www.stackhawk.com Open in urlscan Pro
3.160.150.74  Public Scan

19 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2646818%26time%3D1714165779457%26li_adsId%3D483496c1-e4a9-427d-8c9c-6c7fb861d743%26url%3Dhttps%253A%252F%252Fwww.stackhawk.com%252Fblog%252Fwhat-is-open-redirect%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&cookiesTest=true&liSync=true&e_ipv6=AQJAv8AupN0iDAAAAY8cPg7LNKMTW7e8dWwBNypv4qFLyK6g644A8XInrNv6ZChPTpY3AKRA

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
34 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.stackhawk.com/blog/what-is-open-redirect/	684 KB 146 KB	528ms 400ms	Document text/html	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 2635963a11b31c4dd6e110cca4ca9f68edc4ddb883ee2fbb6568178893a9cdad Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control public, max-age=3600, must-revalidate content-encoding gzip content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; content-type text/html date Fri, 26 Apr 2024 21:09:38 GMT etag W/"ddaf79367300550e67659f668c337b7c" last-modified Fri, 26 Apr 2024 18:32:46 GMT referrer-policy same-origin report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} server AmazonS3 strict-transport-security max-age=63072000; includeSubdomains; preload vary Accept-Encoding via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-id Jl4FfT2CYSzJIFvcTERIiMJRJBmcdVUv1_XOZVyEw2osmvz59SlZ3A== x-amz-cf-pop FRA60-P7 x-amz-version-id M98A3KEiiDKYnd7RzVKsoBIgQQfyEHfA x-cache RefreshHit from cloudfront x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block
GET H2	200	css2 fonts.googleapis.com/	21 KB 1 KB	151ms 63ms	Stylesheet text/css	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 26 Apr 2024 21:09:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 26 Apr 2024 20:06:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 26 Apr 2024 21:09:38 GMT
GET H2	200	script.js Show response www.stackhawk.com/	0 3 KB	40ms 39ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/script.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Origin https://www.stackhawk.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:17 GMT x-amz-version-id 8JZth_m4t6U0VG5zdGa3P3gOTjCX5W_3 x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9261 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront content-length 0 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Mon, 01 Apr 2024 16:29:12 GMT server AmazonS3 etag "d41d8cd98f00b204e9800998ecf8427e" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id Kcqy-RHks-Wg_2rQbS3RDa6n9O4fkxX768ekKMmSWIjTHogIcmJSuQ==
GET H2	200	7478034.js Show response js.hs-scripts.com/	1009 B 1 KB	491ms 372ms	Script application/javascript	2606:4700::6810:8cd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/7478034.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 240fe0012e219f00f75cef04f867969064ee2fbf15f92b04eba2e5159e4ea7c8 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT content-encoding br x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 541f8d4e-b3c3-4a71-8251-48fdc78b3d91 x-envoy-upstream-service-time 24 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 541f8d4e-b3c3-4a71-8251-48fdc78b3d91 last-modified Fri, 26 Apr 2024 21:07:16 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-lsm9l cache-control public, max-age=90 access-control-allow-credentials true cf-ray 87a98e117a508f3a-FRA expires Fri, 26 Apr 2024 21:11:08 GMT
GET H2	200	E-v1.js Show response fast.wistia.net/assets/external/	802 KB 134 KB	151ms 47ms	Script text/javascript	2a04:4e42:400::644 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.net/assets/external/E-v1.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 2a88bc775758d76a8518008efddec2c220a3a08ff56451c403c21286cee50599 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT content-encoding br via 1.1 varnish, 1.1 varnish strict-transport-security max-age=0 age 1678 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 136796 x-served-by cache-iad-kjyo7100176-IAD, cache-mxp6932-MXP x-browser-version 124 last-modified Fri, 26 Apr 2024 15:40:42 GMT server AmazonS3 x-timer S1714165778.197511,VS0,VE0 etag "ea1854ddb7f765516f3029f743f3ee77" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600 x-browser chrome asset-version 90fd04ea8a7d3d45b9179d4f907985d8116809e1 x-ecma-v modern accept-ranges bytes timing-allow-origin * x-cache-hits 60, 9
GET H2	200	app-062c49fa36da699277de.js Show response www.stackhawk.com/	242 KB 68 KB	45ms 43ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/app-062c49fa36da699277de.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 07de12ca76319e6c93051cea54efed944346cac53fc04f9fb1739675b10e90ba Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Origin https://www.stackhawk.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:18 GMT x-amz-version-id 5K8V0Y0dqVXKaz6dtXMCuMYrW2wnpjv7 x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9261 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:32:42 GMT server AmazonS3 etag W/"cc46ce0cf8be1f74b081611f90fc5362" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id rCoWFsEAyg1hWd_O6D1-q15todiFWaq943Z32uR28RRKjztMCXYelg==
GET H2	200	dc6a8720040df98778fe970bf6c000a41750d3ae-6ddb0d1f7b9d771bf19c.js Show response www.stackhawk.com/	14 KB 8 KB	42ms 41ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/dc6a8720040df98778fe970bf6c000a41750d3ae-6ddb0d1f7b9d771bf19c.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 2a9866b596208a7d74db1138895ff90c1f57978e5a0af25c6692e0b842c4ed5f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Origin https://www.stackhawk.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:18 GMT x-amz-version-id WVxoIhQ2grvgYxa46OEM.g.aEHL4hqAY x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9261 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:30:42 GMT server AmazonS3 etag W/"f9fca8cc188a8c0fe03d4dd5596b9ae8" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id m7z8FUbnkJJkz9_83dSXBnx-Xv6FmsfS05fS4r1nDCok-NFWVvHQsw==
GET H2	200	framework-e69e4539bb591598e30d.js Show response www.stackhawk.com/	146 KB 49 KB	49ms 48ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/framework-e69e4539bb591598e30d.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash eecd91c964d59c785ebcda01d07b4fec597e7652abed106800a5b9d65a8332f8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Origin https://www.stackhawk.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:18 GMT x-amz-version-id cxIBWCnmNKVVUCWRg9ocbSN.OQgGskTP x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9261 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Wed, 30 Aug 2023 20:47:26 GMT server AmazonS3 etag W/"8bfd43ae85d8211a712d5657c9321d2e" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id Pc1JgpB4Kl-wc1h3Bg3Cwie6UZ1q2oJtjVdO3wlxWvhkvbCzhgHijQ==
GET H2	200	webpack-runtime-291a391152ad8ba7ab69.js Show response www.stackhawk.com/	7 KB 6 KB	46ms 45ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash affc8333907ee4117f6ad6800f1a639c57cc855e2f268c00c022f0cfa6aa6e2d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Origin https://www.stackhawk.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:18 GMT x-amz-version-id UhUtfctpKAhWFGt2ftKmutRt_fs36mbg x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9261 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:32:43 GMT server AmazonS3 etag W/"67fcb0a73d45eb791526cc68b2065586" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id xqC6bWn45rX9VoXOQm71CfR2vHECoMTc_jNcpQoCGvwqq_uTlUg8Yw==
GET		gtm.js www.googletagmanager.com/	0 0
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/	103 KB 28 KB	732ms 630ms	Script text/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash abf4f6dde6973ce514483feb1e0bf7bacbdc0e327d299711aaa15bac8bf0e989 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id oM4FADeln2OmsFeOj4z8b5e6xKnK7Qn6 content-encoding br via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) date Fri, 26 Apr 2024 21:09:39 GMT x-amz-cf-pop FRA6-C1 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 24 Apr 2024 19:39:38 GMT server AmazonS3 etag W/"a6b952252fd9bc5b9005bbb83469dae4" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id miPn3Xx7RmHexP3us4MmNb15SkmiTi2o1nZu2mZV5kvOuUNBvj3Z6Q==
