb1/en.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7af0df8f9644b02cc51d21524c7983a00d9dbc2d3601739d8d6e001548cfe9ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 31 May 2024 02:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 14730
content-md5: 7MVxgQdel9Pwcf0B5uSSCg==
content-length: 18710
x-ms-lease-status: unlocked
last-modified: Mon, 26 Feb 2024 16:59:42 GMT
server: cloudflare
etag: 0x8DC36EC53B5D2F8
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: dbe6a026-901e-0002-33ea-71873b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88c36f9d3d6b3a91-FRA
expires: Sat, 01 Jun 2024 02:11:55 GMT

GET
H2 200 bizible.js Show response
cdn.bizible.com/scripts/ 67 KB
25 KB 141ms
29ms Script
application/x-javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/scripts/bizible.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BA7) /

Resource Hash

72b5a8a2135c12c11678be3c99e786370b9d1deab9d0b4d4a614b7a541ef825f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
last-modified: Thu, 30 May 2024 09:40:58 GMT
server: ECS (amb/6BA7)
age: 17763
etag: "de267d7975b2da1:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 25393

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
0 1ms
1ms Script
application/x-javascript 88.221.60.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.60.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-60-75.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:53 GMT
Content-Encoding: gzip
Last-Modified: Fri, 17 Mar 2023 01:24:48 GMT
Server: AkamaiNetStorage
ETag: "cb731cc5c2bd9f31d6bfeb19f3c8b1ff:1679016288.730763"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 729

GET
H/1.1 200
OK scout.js Show response
www.fastly-insights.com/static/ 16 KB
8 KB 68ms
20ms Script
application/javascript 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bfc08994ce93776aae11e32a3509344efef5ee11e4fcf46e9d6e740b538a5030

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:55 GMT
Via: 1.1 varnish
content-encoding: br
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
Age: 59898
transfer-encoding: chunked
X-Cache: HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Fastly-Restarts: 1
X-Served-By: cache-fra-etou8220090-FRA
Last-Modified: Fri, 19 Nov 2021 13:24:35 GMT
X-Timer: S1717121515.172365,VS0,VE0
ETag: W/"47ef3d4b72e7b60840cf653fbe5101ea"
vary: accept-encoding
x-goog-generation: 1637328275714066
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
x-goog-stored-content-length: 16272
x-amz-checksum-crc32c: J5bR2A==
Accept-Ranges: none
X-Cache-Hits: 56575

GET
H2 200 3997.js Show response
tracking.g2crowd.com/attribution_tracking/conversions/ 2 KB
1 KB 104ms
52ms Script
text/javascript 2606:4700:4400::ac40:90e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.g2crowd.com/attribution_tracking/conversions/3997.js?p=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/&e=

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:90e1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d8e3f99e6ac157c0bf9665cd34a729c8f78e45a908890e231e24fe1867b5e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
content-disposition: inline
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
origin-agent-cluster: ?1
cf-ray: 88c36f9dd8503808-FRA

GET
H3 200 zi-tag.js Show response
js.zi-scripts.com/ 9 KB
3 KB 79ms
42ms Script
application/javascript 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/zi-tag.js
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
x-amz-version-id: 4TVPkf0eH3kVl0Vjj3KPZI_FUiecs6et
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 42590
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 06:37:27 GMT
server: cloudflare
etag: W/"5c7228fc2640a4dfce48217428980fe3"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 88c36f9dc83935f1-FRA
x-amz-cf-id: Yr-rOpETn6sBa0v14fUH36JHJ4v7mD7PIvscnlXA2Zflomtw38FaOA==

GET
H2 200 tracking.js Show response
trk.techtarget.com/ 3 KB
2 KB 108ms
45ms Script
text/javascript 2606:4700:4400::6812:24c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trk.techtarget.com/tracking.js

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:24c4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 15:01:39 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
age: 37322
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1200
cf-ray: 88c36f9deecc91fc-FRA
expires: Fri, 31 May 2024 02:31:55 GMT

GET
H2 200 otFloatingFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/ 10 KB
3 KB 32ms
32ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/otFloatingFlat.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 31 May 2024 02:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: p9XkcRT860KFc2nbQOJsvw==
age: 30032
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2675
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:43 GMT
server: cloudflare
etag: 0x8D9411248A2F288
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: d6bff88b-401e-005c-4e30-246cdb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88c36f9d8d863a91-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/ 47 KB
11 KB 33ms
33ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.20.0/assets/v2/otPcCenter.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded43a6af1e4e0a061fe1c97703f45cc4af82fc367de436789f6c70e5077b0eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 31 May 2024 02:11:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 2vE4qrHr6kOuPbyrvQ8Ntg==
age: 30032
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11533
x-ms-lease-status: unlocked
last-modified: Wed, 07 Jul 2021 06:41:44 GMT
server: cloudflare
etag: 0x8D94112496CA8BA
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fe20d632-501e-007f-3580-22f618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 88c36f9d8d873a91-FRA

OPTIONS
H3 204 getSubscriptions
js.zi-scripts.com/unified/v1/master/ Frame 0
0 487ms
461ms Preflight 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,visited_url
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 0
alt-svc: h3=":443"; ma=86400
apigw-requestid: YnS82iEhvHcEMtg=
cf-cache-status: DYNAMIC
cf-ray: 88c36f9e3a779f2d-FRA
date: Fri, 31 May 2024 02:11:55 GMT
server: cloudflare
vary: Access-Control-Request-Headers
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
x-amz-cf-id: kk9kohUK67YZvYushdwiRFAHxysEQz0obZZ-xly8rJsKDR4p_noTsg==
x-amz-cf-pop: FRA56-P4
x-cache: Miss from cloudfront
x-powered-by: Express

GET
H3 200 getSubscriptions Show response
js.zi-scripts.com/unified/v1/master/ 203 B
560 B 483ms
483ms Fetch
application/json 104.18.37.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.zi-scripts.com/unified/v1/master/getSubscriptions
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fb33784afa9a497f50bb848dab51707b1bd956c11a1ad3d5a25db04b840a0aa1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer 9b339613e91679908663
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.fastly.com/
visited_url: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/

Response headers

date: Fri, 31 May 2024 02:11:56 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P4
x-powered-by: Express
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
apigw-requestid: YnS87jPrPHcEMwQ=
server: cloudflare
etag: W/"cb-dwMnsAQxxZMi5meriZUPcwEsZfY"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 88c36fa11c269f2d-FRA
x-amz-cf-id: M1xfVo0s2tIQ0k6nUUKl-dWyRg61jcjVlk_k8lJqZk57ckpVOn1A1Q==

POST
H2 200 assign
tracking.g2crowd.com/attribution_tracking/conversions/ 0
0 146ms
145ms Ping
text/html 2606:4700:4400::ac40:90e1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.g2crowd.com/attribution_tracking/conversions/assign
Requested by: Host: tracking.g2crowd.com
URL: https://tracking.g2crowd.com/attribution_tracking/conversions/3997.js?p=https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/&e=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:90e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryb95w3JgVbkeTfXqf

Response headers

GET
H2 200 gif.gif Show response
ibc-flow.techtarget.com/a/ 43 B
451 B 124ms
124ms XHR
image/gif 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=4982510&r=1717121515224&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&version=2.4
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

ibc_rate_tier: 4982510
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPpBSZhGFQQ-rQRbDXhTfY2rUCzxzQEdjXI0KOoc4oa5eYb4kmtdGd303u5bv8HGRrTmOqE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
last-modified: Thu, 08 Dec 2022 21:19:29 GMT
server: nginx/1.20.2
etag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
vary: Origin
x-goog-generation: 1670534369365034
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=7uenZA==, md5=/JT7DD7YqPkJ28djCgmH/w==
cache-control: public, max-age=3600
access-control-allow-methods: GET, POST, OPTIONS
x-goog-stored-content-length: 43
accept-ranges: bytes
access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
expires: Fri, 31 May 2024 03:11:55 GMT

OPTIONS
H2 200 gif.gif
ibc-flow.techtarget.com/a/ Frame 0
0 177ms
123ms Preflight
text/html 34.111.208.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ibc-flow.techtarget.com/a/gif.gif?actTypeId=31&cid=4982510&r=1717121515224&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&version=2.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.208.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.208.111.34.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: ibc_rate_tier
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: ibc_header,ibc_rate_tier,User-Agent,X-Requested-With,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 31 May 2024 02:11:55 GMT
expires: Fri, 31 May 2024 02:11:55 GMT
server: nginx/1.20.2
vary: Origin
via: 1.1 google
x-guploader-uploadid: ABPtcPocRudiJq4EeeYEyGR4EMVqdAGHZ9h5ufBVO67GwrRX9HMc1XPdNfD7LqJVmPRJQ7pevxM

GET
H2 200 ipv
cdn.bizible.com/ 43 B
305 B 29ms
28ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/ipv?_biz_r=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_h=-1906410348&_biz_u=de416dbf433d4d6f9ea8e8e9294c3d27&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_t=1717121515258&_biz_i=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&_biz_n=0&rnd=824850&cdn_o=a&_biz_z=1717121515259

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B77) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 02:11:55 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 24 May 2024 21:15:27 GMT
server: ECS (amb/6B77)
age: 536188
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H2 200 u
cdn.bizibly.com/ 43 B
205 B 39ms
29ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizibly.com/u?_biz_u=de416dbf433d4d6f9ea8e8e9294c3d27&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_t=1717121515260&_biz_i=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&rnd=107835&cdn_o=a&_biz_z=1717121515260

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7E) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 02:11:55 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 24 May 2024 21:15:41 GMT
server: ECS (amb/6B7E)
age: 536174
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
H/1.1 200
OK a2560724-7682-4399-af18-96914684a88a Show response
fastly-insights.com/api/v1/config/ 18 KB
19 KB 85ms
25ms Fetch
application/json 2a04:4e42:600::603
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fastly-insights.com/api/v1/config/a2560724-7682-4399-af18-96914684a88a

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::603 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d027f906a69abf7ebf3b0bee73bc24f2fb3f2bbf97f3eebe3f20d7365a88930

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:55 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "include_subdomains": true, "success_fraction": 0.0099, "failure_fraction":0.99999}
X-Cache: MISS
Connection: keep-alive
server-timing: total;dur=2, fetch;dur=0, parse;dur=0, generate;dur=1
Content-Length: 18316
X-Served-By: cache-fra-etou8220037-FRA, cache-fra-etou8220144-FRA
X-Timer: S1717121515.331598,VS0,VE5
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}], "include_subdomains": true}
content-type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 xdc.js Show response
cdn.bizible.com/ 111 B
322 B 132ms
132ms Script
text/javascript 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.bizible.com/xdc.js?_biz_u=de416dbf433d4d6f9ea8e8e9294c3d27&_biz_h=-1906410348&cdn_o=a&jsVer=4.24.05.23

Requested by

Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6BBB) /

Resource Hash

a20edd5b16ed499c416f71cc456c2fecad465cbbb2b7c4fbb4fcc9499a4f3788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSub
server: ECS (amb/6BBB)
etag: 9781ECC4
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
content-length: 214

GET
H/1.1 200
OK o.svg Show response
kdfw-v4.pops.fastly-insights.com/ 378 B
1 KB 446ms
143ms Fetch
image/svg+xml 146.75.106.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kdfw-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.106.91 Dallas, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:55 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.106.91,t;dur=1717121516,req;dur=1
Content-Length: 378
X-Served-By: cache-dfw-kdfw8210023-DFW
Server: Varnish
X-Datacenter: KDFW
X-Timer: S1717121516.728725,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 u
cdn.bizible.com/ 43 B
86 B 29ms
29ms Image
image/gif 152.195.15.58
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.bizible.com/u?mapType=mkto&mapValue=id%3A025-XKO-469%26token%3A_mch-fastly.com-1717121514053-46718&_biz_u=de416dbf433d4d6f9ea8e8e9294c3d27&_biz_l=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&_biz_t=1717121515260&_biz_i=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&_biz_n=1&rnd=487133&cdn_o=a&_biz_z=1717121515360

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.15.58 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (amb/6B7E) /

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSub

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 02:11:55 GMT
strict-transport-security: max-age=31536000; includeSub
last-modified: Fri, 24 May 2024 21:15:41 GMT
server: ECS (amb/6B7E)
age: 536174
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: -1