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 994f53316e4179a758ec7a8527f4e2dfcc19f9c50027392d9676547417f32c0b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	305 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a399b8c44af3ed40272a24b27fc83941cf71217cb244fc9aa45e2860b3e3a309 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	585 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9cc9fa9e025036f287059bf6e9e28bad33e0186a58e78ee0d2533043fae3ee85 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a387c920d2bcb8f4f10029ee1c6ea38c4a81660175a572daf971e9a261cf29b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	441 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash eb1db16adb2560163570d7fa7d11d950766ac8b76717df35a5d75cfada0495d7 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	849 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9b21db0e30e403cdb64d790426902f16d8ef936aebaa9984fc0476e58dfb89ac Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	2 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e8427878548e4fa53694548839800a574e01aab8ac6c0ea7e6ff021bb00be014 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4ed355e6d0f01de1d235443f830a798627a5db7557d1047e9700407d1e94cc34 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3fea9f0c64ac3ab4860e48cd3cbe4a479d919ffb2258d7f5c8e4270d08d999dc Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	606 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50a28ee364a5b15b589402483c0d71d3a2768fa7eb507a65c139f3d9b3dec215 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	622 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash acc57c830d56f6c078c7226d1ec0a09c781e9b122d2a4281147b41e207d8d207 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5eb70927621d8e51f35f8b4c54c3613e5f69cc3f40dfd2f20c3432174d274b07 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	5 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93adaee5f0ccb31f07cbf52fe90c1c56f4d381019f9fece35fb2ebb532aee882 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa3ef738ef4a371be7b9e3d53f7f9119dac24659a7a85b851d8bdff24bef107a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	8 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f085768794a9321074e2bb04ec238a0c6045f6ba99b933c08079c7d17467122c Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fa291233fe408fd3aaf5634f474652d39d59352a7c45335100f754e191f969cc Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 982a6f2529d15dfa2ca7a8a4da3c066e6bd0368d0dd5e3aa9423571de0b6cd51 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	354 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 456153a2b0dbb0b41d06b385d97f2dea5c569b94508baa1e94d5e4948178e790 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bdcfea26cfa937fe381a10b5b620553d1646d8e42614f8398e61e1717a537ab9 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	5 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 58ba9ff0d44133f96d8f9347fa1bb7b665fb6bb82d21ab099b25d2bb3ebce19d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1005 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 40910e986bcdff87e94345bdf8eeec4e89d0f09e09d510d8bd0e3a80e23aa340 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	516 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2a2321951a24f9e31ee2b553d35eb2c13aac7a3cd1eec97e1c961b52d07fab06 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9b7aa6960bd1246f5714ef34d4de946f50ea5198b1a458a7e922328175612b06 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	965 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a63bb8b3a619537f5dd768909b61984fcfec7a4e83f6aeb1ea8ca2f056a63fd3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	750 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ea033616ebb7c6cc9946b0c55d448be1c019463353ecd365d505ed900341a490 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	85 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6adf88aa0c726378f778ecf0d766c353476aa213a2b95cb537f0c5e72e5465c8 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c05c1742997412e9e60a4a37aa177aa87cf735362060b63730ef414935aaa919 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	87 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1010272ef0128e02f08fcd9b3348cf31d6ac4e3c6f2f0ee85a878898394b8978 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	971 B 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 587f49356633246f7bcccb0f99bb0e448ca87cacade0c8672fb0d6b3d7ee7054 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	86 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f8a9bfe5dffd5396e37f6428426be408f0f482c250120251b6d40a45f94984ac Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET DATA	200 OK	truncated /	329 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8bd760ec374786ee95448725e446cd7f5c9a70d07c7bd45dadb14618c817e219 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	403 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ca487e18773959fea5526f41576a2e9cae189254b9ba74c19e301f4025c47fd6 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	402 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 95e34aa0241126733daa51d25813a72b278f13199ffdc171a79eb00dc81b9e1a Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	388 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b2c2d6ae5b6f690565de7184869ce5b64599c9e42535463a80340d076376b6c3 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET		lt-v3.js lltrck.com/scripts/	0 0
GET H2	404	ns.html www.googletagmanager.com/ Frame 1B4F	0 0	144ms 60ms	Document text/html	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/ns.html?id=GTM-55BB9LS Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1583 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 26 Apr 2024 21:09:38 GMT server Google Tag Manager x-xss-protection 0
GET H2	200	sl.js Show response scout-cdn.salesloft.com/	6 KB 3 KB	155ms 51ms	Script application/javascript	2606:4700::6810:4869 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://scout-cdn.salesloft.com/sl.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4869 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4a007af67f716c30c8848ab0ad0bfaab8a5fcf3e36dedf918b59c9429d522440 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT x-amz-version-id 6anzvBQcvmaBDc8BSO9zI6Th.IIiwArc x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains x-amz-request-id EZPGEPEQRJ835T56 age 1463 alt-svc h3=":443"; ma=86400 x-amz-id-2 vj/H9CfyiKNwtvLJrelCw6CtXo93qB0KDTwbomYs8Kf/kZA94jYHXVgMqek/RNtsa+9eO7BrPxA= last-modified Mon, 13 Dec 2021 16:28:37 GMT server cloudflare etag W/"d74cc4825c8e333b2116da3fcc649db1" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript access-control-allow-origin * cache-control public, max-age=14400 cf-ray 87a98e11fbc865da-FRA expires Sat, 27 Apr 2024 01:09:38 GMT
GET H2	200	stackhawk.png images.ctfassets.net/nx13ojx82pll/2tME18Zz0zJWJEELygWySD/e84e4bc45c8e5a516de565e9c48a680c/	5 KB 6 KB	142ms 41ms	Image image/webp	2600:9000:235a:5800:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/nx13ojx82pll/2tME18Zz0zJWJEELygWySD/e84e4bc45c8e5a516de565e9c48a680c/stackhawk.png?w=113&h=113&q=80&fm=webp Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:5800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 7fe7641dbbf7c8966e1ce52fefbf0fd1a5514f797953224f0fec9a53a2e34f3b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 05:44:49 GMT via 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront) last-modified Wed, 24 Apr 2024 05:27:25 GMT server Contentful Images API x-amz-cf-pop FRA60-P9 age 56405 etag "8251ed7df8b75b4a287fa5ebb96a88af" vary Accept-Encoding x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control max-age=31536000 content-length 5256 x-amz-cf-id u5PV_htW50PZ-a5ygoaCwjDpelISIvsiIMo1-s-u3MxhGyhZWQJG-g==