GET
BLOB 200
OK 1837da13-d999-463c-abcc-2e64dd9128ae
https://www.fastly.com/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.fastly.com/1837da13-d999-463c-abcc-2e64dd9128ae
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK l Show response
edbe0149-7373-4c41-8102-510f7b6ed0f8.eu.u.fastly-insights.com/ 616 B
1 KB 79ms
26ms Fetch
application/json 151.101.66.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://edbe0149-7373-4c41-8102-510f7b6ed0f8.eu.u.fastly-insights.com/l

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

bead8003f59e87ff16bc50d1c13c2f68eaeae4f41dfc72980fccc4ec80b70330

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 31 May 2024 02:11:55 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
X-Backend: lookup-eu
X-Cache: HIT
Connection: keep-alive
Content-Length: 616
X-Served-By: cache-fra-etou8220122-FRA
Server: Varnish
X-Timer: S1717121516.918398,VS0,VE4
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 25ms
25ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly-insights.com/b?k=a2560724-7682-4399-af18-96914684a88a&s=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MTcxMjE1MTUsImV4cCI6MTcxNzEyMTU3NSwibmJmIjoxNzE3MTIxNTE1LCJzdWIiOiJhMjU2MDcyNC03NjgyLTQzOTktYWYxOC05NjkxNDY4NGE4OGEifQ.z5w3P16HpyQIFBRBBOgzwsk3IX4jA6G8lB9UbhOtsiU

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:55 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121516.947451,VS0,VE5
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
yvr-v4.pops.fastly-insights.com/ 378 B
1 KB 585ms
196ms Fetch
image/svg+xml 151.101.214.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://yvr-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.214.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:56 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.214.91,t;dur=1717121516,req;dur=1
Content-Length: 378
X-Served-By: cache-yvr1527-YVR
Server: Varnish
X-Datacenter: YVR
X-Timer: S1717121516.420418,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H3 200 formcomplete.js Show response
ws-assets.zoominfo.com/ 90 KB
27 KB 103ms
64ms Script
application/javascript 104.16.117.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ws-assets.zoominfo.com/formcomplete.js
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:56 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
age: 131
x-guploader-uploadid: ABPtcPoMXP1uUqqEy0dyCzxvbebKdyBFx4pntZwpdVQdnwlZx6rINZGW4wWzruxtT7Clrm396yCEgOxsYw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 10:14:37 GMT
server: cloudflare
etag: W/"006455bd44ed289ddcc403d0ecd96ab0"
x-goog-hash: crc32c=p5SAHw==, md5=AGRVvUTtKJ3cxAPQ7NlqsA==
x-goog-generation: 1715854477710382
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 91778
cf-ray: 88c36fa4c92a1c85-FRA
expires: Fri, 31 May 2024 03:09:45 GMT

GET
H3 200 / Show response
ws.zoominfo.com/pixel/6299150f29472f008e962d64/ 5 KB
2 KB 286ms
260ms Fetch
text/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6299150f29472f008e962d64/?iszitag=true

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bb862716cad17ee7c3159bb20dd78a3c85687302a5ddb8c81ff759d3078258b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/javascript
visited-url: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
_vtok: MjE3LjExNC4yMTguMjQ=
_zitok: fa0fe3d121fc47b3c00a1717121516
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: https://www.fastly.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 88c36fa60ed74d55-FRA

OPTIONS
H3 200 /
ws.zoominfo.com/pixel/6299150f29472f008e962d64/ Frame 0
0 204ms
169ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6299150f29472f008e962d64/?iszitag=true

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: _vtok,_zitok,content-type,visited-url
Access-Control-Request-Method: GET
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
access-control-allow-origin: https://www.fastly.com
allow: GET,HEAD
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88c36fa4cb6d35e4-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 31 May 2024 02:11:56 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

OPTIONS
H3 200 forms
ws.zoominfo.com/formcomplete-v2/ Frame 0
0 173ms
171ms Preflight
text/html 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.fastly.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok
access-control-allow-origin: https://www.fastly.com
allow: POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88c36fa57be235e4-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 31 May 2024 02:11:56 GMT
server: cloudflare
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
x-robots-tag: noindex, nofollow

POST
H3 200 forms Show response
ws.zoominfo.com/formcomplete-v2/ 1 KB
868 B 177ms
177ms Fetch
application/json 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/formcomplete-v2/forms

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

bd58fb1b94d374ef18c0e16aa6195840e8bb260688f27f5213cabfffbce08e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: bearer 0876aa5470a86ba07cc173e261b45c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://www.fastly.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
server: cloudflare
etag: W/"57f-BKxc2TDCb77Ei9i+fPt+5W78Gls"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok
cf-ray: 88c36fa68f154d55-FRA

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 23ms
23ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:56 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121517.584296,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
yyz-v4.pops.fastly-insights.com/ 378 B
1 KB 355ms
116ms Fetch
image/svg+xml 151.101.126.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://yyz-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.126.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:56 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.126.91,t;dur=1717121517,req;dur=1
Content-Length: 378
X-Served-By: cache-yyz4570-YYZ
Server: Varnish
X-Datacenter: YYZ
X-Timer: S1717121517.873067,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
BLOB 200
OK 81f844c9-02ba-4497-ac6b-79340f08d697 Show response
https://www.fastly.com/ 5 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.fastly.com/81f844c9-02ba-4497-ac6b-79340f08d697
Requested by: Host: js.zi-scripts.com
URL: https://js.zi-scripts.com/zi-tag.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb862716cad17ee7c3159bb20dd78a3c85687302a5ddb8c81ff759d3078258b5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 4890
Content-Type: text/javascript

GET
H2 200 data.js Show response
tags.clickagy.com/ 36 KB
13 KB 102ms
27ms Script
text/javascript 2600:9000:237d:6400:4:8491:f2c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95

Requested by

Host: www.fastly.com
URL: blob:https://www.fastly.com/81f844c9-02ba-4497-ac6b-79340f08d697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:6400:4:8491:f2c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f39119c613a7b1189e7f4ab5a887d2f0d02d6e049ca73db5a05561526f46aed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3UgkqRNMVlhsjmEQXKndI4WYIM8oGRsR
content-encoding: gzip
via: 1.1 73b81cd9bd041c21d2fd170c0f53e030.cloudfront.net (CloudFront)
date: Thu, 30 May 2024 04:01:09 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: MUC50-P2
age: 80675
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 16 May 2024 15:18:13 GMT
server: AmazonS3
etag: W/"55e11e01d3474d5bc19d85efaa1648ce"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: text/javascript
x-amz-cf-id: 9z0cVN0NNIKyZ9j6WVny9ucRQc4ejxaQfUFwZw3JnHH0ZUWsLa30JQ==

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 87ms
26ms Script
application/x-javascript 108.138.40.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.fastly.com
URL: blob:https://www.fastly.com/81f844c9-02ba-4497-ac6b-79340f08d697
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.40.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-40-116.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 30 May 2024 04:46:20 GMT
Content-Encoding: gzip
Via: 1.1 0c17d6e113cee388d94028cac715ecd2.cloudfront.net (CloudFront)
Last-Modified: Tue, 28 May 2024 04:42:45 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P2
Age: 77137
x-amz-server-side-encryption: AES256
ETag: W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: FBnc0xX1M0BkJ5Qdu4whgrDpvUjnMGDYM-RGrWE0funLXAKFtuRCdw==

GET
H2 200 up
insight.adsrvr.org/track/ Frame 53F0 0
0 135ms
43ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=siw7zzj&ref=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&upid=srcqgs0&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-length: 0
content-type: text/html
date: Fri, 31 May 2024 02:11:56 GMT
server: Kestrel

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
504 B 420ms
127ms XHR
application/json 18.207.58.146
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.207.58.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-207-58-146.compute-1.amazonaws.com
Software: Aorta/20240530.acb4bdf79 /
Resource Hash: b999cdc3d582c5702617bebb6afcd7f362a4c7ddf55e11b69e1a1e2924da2d03

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: gzip
server: Aorta/20240530.acb4bdf79
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: f1c5aed15de5
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 80

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag&ws=1
https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Yzo4NzVmYTM2YzczMDdhYjk5Yjc2MTdmYjE3ZmI1ZDhmNg

170 B
409 B

109ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Yzo4NzVmYTM2YzczMDdhYjk5Yjc2MTdmYjE3ZmI1ZDhmNg

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.fastly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 May 2024 02:11:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 31 May 2024 02:11:57 GMT
server: Aorta/20240530.acb4bdf79
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://cm.g.doubleclick.net/pixel?google_nid=clickagy&google_sc&google_cm&google_hm=Yzo4NzVmYTM2YzczMDdhYjk5Yjc2MTdmYjE3ZmI1ZDhmNg
access-control-allow-origin: *
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 188be828f11a
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 hasHashes Show response
hemsync.clickagy.com/external/ 2 B
326 B 375ms
116ms XHR
text/plain 34.224.237.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag&cb=null
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.224.237.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-237-84.compute-1.amazonaws.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: gzip
vary: origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: content-length, last-modified, expires, content-type
access-control-allow-credentials: true
content-length: 28

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 23ms
22ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:56 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121517.991743,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
bare-v4.pops.fastly-insights.com/ 378 B
1 KB 77ms
19ms Fetch
image/svg+xml 146.75.118.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bare-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.118.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.118.91,t;dur=1717121517,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-eddf8230082-FRA
Server: Varnish
X-Datacenter: EDDF
X-Timer: S1717121517.049511,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H2 200 ip.json Show response
api.company-target.com/api/v2/ 441 B
935 B 190ms
111ms Fetch
application/json 18.173.187.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.company-target.com/api/v2/ip.json?key=qoeMC7SDKL4xjEnvU1wA5OqhPHghHKmcXtCYge6F&page=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&page_title=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&referrer=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-83.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: d6e9e5229882bb6b58dee519e807407b62f90b3b5b0982394780c8fdd6cf40f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:57 GMT
identification-source: CENTRAL
content-encoding: gzip
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
x-cache: Miss from cloudfront
request-id: f62fa166-51cc-4378-b1c1-f17e312d5acb
pragma: no-cache
server: nginx
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fastly.com
access-control-expose-headers: x-amz-cf-id
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
vary: Accept-Encoding, Origin
api-version: v2
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 5sn2I3hu2jywLF3SNcao3BJblB7EGtrA5OOHH5KSyTzCRwpv3l7A_Q==
expires: Thu, 30 May 2024 02:11:57 GMT

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 23ms
22ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121517.121059,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
etou-v4.pops.fastly-insights.com/ 378 B
1 KB 105ms
32ms Fetch
image/svg+xml 146.75.122.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://etou-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.91 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.122.91,t;dur=1717121517,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-etou8220030-FRA
Server: Varnish
X-Datacenter: ETOU
X-Timer: S1717121517.205926,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 25ms
24ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121517.278924,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
pmo-v4.pops.fastly-insights.com/ 378 B
1 KB 210ms
66ms Fetch
image/svg+xml 146.75.58.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://pmo-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.58.91 Palermo, Italy, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.58.91,t;dur=1717121517,req;dur=1
Content-Length: 378
X-Served-By: cache-pmo2280032-PMO
Server: Varnish
X-Datacenter: PMO
X-Timer: S1717121517.451707,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H3 200 favicon.ico
www.fastly.com/ 15 KB
2 KB 183ms
183ms Other
image/vnd.microsoft.icon 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/favicon.ico

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

1fa9b91552d947e9e6d0bb911aae5db85840bad624723e604bb154c7d6794814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10062-SJC, cache-sjc10057-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121517.383851,VS0,VE159
etag: "41cf3edea9e6ee1d6916fa0a7e5e98f7"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: image/vnd.microsoft.icon
cache-control: max-age=31536000, public
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2057
x-cache-hits: 0, 0, 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 316 KB
102 KB 47ms
47ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9FKFHD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d18cdff0a381a597fd321a5a0aa66194c135aa4219877b0be7df4d716ed068b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 31 May 2024 02:11:57 GMT