GET H2	200	justin-luebke-elpFcv4YYQI-unsplash.jpg images.ctfassets.net/nx13ojx82pll/6kQdT79AhNKz8RnqZbmbF2/33dbbbc96ee8d8b6c25850e2b188b32c/	530 KB 531 KB	152ms 51ms	Image image/webp	2600:9000:235a:5800:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/nx13ojx82pll/6kQdT79AhNKz8RnqZbmbF2/33dbbbc96ee8d8b6c25850e2b188b32c/justin-luebke-elpFcv4YYQI-unsplash.jpg?w=2048&h=1367&q=80&fm=webp Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:5800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash e57b70c2fd0fa06884c55d5b975bc1e474b7cb2345da40ba2668449112b1a354 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT via 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront) last-modified Sat, 06 Apr 2024 12:32:46 GMT server Contentful Images API x-amz-cf-pop FRA60-P9 age 36600 etag "15435c58968e1bd6e16d546f0406abd0" vary Accept-Encoding x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control max-age=31536000 content-length 543016 x-amz-cf-id tFtKXtKIIqrHKltlZjfPnqKGWrWSZki2AwfA0dVVD5NE2TGtXcXg7A==
POST H2	403	/ Show response o360010.ingest.sentry.io/api/5670260/envelope/	61 B 372 B	138ms 42ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o360010.ingest.sentry.io/api/5670260/envelope/?sentry_key=2b7b422bc27748d9a7275d097a190f31&sentry_version=7&sentry_client=sentry.javascript.gatsby%2F7.11.1 Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash dcc2f457f01dbf232ce54bd2a3fdb5b1af63acd152b1dd8046b89f3e50030ba2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://www.stackhawk.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Fri, 26 Apr 2024 21:09:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload via 1.1 google server nginx vary origin,access-control-request-method,access-control-request-headers content-type application/json access-control-allow-origin * access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 61
GET H2	200	app-data.json Show response www.stackhawk.com/page-data/	50 B 3 KB	379ms 379ms	XHR application/json	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/page-data/app-data.json Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 5b2953945f6c929a9d7c4ce41a0762e0ad69da51fe9dfbd826b2cd7973e3f30d Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT x-amz-version-id 4sDpn7t8H5l7.PS99HeYR5jgUh43ru6N x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Miss from cloudfront content-length 50 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:32:43 GMT server AmazonS3 etag "b5cf1aca69e5ceda2dc747400be366a1" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/json cache-control public, max-age=0, must-revalidate x-amz-cf-id 4c9I3F6cCSzyUhSQW485VZSrho9DyGS7Q_N_I-lxBQtZZENOIvV5CA==
GET H2	200	page-data.json Show response www.stackhawk.com/page-data/blog/what-is-open-redirect/	140 KB 36 KB	373ms 372ms	XHR application/json	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/page-data/blog/what-is-open-redirect/page-data.json Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash e9f02ec3dd967b3acd4d2c8f730289f8158addf97ae27a9e10c4df966a94d0f9 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id ysonk1uPobNLi8ZxmPJErvKfiugt6BlH strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff date Fri, 26 Apr 2024 21:09:39 GMT content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache RefreshHit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:30:48 GMT server AmazonS3 etag W/"6b309534ced11d5ded15b48eff4d7d8e" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/json vary Accept-Encoding cache-control public, max-age=0, must-revalidate x-amz-cf-id 7Cm_31eL9isYuLuMmHuwwRM7CYoa1GLwQ1c6Gac_IfB8QCWLHLZQJQ==
GET H2	200	r Show response scout.salesloft.com/	41 B 359 B	369ms 118ms	XHR application/json	52.23.83.161 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMTAyMDJ9.PwEYql4FsJR1a4Wz97janU_DF5TauEdgY8OfyeBx15A Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.23.83.161 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-23-83-161.compute-1.amazonaws.com Software / Resource Hash b37678e2c4e8452e51ee8902e176d670941b72bc06eaeeb951360f96322c6921 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://www.stackhawk.com access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 41 x-request-id 0274f10000e73b042c9885b0f3d515ab
GET H2	200	stackhawk.png images.ctfassets.net/nx13ojx82pll/2tME18Zz0zJWJEELygWySD/e84e4bc45c8e5a516de565e9c48a680c/	5 KB 0	0ms 0ms	Image image/webp	2600:9000:235a:5800:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/nx13ojx82pll/2tME18Zz0zJWJEELygWySD/e84e4bc45c8e5a516de565e9c48a680c/stackhawk.png?w=113&h=113&q=80&fm=webp Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:5800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 7fe7641dbbf7c8966e1ce52fefbf0fd1a5514f797953224f0fec9a53a2e34f3b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 05:44:49 GMT via 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront) last-modified Wed, 24 Apr 2024 05:27:25 GMT server Contentful Images API x-amz-cf-pop FRA60-P9 age 56405 etag "8251ed7df8b75b4a287fa5ebb96a88af" vary Accept-Encoding x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control max-age=31536000 content-length 5256 x-amz-cf-id u5PV_htW50PZ-a5ygoaCwjDpelISIvsiIMo1-s-u3MxhGyhZWQJG-g==
GET H2	200	justin-luebke-elpFcv4YYQI-unsplash.jpg images.ctfassets.net/nx13ojx82pll/6kQdT79AhNKz8RnqZbmbF2/33dbbbc96ee8d8b6c25850e2b188b32c/	530 KB 0	0ms 0ms	Image image/webp	2600:9000:235a:5800:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/nx13ojx82pll/6kQdT79AhNKz8RnqZbmbF2/33dbbbc96ee8d8b6c25850e2b188b32c/justin-luebke-elpFcv4YYQI-unsplash.jpg?w=2048&h=1367&q=80&fm=webp Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:235a:5800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash e57b70c2fd0fa06884c55d5b975bc1e474b7cb2345da40ba2668449112b1a354 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT via 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront) last-modified Sat, 06 Apr 2024 12:32:46 GMT server Contentful Images API x-amz-cf-pop FRA60-P9 age 36600 etag "15435c58968e1bd6e16d546f0406abd0" vary Accept-Encoding x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control max-age=31536000 content-length 543016 x-amz-cf-id tFtKXtKIIqrHKltlZjfPnqKGWrWSZki2AwfA0dVVD5NE2TGtXcXg7A==
GET H2	200	banner.js Show response js.hs-banner.com/v2/7478034/	71 KB 23 KB	703ms 360ms	Script text/javascript	2606:4700:4400::6812:22e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/7478034/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/7478034.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0092dbfc476ededd3abfee573541a3c90c097f1618951c1e92d26ed20fa647fc Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT x-amz-version-id r9Q5WDyTlqO7ccy1ExY9yVmY9_IEzX6c content-encoding br cf-cache-status REVALIDATED x-amz-request-id G3XPCE2ZVBFZR7EN x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id b01cdc73-4a46-43ef-8b4a-65c79070fcac x-envoy-upstream-service-time 63 x-amz-id-2 rCNOU+pfmmlddq0EKdj14lDYSzHeA42AeTWttwZwWL+2nbNptndQkOewerM3k3Ucs5Y/PIQOqbQ5TM4vf5PUYR0CZ5APIs3cwOQQfN5VYMc= x-evy-trace-listener listener_https x-request-id b01cdc73-4a46-43ef-8b4a-65c79070fcac x-evy-trace-route-configuration listener_https/all last-modified Mon, 15 Apr 2024 15:00:28 GMT server cloudflare etag W/"996453431e85047a62aded24dcbc8ac5" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 vary origin, Accept-Encoding x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-vhl7w timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 87a98e15fc668c49-FRA expires Fri, 26 Apr 2024 21:14:39 GMT