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 26ms
26ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121518.540234,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
astral-v4.pops.fastly-insights.com/ 378 B
1 KB 84ms
23ms Fetch
image/svg+xml 151.101.130.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://astral-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.130.91,t;dur=1717121518,req;dur=1
Content-Length: 378
X-Served-By: cache-fra-etou8220036-FRA
Server: Varnish
X-Datacenter: ETOU
X-Timer: S1717121518.602024,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 77ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ETDRC9QJ6S&gtm=45je45t0v872918845z8810839359za200zb810839359&_p=1717121514447&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=592124293.1717121518&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&dp=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&sid=1717121517&sct=1&seg=0&dl=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&dr=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&dt=Active%20exploitation%20of%20unauthenticated%20stored%20XSS%20vulnerabilities%20in%20WordPress%20Plugins%20%7C%20Fastly&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gtm_container_id=GTM-W9FKFHD&ep.gtm_container_version=330&ep.data_link_id=&ep.data_link_id_lookup=unbucketed_link&up.db_sid=(Non-Company%20Visitor)&up.db_company_name=(Non-Company%20Visitor)&up.db_website=(Non-Company%20Visitor)&up.db_industry=(Non-Company%20Visitor)&up.db_sub_industry=(Non-Company%20Visitor)&up.db_employee_range=(Non-Company%20Visitor)&up.db_revenue_range=(Non-Company%20Visitor)&up.db_audience=no%20data%20available&up.db_audience_segment=no%20data%20available&up.db_city=(Non-Company%20Visitor)&up.db_state=(Non-Company%20Visitor)&up.db_country_name=(Non-Company%20Visitor)&up.db_priority_account=(Non-Company%20Visitor)&tfd=3232
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 02:11:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 96ms
32ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ETDRC9QJ6S&cid=592124293.1717121518&gtm=45je45t0v872918845z8810839359za200zb810839359&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ETDRC9QJ6S&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 02:11:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fastly.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 61ms
31ms Image
image/gif 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ETDRC9QJ6S&cid=592124293.1717121518&gtm=45je45t0v872918845z8810839359za200zb810839359&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=2101816877

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 31 May 2024 02:11:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 23ms
22ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:57 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121518.677509,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
bom-v4.pops.fastly-insights.com/ 378 B
1 KB 455ms
145ms Fetch
image/svg+xml 151.101.154.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bom-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.154.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:58 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.154.91,t;dur=1717121518,req;dur=1
Content-Length: 378
X-Served-By: cache-bom4738-BOM
Server: Varnish
X-Datacenter: BOM
X-Timer: S1717121518.056638,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/simran-khalsa/ 0
7 KB 172ms
171ms Other
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/simran-khalsa/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10035-SJC, cache-sjc1000084-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121518.728504,VS0,VE152
etag: "66705393aee790012c1a14262a5d9dd0"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7222
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/matthew-mathur/ 0
7 KB 484ms
484ms Other
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/matthew-mathur/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10071-SJC, cache-sjc10032-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121518.728565,VS0,VE464
etag: "15a3d21557ec983a5ddc89d61103d174"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6609
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/fastly-security-research-team/ 0
9 KB 177ms
177ms Other
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/fastly-security-research-team/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000135-SJC, cache-sjc10040-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121518.728679,VS0,VE157
etag: "8cbf325a5e2a6391a24925164e9331df"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8855
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/simran-khalsa/ 24 KB
0 0ms
0ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastly.com/page-data/blog/simran-khalsa/page-data.json
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Artisanal bits /
Resource Hash: 625766f2ec8260b6783b29d9d69a033946e54fd2acfe24299f6ec4ee49c2a4c7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10035-SJC, cache-sjc1000084-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121518.728504,VS0,VE152
etag: "66705393aee790012c1a14262a5d9dd0"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7222
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/fastly-security-research-team/ 32 KB
0 0ms
0ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastly.com/page-data/blog/fastly-security-research-team/page-data.json
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Artisanal bits /
Resource Hash: e58f5aca440878bff4b3853127aa8d492ef51b20dd518d7c22f76ab9ea91604a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000135-SJC, cache-sjc10040-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:57 GMT
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121518.728679,VS0,VE157
etag: "8cbf325a5e2a6391a24925164e9331df"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8855
x-cache-hits: 0, 0, 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 23ms
22ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:58 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121518.184494,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
kteb-v4.pops.fastly-insights.com/ 378 B
1 KB 399ms
148ms Fetch
image/svg+xml 151.101.46.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://kteb-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.46.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:58 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=151.101.46.91,t;dur=1717121518,req;dur=1
Content-Length: 378
X-Served-By: cache-nyc-kteb1890061-NYC
Server: Varnish
X-Datacenter: KTEB
X-Timer: S1717121518.490494,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/matthew-mathur/ 21 KB
0 0ms
0ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastly.com/page-data/blog/matthew-mathur/page-data.json
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Artisanal bits /
Resource Hash: 716887bcc0d4f04f4b3e8e98f9ceb7bdd9c8048cfceed242ecb64b93026a36e8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc10071-SJC, cache-sjc10032-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:11:58 GMT
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121518.728565,VS0,VE464
etag: "15a3d21557ec983a5ddc89d61103d174"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6609
x-cache-hits: 0, 0, 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 23ms
23ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:58 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121519.635516,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H/1.1 200
OK o.svg Show response
klot-v4.pops.fastly-insights.com/ 378 B
1 KB 455ms
137ms Fetch
image/svg+xml 146.75.82.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://klot-v4.pops.fastly-insights.com/o.svg?u=edbe0149-7373-4c41-8102-510f7b6ed0f8

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.75.82.91 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

X-Ip-Version: 4
Date: Fri, 31 May 2024 02:11:59 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: HIT
Connection: close
Server-Timing: sip;desc=146.75.82.91,t;dur=1717121519,req;dur=1
Content-Length: 378
X-Served-By: cache-chi-klot8100111-CHI
Server: Varnish
X-Datacenter: KLOT
X-Timer: S1717121519.015061,VS0,VE0
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Datacenter, X-Ip-Version, Server-Timing
Cache-Control: private, no-cache, max-age=0, must-revalidate
Accept-Ranges: bytes
Timing-Allow-Origin: *
Retry-After: 0
X-Cache-Hits: 0

POST
H/1.1 204
No Content b
www.fastly-insights.com/ 0
820 B 25ms
24ms Ping
application/json 151.101.2.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.fastly-insights.com
URL: https://www.fastly-insights.com/static/scout.js?k=a2560724-7682-4399-af18-96914684a88a

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.fastly.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 31 May 2024 02:11:59 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=86400; includeSubDomains
NEL: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.01}
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra-etou8220025-FRA, cache-fra-etou8220090-FRA
X-Timer: S1717121519.142323,VS0,VE3
access-control-allow-methods: POST, OPTIONS
content-type: application/json
Access-Control-Allow-Origin: *
Report-To: {"group": "network-errors", "max_age": 86400, "endpoints": [{"url": "https://nel.fastly-insights.com/report","priority": 1},{"url": "https://nel.fastlylabs.com/report","priority": 2}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
Accept-Ranges: bytes
access-control-allow-headers: Content-Type
X-Cache-Hits: 0