GET H2	200	7478034.js Show response js.hs-analytics.net/analytics/1714165500000/	67 KB 21 KB	263ms 167ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1714165500000/7478034.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/7478034.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f3b3d11e72d9fd1233db49deb9ffc4ca2eb09b2f50adb912da4ca2ce706363bf Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT x-amz-version-id null content-encoding br cf-cache-status MISS x-amz-request-id BAS5QKJ7TZFPHVT7 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id d69c60b0-6ce0-431e-836e-b92f1758b5c6 x-envoy-upstream-service-time 19 x-amz-id-2 0mkwC7rQXnJbCF+mMk05MPJr35g0PxLMIMGJpo+xbCOvbhJBKNOumKAgyLWClJXKEm7R+QNnTaPQgW3mDUG/1PxlOG24z3JE x-evy-trace-listener listener_https x-request-id d69c60b0-6ce0-431e-836e-b92f1758b5c6 x-evy-trace-route-configuration listener_https/all last-modified Wed, 24 Apr 2024 18:27:09 GMT server cloudflare etag W/"9284045c79bc8b5a766f13a284c6515c" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-mnhbz cache-control max-age=300,public access-control-allow-credentials false cf-ray 87a98e146f2118eb-FRA expires Fri, 26 Apr 2024 21:14:38 GMT
GET H2	200	7dcf9772-9270c7eb54c2024eb0c5.js Show response www.stackhawk.com/	4 KB 4 KB	41ms 41ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/7dcf9772-9270c7eb54c2024eb0c5.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash b83046c97918c306e5b5bf823ac65f75b8db770fa9a7e776c3d72ba8dd62e08e Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:20 GMT x-amz-version-id sQ7QQoMxXf3l7Mn.yoyvRfYhsYfPYNHP x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9259 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 08 Mar 2024 16:37:19 GMT server AmazonS3 etag W/"30738524ec6aec62e55f16aeb1afadcf" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id ixStSlQ_xfW1N8d-XwWUsIboSIVXBOyFezCrSifbWNO6I2bido5EDQ==
GET H2	200	c46d6b60-5b6b7d7ec4b68023f20b.js Show response www.stackhawk.com/	3 KB 4 KB	40ms 40ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/c46d6b60-5b6b7d7ec4b68023f20b.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash cf5facaf894d03b903ac8835d5f8e438fbec23453d74a18c600329017ef2e303 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:20 GMT x-amz-version-id c9yxKwe65TCGaEoNWksDJBG6IvQ5IIFL x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9259 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 08 Mar 2024 16:37:19 GMT server AmazonS3 etag W/"475f6a392f099b122ff352b5e9e192f0" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id FxUpT35KGdKSvBI8hk7r8BPZkqgnAl3f-CuVA4ek7trZw-p-2P96ww==
GET H2	200	03e9278c-c12149ad8e1e55ddd571.js Show response www.stackhawk.com/	191 KB 43 KB	43ms 43ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/03e9278c-c12149ad8e1e55ddd571.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash a30a17dbd76070226e5552bc4711ab0d99d32a34e949d558de569bbc4ff010d8 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:20 GMT x-amz-version-id ip4AklCUMmi72k3_W.P1cGssZ8BhMXxm x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9259 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Wed, 29 Jun 2022 18:53:29 GMT server AmazonS3 etag W/"52a70fa92f05e19917c74e57ff49af9b" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id Ck-CiVjJwHoYiSEqNByRCsYZGY0BqyXT4IWXRRb1rttD5Gt302-CNQ==
GET H2	200	9ff3e076-8dbbd7de8eebdb42c73f.js Show response www.stackhawk.com/	176 KB 45 KB	51ms 51ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/9ff3e076-8dbbd7de8eebdb42c73f.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 1ea7124e8974387c2513b183b8b30d04bb67ac2415aa5cd2d9091e48a35154f1 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:21 GMT x-amz-version-id nfBE_W0HRksSwnIkqMPfnvhSPkCyusPe x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Wed, 29 Jun 2022 18:53:29 GMT server AmazonS3 etag W/"5becd3def8de51f51bd92d32f2622b07" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id LfDwvR6-9TMyxOGpzIUVg_-5Wny-HUlxiQnKL4ozvw0_JiaeQXJ4uw==
GET H2	200	76188aea-e6ccb263b07d21c24eef.js Show response www.stackhawk.com/	188 KB 31 KB	54ms 53ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/76188aea-e6ccb263b07d21c24eef.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 19dd93c2b005e435bcce642e9bd4704eeaa0ee3f5afec5b47884ef4e4361a3e0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:20 GMT x-amz-version-id SqNEGxWkMI4IgoEl2t.Fh_x66LuYkHV8 x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Wed, 29 Jun 2022 18:53:29 GMT server AmazonS3 etag W/"8d4e0373869838c45bb7869f32d12375" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id wyCV_TMo3Bb4lKekoRdoqNId0w-4Pw3Alk6FYv5C6hWXOW6b7aCgiQ==
GET H2	200	2cca2479-de6ff6d81b5fbd3b96b2.js Show response www.stackhawk.com/	430 B 3 KB	51ms 51ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/2cca2479-de6ff6d81b5fbd3b96b2.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash ec7833c578edac04978dbbb0c509319d41666ac357fd2420525fccf7d3b81523 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:21 GMT x-amz-version-id vLvDaiOWhG0qxwCvg0epkWqX5Vtj0_9t x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront content-length 430 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 08 Mar 2024 16:37:19 GMT server AmazonS3 etag "8607841d0afe1133be62c6470a99ee14" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id i3aNlJiKhjDuWrV9gJx_7HnjnnEzm_qsKQpmP5GAgZeu4_BBZ9qI4Q==
GET H2	200	commons-9a54a412e9153e901657.js Show response www.stackhawk.com/	418 KB 153 KB	61ms 60ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/commons-9a54a412e9153e901657.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 61910575994be96e57982236c86a6938c011e855b4b1da4b92a6c822919722f7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:21 GMT x-amz-version-id K38UUh1ddpnmDNNAWkkFnzuWSmzH1fdS x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:30:42 GMT server AmazonS3 etag W/"67f44a849b7678cf646cb1340dc42f1f" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id YLGJDyM1OS8PPb6EXwECsicH7RQ46AdDS6s3cr5FEqCPVrJACf7PUQ==
GET H2	200	30e1069cbc00ca0ca5f3581e295ec4195c99afa2-14802c5dfdcf04455f95.js Show response www.stackhawk.com/	21 KB 8 KB	62ms 62ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/30e1069cbc00ca0ca5f3581e295ec4195c99afa2-14802c5dfdcf04455f95.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 407e6af4ef9a960afdb11a1767a5d3d6b8455319af8833c497875c30c9fdd5ef Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:21 GMT x-amz-version-id C.qeiN1IyEBRiLknHOktQ4daeMy.eFjP x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 12 Mar 2024 15:34:41 GMT server AmazonS3 etag W/"4200d10e8df579d74f1377c7f787d95d" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id jG0GRcJgvPSt0FRpt2UNS_sj4PrBBVJq1X_Em2V6PLzZrE4e1l5jKQ==
GET H2	200	bfcd45aa62598c755f7d961b8a43a3aacfbf261b-4196b376f0642b46d880.js Show response www.stackhawk.com/	981 KB 325 KB	65ms 64ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/bfcd45aa62598c755f7d961b8a43a3aacfbf261b-4196b376f0642b46d880.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 9750ca39ad43bac4345b534ca0f6a60bf0ae15df16c47e442aaba888656053d0 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:21 GMT x-amz-version-id _Qvh58pd4_NmvY669bCgrVo7y6XCa_Tf x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:30:42 GMT server AmazonS3 etag W/"82603e9eda71026d27096da5478e74c1" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id kD4MQdEGZRmGtVddZVv7gIQQjtFkqfyzFVTl2C81n0AkVzFSxoMsLA==
GET H2	200	a32bf7e567e654e070ba9de65da9ec407be27c86-d8acdbeb541c0f8fa7c1.js Show response www.stackhawk.com/	7 KB 5 KB	68ms 68ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/a32bf7e567e654e070ba9de65da9ec407be27c86-d8acdbeb541c0f8fa7c1.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash addeb6d90c50029e0dfa13941a999f207f8e4a39d16825430ab222fda2677bca Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:21 GMT x-amz-version-id YiDDutTIVG5Z23U3LW3DxFjjaTGGFyCq x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 25 Apr 2023 18:05:22 GMT server AmazonS3 etag W/"435e560fe45fed3ec81ebff264e7d23b" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id JUUcjOZRzQWJyJ40hEIpZUQL5CY8IhI3sMVXk67qRxV7tkpNxSKOPg==