GET
H3 200 page-data.json
www.fastly.com/page-data/blog/xavier-stevens/ 0
7 KB 177ms
177ms Other
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fastly.com/page-data/blog/xavier-stevens/page-data.json

Requested by

Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Artisanal bits /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Origin: https://www.fastly.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000138-SJC, cache-sjc10065-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:12:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server: Artisanal bits
x-timer: S1717121521.216788,VS0,VE157
etag: "4fafbd5e41edb99af5f579ec58521bef"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6609
x-cache-hits: 0, 0, 0

GET
H3 200 page-data.json Show response
www.fastly.com/page-data/blog/xavier-stevens/ 21 KB
0 0ms
0ms XHR
application/json 151.101.129.57
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fastly.com/page-data/blog/xavier-stevens/page-data.json
Requested by: Host: www.fastly.com
URL: https://www.fastly.com/app-c48bcfdfda7dfcf3d66b.js
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.129.57 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Artisanal bits /
Resource Hash: 035a290b72df88448d74dab6522d67d10a7969bcecb652da468fba0d9019e964

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-sjc1000138-SJC, cache-sjc10065-SJC, cache-fra-etou8220108-FRA
date: Fri, 31 May 2024 02:12:01 GMT
content-encoding: gzip
server: Artisanal bits
x-timer: S1717121521.216788,VS0,VE157
etag: "4fafbd5e41edb99af5f579ec58521bef"
vary: Accept-Encoding
x-cache: MISS, HIT, MISS
content-type: application/json
cache-control: max-age=0, must-revalidate
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6609
x-cache-hits: 0, 0, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.fastly.com
URL: https://www.fastly.com/cimages/6pk8mg3yh2ee/1atUjMCWmmgp0N4kdJGBWI/1a241c575772fa33f7060a42c51ee2e9/image-20240528-195447.png?auto=avif&fit=crop&height=40&width=40

Domain: 025-xko-469.mktoresp.com
URL: https://025-xko-469.mktoresp.com/webevents/visitWebPage?_mchNc=1717121514053&_mchCn=&_mchId=025-XKO-469&_mchTk=_mch-fastly.com-1717121514053-46718&_mchHo=www.fastly.com&_mchPo=&_mchRu=%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress&_mchPc=https%3A&_mchVr=163&_mchEcid=&_mchHa=&_mchRe=&_mchQp=

Domain: rc-widget-frame.js.driftt.com
URL: https://rc-widget-frame.js.driftt.com/core?d=1&embedId=x2ugb2nh7dxy&eId=x2ugb2nh7dxy&region=US&forceShow=false&skipCampaigns=false&sessionId=d42f1587-0f04-452b-a604-f90b8f06f4ae&sessionStarted=1717121514.405&campaignRefreshToken=9d6f7854-d974-4bd6-94ff-b289060bac31&pageLoadStartTime=1717121513819&mode=CHAT&driftEnableLog=false&secureIframe=false&u=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fastly.com/blog	1969-12-31 23:59:59	Name: DriftPlaybook Value: B
.fastly.com/	1970-01-21 06:34:41	Name: _mkto_trk Value: id:025-XKO-469&token:_mch-fastly.com-1717121514053-46718
www.fastly.com/	1970-01-20 20:58:43	Name: drift_campaign_refresh Value: 9d6f7854-d974-4bd6-94ff-b289060bac31
www.fastly.com/	1970-01-20 20:58:43	Name: lux_uid Value: 171712151480212232
.fastly.com/	1970-01-21 05:44:17	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+May+31+2024+04%3A11%3A55+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=6.20.0&isIABGlobal=false&hosts=&consentId=a0a5571d-c059-48c2-bf03-0313ebb36819&interactionCount=0&landingPath=https%3A%2F%2Fwww.fastly.com%2Fblog%2Factive-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress%2F&groups=req%3A1%2Cfuncs%3A1%2Cadv%3A0
.g2crowd.com/	1970-01-20 20:58:43	Name: __cf_bm Value: AlQY9P4DckYVTUgW77FEEz.YXFR2PRD8RkhKWM5Vo3I-1717121515-1.0.1.1-x8cLFIYpJAYzuLT29l.gbGnanx8BtADudeH0LydBjLlaZaZXRzGWu6FiOeliFbLCfi2Ls8JivYZHCDxxAW_6bQ
.techtarget.com/	1970-01-20 20:58:43	Name: __cf_bm Value: 39yMcJEgroXVt5tIqH16HZcsAS.TcwJpY73mY.rnE8o-1717121515-1.0.1.1-dKyXhbMwwsWk.7Feve9LsnPKe7GCP642XsCpKD0wHmaZunmTHHbnJIH8JbPel9NXemPM.OO.ryB4ye2NcFDOxQ
.fastly.com/	1970-01-21 05:44:17	Name: _biz_uid Value: de416dbf433d4d6f9ea8e8e9294c3d27
.fastly.com/	1970-01-21 05:44:17	Name: _biz_nA Value: 2
.bizible.com/	1970-01-21 05:44:17	Name: _BUID Value: de416dbf433d4d6f9ea8e8e9294c3d27
.bizibly.com/	1970-01-21 05:44:17	Name: _BUID Value: 49055cb1465de53336f4e3de1ada5348
.fastly.com/	1970-01-21 05:44:17	Name: _biz_pendingA Value: %5B%5D
.fastly.com/	1970-01-21 05:44:17	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22ViewThrough%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D
.www.fastly.com/	1970-01-21 05:44:17	Name: _zitok Value: fa0fe3d121fc47b3c00a1717121516
.zoominfo.com/	1970-01-20 20:58:43	Name: __cf_bm Value: cZakJ11J4R3ZAWXteJBjiNHAhS3H59jayYUvpam70GM-1717121516-1.0.1.1-MIKbPDOdsaP1EuMNXtBeJmWpGf9LTYsTcLOaaekHrWEhUETKprzssq6MlCIhhtLy7EkuRGZaU9F6KD6_iBexGQ
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: .8Uh3n5YbWgdMb_9R63rY4.dmoWrBnHB69E9_MsGJb8-1717121516331-0.0.1.1-604800000
www.fastly.com/	1970-01-21 06:34:41	Name: drift_aid Value: c26536a8-6a91-4da8-b30a-c1a4d86526be
www.fastly.com/	1970-01-21 06:34:41	Name: driftt_aid Value: c26536a8-6a91-4da8-b30a-c1a4d86526be
.fastly.com/	1970-01-21 06:34:41	Name: _ga Value: GA1.1.592124293.1717121518
.fastly.com/	1970-01-21 06:34:41	Name: _ga_ETDRC9QJ6S Value: GS1.1.1717121517.1.0.1717121517.60.0.0