GET H2	200	component---src-templates-blog-post-tsx-d8d8b38e2eb5b4dadbd7.js Show response www.stackhawk.com/	16 KB 8 KB	129ms 129ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/component---src-templates-blog-post-tsx-d8d8b38e2eb5b4dadbd7.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 60d20ce01a957c73c545c9c43aeb7932f6d5714de140816effbaadd54275b5f7 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:21 GMT x-amz-version-id .hM8wzi_Qz1dN43P0KlEJX7cYBDtXjE7 x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9258 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 26 Apr 2024 18:14:26 GMT server AmazonS3 etag W/"5a457c01e5c6d05907007316c2bbf99a" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id u_vTwOK35yoWkg2611qZo0EOqr7P8uS2ZWozYQhIti4qPcAXMKgQ5Q==
GET H2	200	1583213021.json Show response www.stackhawk.com/page-data/sq/d/	14 KB 4 KB	452ms 452ms	XHR application/json	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/page-data/sq/d/1583213021.json Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash c5f1a2947bbdaf203492a006ce101b2e82e5ee88ed4b52cd400fdce1eff4f5a6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT x-amz-version-id FdfbSkkspj_sdiaaLMwMtoR0CAOIGPIz x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Miss from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Mon, 18 Mar 2024 17:48:02 GMT server AmazonS3 etag W/"5ca4d92a710cda63af0c581e78c43407" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/json vary Accept-Encoding cache-control public, max-age=0, must-revalidate x-amz-cf-id 3lxxg_iZOikMYKRh_0HJsGgjUSYINPtFhf_dVGJODaUDk67g0l5i_w==
GET H2	200	764694655.json Show response www.stackhawk.com/page-data/sq/d/	278 B 3 KB	426ms 425ms	XHR application/json	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/page-data/sq/d/764694655.json Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash d9046c2aa4df188cfa238571008e0f8d30de89b573faf66784359e59fa6cf709 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT x-amz-version-id nhUiu9xF3stRzlv7N65N3KxUUdBAv5zs x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Miss from cloudfront content-length 278 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 12 Mar 2024 15:34:49 GMT server AmazonS3 etag "5c81d8b44875f8beb372dc8e21a7db52" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/json cache-control public, max-age=0, must-revalidate x-amz-cf-id E57qKyGxxEgeKicIDgQRyUKsW_X3of0fmxoWGLHs1q5FQV7YsF4tKg==
GET H2	200	i Show response scout.salesloft.com/	48 B 467 B	118ms 118ms	XHR application/json	52.23.83.161 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://scout.salesloft.com/i Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 52.23.83.161 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-23-83-161.compute-1.amazonaws.com Software / Resource Hash 8b2bb00668587a06e5f0218f217035e817456bbe934c8b17304318f698701326 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:38 GMT strict-transport-security max-age=31536000; includeSubDomains access-control-allow-methods GET content-type application/json; charset=utf-8 access-control-allow-origin https://www.stackhawk.com access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 48 x-request-id b2c59a64fd1be43d8490544c22e08b9d
GET H2	200	settings Show response cdn.segment.com/v1/projects/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/	3 KB 2 KB	120ms 41ms	Fetch application/json	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/settings Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 2b183dd3a6c6163e74b6f1fb847cd2ec023f8f2160f3cf9244d2dd648b918a7d Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id IdIoBJ3Z8S1SZltXgYipNh1cz3M8KRHS content-encoding gzip via 1.1 9810d82af8847b51b9c3048141069a64.cloudfront.net (CloudFront) date Fri, 26 Apr 2024 18:59:46 GMT x-amz-cf-pop FRA6-C1 age 8074 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 14 Jul 2023 17:55:35 GMT server AmazonS3 etag W/"8a19b1de0ea816e0cf32d7f220c69efc" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding x-amz-cf-id h-_hwGoFfen33Qkbo-GE0uKjy01bDxzh9MeQk0yp8stUWR2uF2Vbeg==
GET H2	200	ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	39ms 39ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 15 Apr 2024 15:05:40 GMT x-amz-version-id 1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa content-encoding br via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 972239 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 12 Apr 2024 21:39:45 GMT server AmazonS3 etag W/"00e9c65cbba11c07c4bf4a6e2727b8ea" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id 9B8TZCrxWvphxMh7Y0pxXTphP3-0OZ_TgEGC73okObR3-8TCxtj1Iw==
GET H2	200	schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	38ms 38ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 13 Feb 2024 21:44:05 GMT x-amz-version-id GdbKd8UgUP5EXZpDaTRDFeJkJbyj8x6E content-encoding br via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 6305135 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 13 Feb 2024 18:05:05 GMT server AmazonS3 etag W/"3867b2388b619ff7fddc29ef359fc9aa" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id Uo82c8Mrl4FyiVa26y0HeZuF6gh5qGkzR4utJe3BmJJSQf-0oHGvlw==
GET H2	200	intercom.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/intercom/3.1.0/	4 KB 2 KB	39ms 39ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sat, 03 Feb 2024 17:22:52 GMT content-encoding gzip via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-version-id 5b1tkua7MmGqtjD1FWqYm4X1yYVabAcO x-amz-cf-pop FRA6-C1 age 7184807 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1878 last-modified Wed, 18 Oct 2023 10:36:35 GMT server AmazonS3 etag "d20b898e8b1fe44f03e532db7fe5cf4e" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id 60PKVDxUhdnZ7vUECKZOqc4jha4m_-_9ANO4ah7AoB7bCpybq6YSSQ==
GET H2	200	google-analytics.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/	16 KB 5 KB	41ms 41ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 23 Jan 2024 16:20:03 GMT content-encoding gzip via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-version-id K4QGNkPJBd_QhAl8Ep7SDksdcNN7fIa5 x-amz-cf-pop FRA6-C1 age 8138977 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 4743 last-modified Wed, 18 Oct 2023 10:36:35 GMT server AmazonS3 etag "36786f75981fc0efd629c4a89e1c78ec" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id rvt2Yz06AF5006_Ya2w7SrDcgha3LKM6zKqxNQkr9WmphH35L9hAhw==
GET H2	200	google-adwords-new.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/	4 KB 2 KB	42ms 42ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/google-adwords-new/1.3.0/google-adwords-new.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash a33ab3ce110e9444cf5f27ced2788d62eb4343dfc8185a9c9e4e8e6fa38c7612 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 16 Feb 2024 11:09:38 GMT content-encoding gzip via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-version-id sGKJcCHOuV7L46EAMrgTN7KwI3dP9G19 x-amz-cf-pop FRA6-C1 age 6084002 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1656 last-modified Wed, 18 Oct 2023 10:36:34 GMT server AmazonS3 etag "76e6caac3528e83f1b3e2a920d4ec781" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id S1l2f3UpEBK1ZgCUlTa5mxtYhLWLDMQhptIOTlHVG-CxpiWTlyj9kQ==
GET H2	200	linkedin-insight-tag.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/	2 KB 2 KB	43ms 43ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 22 Mar 2024 23:02:54 GMT content-encoding gzip via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-version-id ZhrDHhZpwr6TekFMpiLVSjS8mqQ4CtOC x-amz-cf-pop FRA6-C1 age 3017206 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1061 last-modified Fri, 08 Mar 2024 07:35:29 GMT server AmazonS3 etag "9fb524ce2b800e7ddc8a15d53c31c3d1" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id Vbij4d_NZRH3Y_1pVklPrsPCnr55OfYSGRs6Vhca_JHWvqs8c9nH-A==
GET H2	200	google-tag-manager.dynamic.js.gz Show response cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/	3 KB 2 KB	44ms 44ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/google-tag-manager/2.5.1/google-tag-manager.dynamic.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash e91a86b8d8da28eaf681b924b135c3a8ffacb6d51d2affad9d684e708d60a3db Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 31 Jan 2024 09:56:24 GMT content-encoding gzip via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-version-id iBgkeROQ82ipYgPNwFnoDehQ.U3dPJg. x-amz-cf-pop FRA6-C1 age 7470796 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1342 last-modified Wed, 18 Oct 2023 10:36:34 GMT server AmazonS3 etag "a1bed0458702cf863f2d24fb1b9d39ae" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id UxkqXrX0VYToXNLQ-pC5Y-Tr4pRWAoXtxMxi0Jx_FUtLN-nNhWTBUw==
GET H2	200	commons.c42222c4cb2f8913500f.js.gz Show response cdn.segment.com/next-integrations/integrations/vendor/	73 KB 22 KB	45ms 44ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/TOAfGqgnjO8CJtCj5qfeKYDUPHXu3Tuw/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 03 Apr 2024 10:56:48 GMT content-encoding gzip via 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront) x-amz-version-id HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F x-amz-cf-pop FRA6-C1 age 2023972 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 22177 last-modified Fri, 08 Mar 2024 07:35:27 GMT server AmazonS3 etag "befb217271e2e926c7d898f1c85f6cb7" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable accept-ranges bytes x-amz-cf-id K_itEqcNcGRcX9JCkaXBOgtEOaBGQ66MKg2puYc-IB7R1xGgW0TRUg==
GET H2	200	i7z9en84 Show response widget.intercom.io/widget/	7 KB 3 KB	216ms 45ms	Script application/javascript	13.224.189.49 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widget.intercom.io/widget/i7z9en84 Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.189.49 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-189-49.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 776c209756f1f1c7f4ebc0393fbf8378de3fe4fa18d6dc3737bf5869c47f81e9 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id vs97S4BedNsv7Q9x_pC_kgUJuuP1DPYm content-encoding gzip via 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront) date Fri, 26 Apr 2024 21:08:26 GMT x-amz-cf-pop FRA2-C1 age 86 x-amz-server-side-encryption AES256 x-cache Error from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2705 last-modified Fri, 26 Apr 2024 10:38:24 GMT server AmazonS3 etag "639100358138073092e32069f4cc78a8" vary Accept-Encoding, Origin content-type application/javascript; charset=UTF-8 cache-control max-age=300, s-maxage=300, public accept-ranges bytes x-amz-cf-id iifT8Zw4NH3K3BHdklk0SSZch7EZ1tB6RKCR12kBYHacaU6Sfb5y9g==
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	202ms 39ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 26 Apr 2024 19:48:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4891 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 26 Apr 2024 21:48:08 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	214 KB 78 KB	80ms 79ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-703973379 Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash f87b58c30114779e4c83e60cc179e46307a7dea54db85a65633f1a2cb3c88de8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79514 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 26 Apr 2024 21:09:39 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	48 KB 17 KB	211ms 41ms	Script application/javascript	2a02:26f0:3500:16::215:1484 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 6cc4c722a50b4152194b13e7e3c8a1a5a5f23b17988f8fa85404394efc5c0984 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 09 Apr 2024 07:42:51 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=55882 accept-ranges bytes content-length 17238
GET H2	200	gtm.js Show response www.googletagmanager.com/	195 KB 70 KB	68ms 68ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NLBZSSW&l=dataLayer Requested by Host: cdn.segment.com URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eb18d1f3c375ab3d9009aca055fc6d98d4ac993bdd0596bcc0d28711cdd5190f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 71554 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 26 Apr 2024 21:09:39 GMT
GET H2	200	223-e7ee236f41fae7fa5ad8.js Show response www.stackhawk.com/	10 KB 7 KB	43ms 43ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/223-e7ee236f41fae7fa5ad8.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/webpack-runtime-291a391152ad8ba7ab69.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 5ecc22e7ada9451df50168ae396ae82a945830c559dcf5b580bb5283f14d266b Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:35 GMT x-amz-version-id gwjMRH6AK9z0xKwbH5JbI1p_At4zkDPY x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubdomains; preload content-encoding gzip via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9245 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Wed, 24 Apr 2024 20:40:51 GMT server AmazonS3 etag W/"827525a734c0a3e7871348f4993ce6d2" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript vary Accept-Encoding cache-control public, max-age=31536000, immutable x-amz-cf-id sK2eGsXn67zX4QzL5E-jFc0DWIuB96R_O7Wrkh4hB1cBRswzXCWR1g==
GET H2	200	script.js Show response www.stackhawk.com/	0 0	0ms 0ms	Script application/javascript	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/script.js Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/commons-9a54a412e9153e901657.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 18:35:17 GMT x-amz-version-id 8JZth_m4t6U0VG5zdGa3P3gOTjCX5W_3 x-content-type-options nosniff via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 9261 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront content-length 0 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Mon, 01 Apr 2024 16:29:12 GMT server AmazonS3 etag "d41d8cd98f00b204e9800998ecf8427e" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type application/javascript cache-control public, max-age=31536000, immutable x-amz-cf-id Kcqy-RHks-Wg_2rQbS3RDa6n9O4fkxX768ekKMmSWIjTHogIcmJSuQ==
POST H2	200	p Show response api.segment.io/v1/	21 B 176 B	625ms 206ms	Fetch application/json	44.234.198.184 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.234.198.184 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-234-198-184.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.stackhawk.com date Fri, 26 Apr 2024 21:09:39 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H2	200	frame-modern.e1eb984e.js Show response js.intercomcdn.com/ Frame 5D6A	516 KB 142 KB	226ms 134ms	Script application/javascript	18.245.46.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/frame-modern.e1eb984e.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/i7z9en84 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 1af78c7913e3ecaf60002c1b4c17336f1f19aa6b582a49638d733c70519dd45c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id lMQ15q7R7OjAt4ub0sGpdmBCVPa4AVTO content-encoding gzip via 1.1 129f13101f12370407d42127c62b1bd8.cloudfront.net (CloudFront) date Fri, 26 Apr 2024 20:38:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 1873 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 145072 last-modified Fri, 26 Apr 2024 10:35:28 GMT server AmazonS3 etag "d8bf3af29257e33695b238d38ec1fba0" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id D6uScHAqzNEUyKJNdJbWzjd09Ma49HkUdydW_eQFn28qHZBMjErMig==
GET H2	200	vendor-modern.07772018.js Show response js.intercomcdn.com/ Frame 5D6A	482 KB 148 KB	135ms 44ms	Script application/javascript	18.245.46.10 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.intercomcdn.com/vendor-modern.07772018.js Requested by Host: widget.intercom.io URL: https://widget.intercom.io/widget/i7z9en84 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.245.46.10 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-245-46-10.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4c9ffbfead2561df1df412da373a075ba7e280778d403355d652339a8a9bd7f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id KaMQ.6on.YHmDebx4wU8olwjJv_LBWUO content-encoding gzip via 1.1 129f13101f12370407d42127c62b1bd8.cloudfront.net (CloudFront) date Fri, 26 Apr 2024 19:12:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA56-P9 age 7020 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 150799 last-modified Wed, 24 Apr 2024 11:20:14 GMT server AmazonS3 etag "b27b573e6b04daed0b4144a6e206ba93" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=31536000, s-maxage=7200, public accept-ranges bytes x-amz-cf-id imfUjM6JaXznwrL3oDDPHt14HRx7Act_Xrt7xNxUMXKvyjhIbvA8DQ==