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.fastly.com/blog/active-exploitation-unauthenticated-stored-xss-vulnerabilities-wordpress/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

025-xko-469.mktoresp.com
aorta.clickagy.com
api.company-target.com
astral-v4.pops.fastly-insights.com
bare-v4.pops.fastly-insights.com
bom-v4.pops.fastly-insights.com
cdn.bizible.com
cdn.bizibly.com
cdn.cookielaw.org
cdn.speedcurve.com
client-registry.mutinycdn.com
cm.g.doubleclick.net
edbe0149-7373-4c41-8102-510f7b6ed0f8.eu.u.fastly-insights.com
etou-v4.pops.fastly-insights.com
fastly-insights.com
fiddle.fastly.dev
fiddle.fastlydemo.net
geolocation.onetrust.com
hemsync.clickagy.com
ibc-flow.techtarget.com
insight.adsrvr.org
js.adsrvr.org
js.driftt.com
js.zi-scripts.com
kdfw-v4.pops.fastly-insights.com
klot-v4.pops.fastly-insights.com
kteb-v4.pops.fastly-insights.com
lux.speedcurve.com
munchkin.marketo.net
o1025883.ingest.sentry.io
pmo-v4.pops.fastly-insights.com
rc-widget-frame.js.driftt.com
region1.analytics.google.com
stats.g.doubleclick.net
tags.clickagy.com
tracking.g2crowd.com
trk.techtarget.com
ws-assets.zoominfo.com
ws.zoominfo.com
www.fastly-insights.com
www.fastly.com
www.google.de
www.googletagmanager.com
yvr-v4.pops.fastly-insights.com
yyz-v4.pops.fastly-insights.com
025-xko-469.mktoresp.com
rc-widget-frame.js.driftt.com
www.fastly.com
104.16.117.43
104.16.118.43
104.18.37.212
108.138.40.116
142.250.185.66
142.250.185.67
146.75.106.91
146.75.118.91
146.75.122.91
146.75.58.91
146.75.82.91
151.101.1.91
151.101.126.91
151.101.129.57
151.101.130.91
151.101.154.91
151.101.194.217
151.101.2.217
151.101.2.91
151.101.214.91
151.101.46.91
151.101.66.91
152.195.15.58
18.173.187.83
18.207.58.146
18.66.192.37
192.28.147.68
2001:4860:4802:34::36
2600:9000:237d:6400:4:8491:f2c0:93a1
2606:4700:4400::6812:2089
2606:4700:4400::6812:24c4
2606:4700:4400::ac40:90e1
2606:4700::6813:b234
2a00:1450:4001:82f::2008
2a00:1450:400c:c06::9b
2a04:4e42:400::313
2a04:4e42:400::729
2a04:4e42:600::603
2a04:4e42:600::729
34.111.208.231
34.120.195.249
34.224.237.84
35.71.131.137
54.230.228.32
88.221.60.75
035a290b72df88448d74dab6522d67d10a7969bcecb652da468fba0d9019e964
0b6524e69d460be5fbdaa68802b2e3349fefbd996e48553e147bd04d5f24c14f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba0a6dc3b6c35adbbfbe6986c9284b130a088b99194c538059986b46e4b982c
0c07b854855b0e2bd7839c3659defa45307e96e281b3c00571d09f213eb6a76e
10885f5f6888d7879c566093389c5a42f20ca66c22805ba291c2e608f82283f4
10b36fda647f8e4a089ffecf54ca490ce1e68eb9619a2463fd81a2acb8fcb41d
14ab9cffba365eab7420a6e75f65bfe85308431fbeb48fb308d21c9b426a5242
15a056617d74788f1cd880c91661b8682a4dae8a7b732ed83f06a85e916a7951
17fec48aa0d675502c93181d7307ca32e12378e24c21eec53a9f40d604017493
1ba7f7e31ef37d69f9541a2af99984deed19867ab8f8a24d53da8c5b47b47cd9
1c03dd81ed43a4e618daaba34157029fcb6b82acfd09becccef85d97c0686e85
1e5f7d4d60bcb8678a98628b208e9433d415f2c6512d846c46f8eedf8137ec13
1fa9b91552d947e9e6d0bb911aae5db85840bad624723e604bb154c7d6794814
2035a3c05a682cf60b1a965d16d52335489608ca1141d9e0b9b3f9c340901f1d
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
295c66c14524b77dd1271317457dec037b5ef0943da346b9b73681e54da826e0
29a93d731434e92cd8081bb2af123c2cea435d7893245a04134d7fbf713518f9
2b1a4915e59e76e65870b9b2fe38250746fd0eaa301b836516e71bc7c6dd8ae4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3109a1a489eb6cf9429c02f62539fbfeac0a730ac3e25b157afc28def5689b03
31d5f6da756ad666a6f55091582cc4d9880a4fd4d1812e658e808d405000b199
37bb2fe07156e83bf66ed1214d5f27cae6bdd70549affa70372b82a9c6689ba7
37e8818124561754e1c997013c3bfebfa1e87ec9338148293f7d3870d8e2ae83
3b0c469436a87037dd8de72084cee5e1a22bb2d14c1aaa200ef025bd3c7880e2
3f54c4723e33e35c4cfe06daff86e15db90c44adfb6be3842a39cec26c5a7595
40cd9a267f702fd2726ef3798b232a06ca6ed2bcd41739e5150aa3d2d7f006f1
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
445c32c2df2239bda46c6e62b2a6de1eb0abb24b03675b4047a435c0c24c47ad
44730c460898f223690f1f123bf9ff9bf8992fceb2bbead5effb1ed0f20b7eec
4516d7b43866d496171f93b660077eb293df39e2198f5ffb28e08ddda5f42f57