GET H2	200	linkid.js Show response www.google-analytics.com/plugins/ua/	2 KB 1 KB	43ms 42ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/linkid.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:01:36 GMT content-encoding br x-content-type-options nosniff age 483 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 697 x-xss-protection 0 last-modified Fri, 30 Jun 2023 18:58:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Fri, 26 Apr 2024 22:01:36 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&coo... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2646818%26time%3D1714165779457%26li_adsId%3D483496c1-e4a9-427d-8c9c-6c7fb861d743%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&coo... https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&co...	0 487 B	267ms 165ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&cookiesTest=true&liSync=true&e_ipv6=AQJAv8AupN0iDAAAAY8cPg7LNKMTW7e8dWwBNypv4qFLyK6g644A8XInrNv6ZChPTpY3AKRA Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Fri, 26 Apr 2024 21:09:40 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: C087A69D2A634D3397BD0976856F3DBD Ref B: FRAEDGE1316 Ref C: 2024-04-26T21:09:40Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYXBlJtYC/zrD1dTMfpCQ== Redirect headers date Fri, 26 Apr 2024 21:09:39 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 93B1145432154CB2ACA26E9B50377BEF Ref B: DUS30EDGE0412 Ref C: 2024-04-26T21:09:40Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2646818&time=1714165779457&li_adsId=483496c1-e4a9-427d-8c9c-6c7fb861d743&url=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&cookiesTest=true&liSync=true&e_ipv6=AQJAv8AupN0iDAAAAY8cPg7LNKMTW7e8dWwBNypv4qFLyK6g644A8XInrNv6ZChPTpY3AKRA x-li-proto http/2 content-length 0 x-li-uuid AAYXBlJpraBZfpjhHFs/cg==
GET H3	200	js Show response www.googletagmanager.com/gtag/	323 KB 105 KB	70ms 69ms	Script application/javascript	142.250.181.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-JEJGLSJP6Z&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLBZSSW&l=dataLayer Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f8.1e100.net Software Google Tag Manager / Resource Hash a1bbce1815056837af6c52c1879e23fd179483367e30dc1bdb749312a68d99d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 107914 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 26 Apr 2024 21:09:39 GMT
GET H2	200	hotjar-3592416.js Show response static.hotjar.com/c/	9 KB 4 KB	164ms 69ms	Script application/javascript	18.66.102.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-3592416.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLBZSSW&l=dataLayer Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.102.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-102-11.fra56.r.cloudfront.net Software / Resource Hash 0f8c19742c20feebee950d0bc79dab858afa1eb0f6c575a86caf9d8c4a901e2a Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Fri, 26 Apr 2024 21:09:39 GMT via 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P2 etag W/4cd57e28a2cff3a51ca5a3b893827e7d vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id MABv5ugXfYLHJO0PDfkQ6VMKP79NfJqmatJ0miP1v9R4BTNV50dNfg==
POST H2	200	collect Show response www.google-analytics.com/j/	3 B 210 B	46ms 44ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1922675650&t=pageview&_s=1&dl=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&dp=%2Fblog%2Fwhat-is-open-redirect%2F&ul=de-de&de=UTF-8&dt=Understanding%20Open%20Redirect%20Vulnerabilities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAjAAAAACgCIAB~&jid=47430133&gjid=1721865951&cid=1330391316.1714165779&tid=UA-145045075-1&_gid=1555687681.1714165779&_slc=1&z=1804563890 Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 26 Apr 2024 21:09:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.stackhawk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 348 B	150ms 48ms	XHR text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-145045075-1&cid=1330391316.1714165779&jid=47430133&gjid=1721865951&_gid=1555687681.1714165779&_u=aGBAgEAjAAAAAGgCIAD~&z=1162538562 Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Fri, 26 Apr 2024 21:09:39 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.stackhawk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 256 B	139ms 47ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-JEJGLSJP6Z&gtm=45je44o0v9101706964z89120440783za200&_p=1714165778072&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=1330391316.1714165779&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.78%7CGoogle%2520Chrome%3B124.0.6367.78%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1714165779&sct=1&seg=0&dl=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&dt=Understanding%20Open%20Redirect%20Vulnerabilities&en=page_view&_fv=1&_ss=1&tfd=2269 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JEJGLSJP6Z&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 26 Apr 2024 21:09:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.stackhawk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 56 B	49ms 49ms	Ping text/plain	2a00:1450:400c:c00::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JEJGLSJP6Z&cid=1330391316.1714165779&gtm=45je44o0v9101706964z89120440783za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-JEJGLSJP6Z&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 26 Apr 2024 21:09:39 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.stackhawk.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	114ms 64ms	Image image/gif	142.250.186.35 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JEJGLSJP6Z&cid=1330391316.1714165779&gtm=45je44o0v9101706964z89120440783za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=941751102 Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.35 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 26 Apr 2024 21:09:39 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.25f289cf2c430c5f1dfb.js Show response script.hotjar.com/	221 KB 55 KB	133ms 44ms	Script application/javascript	13.32.27.21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.25f289cf2c430c5f1dfb.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-3592416.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-21.fra56.r.cloudfront.net Software / Resource Hash bcce269fe4e329e6aac07bda59f9f10948f0ff09a492146306f16bfc24a99e35 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 25 Apr 2024 13:00:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 0434556f8ccac61e8735f7c75767727c.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2 age 115773 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55734 last-modified Thu, 25 Apr 2024 12:59:19 GMT etag "3ff5bf469e0b33aaa48641e0415af35f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id yZiHyo3hGy7-A8KRetqgPbsum57c7aryXHVPfJGcZEpAUUM5QuhurQ==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 5D6A	6 KB 3 KB	913ms 671ms	XHR application/json	44.217.183.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.e1eb984e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.217.183.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-217-183-210.compute-1.amazonaws.com Software nginx / Resource Hash 2bf86b62eea299be38c31d225049ab4e35743622e341a53f7e49a0b65c1438c8 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 26 Apr 2024 21:09:40 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-07f0efd8322b9d369 status 200 OK x-xss-protection 1; mode=block x-request-id 00311nukvvipd5s5vffg x-runtime 0.531956 server nginx etag W/"2bf86b62eea299be38c31d225049ab4e" x-request-queueing 0 vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.stackhawk.com x-intercom-version 96ad46b7930af46cf6cc3faece60407d3ec0b058 access-control-expose-headers x-request-id cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
GET H3	200	collect www.google-analytics.com/	35 B 55 B	39ms 39ms	Image image/gif	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1922675650&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&dp=%2Fblog%2Fwhat-is-open-redirect%2F&ul=de-de&de=UTF-8&dt=Understanding%20Open%20Redirect%20Vulnerabilities&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Hotjar&ea=detect_user&el=c44fcd21&_u=aGBAgEAjAAAAAGgWIAD~&jid=&gjid=&cid=1330391316.1714165779&tid=UA-145045075-1&_gid=1555687681.1714165779&z=851462064 Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/blog/what-is-open-redirect/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 26 Apr 2024 14:15:25 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 24854 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 216 B	401ms 401ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: www.stackhawk.com URL: https://www.stackhawk.com/app-062c49fa36da699277de.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:40 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 7DF861D4771E41998C7586F6E4583CE8 Ref B: DUS30EDGE0412 Ref C: 2024-04-26T21:09:40Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://www.stackhawk.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYXBlJz7xj3mrHOXDaIEw==
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	271ms 176ms	Image image/gif	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=7478034&po=%2Fblog%2Fwhat-is-open-redirect%2F&rcu=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&pu=https%3A%2F%2Fwww.stackhawk.com%2Fblog%2Fwhat-is-open-redirect%2F&t=Understanding+Open+Redirect+Vulnerabilities&cts=1714165780515&vi=17f03b27dc159f50e09163710a8ef3dc&nc=true&u=26056930.17f03b27dc159f50e09163710a8ef3dc.1714165780513.1714165780513.1714165780513.1&b=26056930.1.1714165780513&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 26 Apr 2024 21:09:40 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id f4376c39-86f3-45a3-8963-71c3f70c83d8 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 12 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f4376c39-86f3-45a3-8963-71c3f70c83d8 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Be8cWUaeqBTTOnSRtqsMnDpJTuMKSO3UOiJRr8I1t%2BUfLr92eeb%2F80ltufVgmBoVreXHjonVuq5LTRJ4uBC8SqaFjMoa91Oc3ZGTp0iNFDtImgUIKGogINrQ2T4mAfxQsAJwpmFmHQPoDwEvim6G"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-dg8jc x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 87a98e20fcc94d4f-FRA x-robots-tag none
GET H2	200	favicon-32x32.png www.stackhawk.com/	2 KB 5 KB	40ms 40ms	Other image/png	3.160.150.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.stackhawk.com/favicon-32x32.png?v=70e1667376c636903177fbcd7172ca95 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.160.150.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-160-150-74.fra60.r.cloudfront.net Software AmazonS3 / Resource Hash 7d35aeb9cbeb5f7912062c2351909fb00c0e35aa33182d3fc325c0518a66503f Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://www.stackhawk.com/blog/what-is-open-redirect/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id htmR066JUQsp1nmwY0__NsuUrC45WlYw strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff date Fri, 26 Apr 2024 20:57:31 GMT via 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P7 age 1573 content-security-policy-report-only default-src 'none'; connect-src 'self' https://jv22carpcpzxxp5upcllfh2hzy0xbfjo.lambda-url.us-west-2.on.aws https://*.doubleclick.net https://cdn.segment.com https://secure.adnxs.com wss://ws.hotjar.com https://content.hotjar.io https://metrics.hotjar.io https://vc.hotjar.io https://analytics.google.com https://www.google-analytics.com https://www.googleadservices.com https://*.litix.io https://embedwistia-a.akamaihd.net https://js.hs-banner.com https://js.hs-analytics.net https://api.segment.io https://js.hs-scripts.com https://8o8h5taxx2-dsn.algolia.net https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://cdn.linkedin.oribi.io/ wss://nexus-websocket-a.intercom.io https://*.ingest.sentry.io https://api-iam.intercom.io https://*.wistia.com; font-src 'self' data: https://*.wistia.com www.loom.com https://fonts.intercomcdn.com/ https://fonts.gstatic.com; frame-src https://intercom-sheets.com https://www.youtube.com https://www.googleadservices.com https://www.stackhawk.com https://player.vimeo.com https://www.googletagmanager.com https://*.wistia.net https://*.wistia.com www.loom.com; img-src 'self' data: https://*.adsymptotic.com https://images.ctfassets.net https://lltrck.com https://track.hubspot.com https://*.google-analytics.com https://*.google.com https://forms.hsforms.com https://js.intercomcdn.com https://static.intercomassets.com https://embed-ssl.wistia.com https://fast.wistia.net https://www.linkedin.com https://px4.ads.linkedin.com https://px.ads.linkedin.com https://www.googletagmanager.com https://forms-na1.hsforms.com https://forms.hsforms.com https://downloads.intercomcdn.com https://www.google.com https://www.google-analytics.com; manifest-src 'self' https://accounts.google.com; media-src 'self' https://js.intercomcdn.com https://*.wistia.com https://embedwistia-a.akamaihd.net https://www.stackhawk.com; script-src 'self' 'unsafe-inline' https://*.doubleclick.net https://www.google.com https://*.googletagmanager.com https://*.google-analytics.com https://snap.licdn.com https://*.wistia.com https://*.litix.io https://analytics.google.com https://widget.intercom.io https://accounts.google.com https://cdn.segment.com https://js.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://lltrck.com https://js.intercomcdn.com https://scout-cdn.salesloft.com https://*.google.com https://forms.hsforms.com https://ajax.googleapis.com https://script.hotjar.com https://static.hotjar.com https://*.wistia.net https://www.googleadservices.com https://js.hsforms.net https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://*.hotjar.com; object-src 'none'; x-cache Hit from cloudfront content-length 2556 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 24 May 2022 20:47:52 GMT server AmazonS3 etag "d7031ec1e5d0aaa5fd9b5ba0e3291a40" x-frame-options DENY report-to {"group":"csp-endpoint","max_age":31536000,"endpoints":[{"url":"https://o360010.ingest.sentry.io/api/5670260/security/?sentry_key=2b7b422bc27748d9a7275d097a190f31"}],"include_subdomains":true} content-type image/png vary Accept-Encoding x-amz-cf-id qbH--e7RVQq75-RxAD3sEyHnOOSaT-wMjGr0u5BXjvI2DMVAjfzxMg==
POST H2	200	ping Show response api-iam.intercom.io/messenger/web/ Frame 5D6A	6 KB 3 KB	406ms 406ms	XHR application/json	44.217.183.210 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api-iam.intercom.io/messenger/web/ping Requested by Host: js.intercomcdn.com URL: https://js.intercomcdn.com/frame-modern.e1eb984e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 44.217.183.210 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-217-183-210.compute-1.amazonaws.com Software nginx / Resource Hash 5fa12d3109b74994aaca2c5bee08d21929900b69b6cf30418d32951539062933 Security Headers Name Value Strict-Transport-Security max-age=31556952; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Fri, 26 Apr 2024 21:09:41 GMT strict-transport-security max-age=31556952; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff x-ami-version ami-07f0efd8322b9d369 status 200 OK x-xss-protection 1; mode=block x-request-id 00065tiprj5k208ql6kg x-runtime 0.271727 server nginx etag W/"5fa12d3109b74994aaca2c5bee08d219" x-request-queueing 0 vary Accept,Accept-Encoding access-control-allow-methods POST, GET, OPTIONS content-type application/json; charset=utf-8 access-control-allow-origin https://www.stackhawk.com x-intercom-version 96ad46b7930af46cf6cc3faece60407d3ec0b058 access-control-expose-headers x-request-id cache-control max-age=0, private, must-revalidate access-control-allow-credentials true x-frame-options SAMEORIGIN access-control-allow-headers Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.googletagmanager.com

URL

https://www.googletagmanager.com/gtm.js?id=GTM-55BB9LS

Domain

lltrck.com

URL

https://lltrck.com/scripts/lt-v3.js?llid=33105