486fe4a11df8e574321f4cd832688242e2fa48e1cb1c04e7b80cd6d78c77efb0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4faf92a677fbcb1a072cdb917b2677de95bd0792e5b7f11af4a217070dc97014
516e05996b0e9d097fbe55f14bb7948f16a19d043950a88d086975b976593fc0
5206536707c84baa892d3c3231b351985ee828cb8b9c0bd8db42cd3363995fc4
54ccc55140ee72097c9c56fd09f4d57dbaf0f7385508624f87a85f8b92508d02
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a022f06ae0b18465655eab62cc4b5ea4c81f640c5e98132a0428ea9e6e3534e
5b2cb114ad1f05c0b84daba4d01466ed5a782a5cae8a9f2841d918c022210207
5b34ba53714f9472819d51c98ccb08fa80a076eb569f9cfbdf54271fb6db97b2
625766f2ec8260b6783b29d9d69a033946e54fd2acfe24299f6ec4ee49c2a4c7
68cc280ce370c6f1f51a4fc5950103fc38df80a429552c549add04ebd8bd3a23
716887bcc0d4f04f4b3e8e98f9ceb7bdd9c8048cfceed242ecb64b93026a36e8
72b5a8a2135c12c11678be3c99e786370b9d1deab9d0b4d4a614b7a541ef825f
773f7d8838ae33fd62fa7cc873009886716e07091a869edbc379fbf9c1121077
7af0df8f9644b02cc51d21524c7983a00d9dbc2d3601739d8d6e001548cfe9ef
86bf1036789fc9768f23c81cdf61c486b86228a0eddbe232e86a99a96dac5d71
8d027f906a69abf7ebf3b0bee73bc24f2fb3f2bbf97f3eebe3f20d7365a88930
8d18cdff0a381a597fd321a5a0aa66194c135aa4219877b0be7df4d716ed068b
8d8e3f99e6ac157c0bf9665cd34a729c8f78e45a908890e231e24fe1867b5e0f
8e9a56ee211373fbeae846a6172d25f2bcb96429d02dc65ad6eb0d73b64146cf
93a2fd82dd3a13a9e9ce0583f3bde1b6e88da6ebce30fa8c87cee4d9d927e4d2
9546f61d90005f0c8132463a0c61ab73ce68321a61456fe9ed5a0a60d16c4d69
a0bdaf167b258a7a6c20172a119cddb617f46c1de4b710f98b4cd33527ae3374
a20edd5b16ed499c416f71cc456c2fecad465cbbb2b7c4fbb4fcc9499a4f3788
a7077bfe692cf60675c6ce302474a363815e3f49d834147218a7bdb1b7402f10
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b479ed0b2477c2cbddf91a0c9cea1b73c017f9bf787e31c6d9573b2eed9e0b28
b6c171b08e694561c3b9fc15844e5a44e0877dd6531b0bd93369adb6752fe49a
b7a9abff26f10f1da273ea00346283c5aaf8a44042085661d64d2eabb1d2a9a4
b9561116be07dfb5c239a4ff5c9414c8ffc316835e8122265b4c2b73321e04f3
b999cdc3d582c5702617bebb6afcd7f362a4c7ddf55e11b69e1a1e2924da2d03
bb862716cad17ee7c3159bb20dd78a3c85687302a5ddb8c81ff759d3078258b5
bd58fb1b94d374ef18c0e16aa6195840e8bb260688f27f5213cabfffbce08e67
bead8003f59e87ff16bc50d1c13c2f68eaeae4f41dfc72980fccc4ec80b70330
bfc08994ce93776aae11e32a3509344efef5ee11e4fcf46e9d6e740b538a5030
c3ea3a972768896d2a84d6eb36d3f5919478ad9c091477c22a5362eb6d53aee4
cc4abce21cb2be565c9d4ea8b3be9b942b42eee8770694e8a3415e09f0b39803
cd182f3a350ac2d27a4ec5de75d7f39315f31c83db302387deaa56cd48f08fe0
d544371ecb9105be2c36b69bbb3c2bfac1c7c727820f6eb613dc211a546f72c0
d65a39715ffa728f57282b58ea27a40416ae37bacd2c2850c49291a1003ab35e
d6e9e5229882bb6b58dee519e807407b62f90b3b5b0982394780c8fdd6cf40f4
d83f00e53d435070c5a0d3ff2fa641dbe8c407d9fc754403da515ca52fc4ea0b
d9b694a3a25ba1db5264d6687141e4f48ada93b4fbb2a124317dad995286ac97
da5ffaa3ecfb62fb9e1d58ed51468eee919fdcb3bdc24990f1c921c3390f78c8
ded43a6af1e4e0a061fe1c97703f45cc4af82fc367de436789f6c70e5077b0eb
e1fd013ac18aebac28e366bf82aace3b2fb6900fecc4793303ed93aeadd31910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58f5aca440878bff4b3853127aa8d492ef51b20dd518d7c22f76ab9ea91604a
e9572729daa448a9ba000cdc75d9b2be339248d41288b1767966d73342a2227a
e9df011e2b89840a7dcb1ec43d59e2489383d3506d9a0fcd2db0d9cf0b024dde
eb1ff994ff6d868abb394aa5525526e1d5942b15f196a84d282a29b89e22e5b9
ec2a8bc8d814bfc802060212b6a8659e0d3c458a2b0d696fcca8b8b7ce773798
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39119c613a7b1189e7f4ab5a887d2f0d02d6e049ca73db5a05561526f46aed3
fb33784afa9a497f50bb848dab51707b1bd956c11a1ad3d5a25db04b840a0aa1
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe8ee1e74a19f26f635bfd0127127df11580dede6ad1878cc864d3686bab6ee2

www.fastly.com Open in urlscan Pro 2a04:4e42:400::313 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

96 %HTTPS

27 %IPv6

25 Domains

45 Subdomains

45 IPs

5 Countries

1765 kBTransfer

7670 kBSize

20 Cookies

24 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fastly.com Open in urlscan Pro
2a04:4e42:400::313 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

96 %
HTTPS

27 %
IPv6

25
Domains

45
Subdomains

45
IPs

5
Countries

1765 kB
Transfer

7670 kB
Size

20
Cookies

166 HTTP transactions
6 data transactions