snyk.io Open in urlscan Pro
2a02:26f0:4700:190::ecd Public Scan

Go To Rescan
Add Verdict Report

URL:
https://snyk.io/learn/cross-site-scripting/
Submission: On January 13 via api (January 13th 2023, 9:20:33 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 31 domains to perform 104 HTTP transactions. The main IP is 2a02:26f0:4700:190::ecd, located in Prague, Czech Republic and belongs to AKAMAI-ASN1, NL. The main domain is snyk.io. The Cisco Umbrella rank of the primary domain is 92858.
TLS certificate: Issued by GeoTrust RSA CA 2018 on November 18th 2022. Valid for: 8 months.

This is the only time snyk.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2a02:26f0:470... 2a02:26f0:4700:190::ecd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	104.17.73.206 104.17.73.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	96.16.137.162 96.16.137.162	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	37.252.171.22 37.252.171.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:26f0:130... 2a02:26f0:1300:181::1c91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a04:4e42:600... 2a04:4e42:600::393	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
2	35.156.134.55 35.156.134.55	16509 (AMAZON-02) (AMAZON-02)
1	143.204.210.180 143.204.210.180	16509 (AMAZON-02) (AMAZON-02)
2	44.228.105.181 44.228.105.181	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
1	13.32.27.114 13.32.27.114	16509 (AMAZON-02) (AMAZON-02)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	23.45.104.85 23.45.104.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
2	13.32.27.73 13.32.27.73	16509 (AMAZON-02) (AMAZON-02)
2	65.9.66.61 65.9.66.61	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223d:3000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
3	3.93.95.179 3.93.95.179	14618 (AMAZON-AES) (AMAZON-AES)
4	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
7	44.205.198.31 44.205.198.31	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	134.213.193.62 134.213.193.62	15395 (RACKSPACE...) (RACKSPACE-LON)
1 3	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
104	38

19 2a02:26f0:4700:190::ecd (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

snyk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.17.73.206 (None, )

ASN13335 (CLOUDFLARENET, US)

go.snyk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

cdn.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 96.16.137.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-137-162.deploy.static.akamaitechnologies.com

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1300:181::1c91 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:600::393 (United States)

ASN54113 (FASTLY, US)

res.cloudinary.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.134.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-134-55.eu-central-1.compute.amazonaws.com

epsilon.6sense.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.210.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-210-180.fra53.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.228.105.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-228-105-181.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4a (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-114.fra56.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.104.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-85.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

lux.speedcurve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-73.fra56.r.cloudfront.net

assets.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-61.fra56.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:3000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.93.95.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-95-179.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.205.198.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-198-31.compute-1.amazonaws.com

trackingapi.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.213.193.62 (Nuremberg, Germany)

ASN15395 (RACKSPACE-LON, GB)

677-thp-415.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:807::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	snyk.io snyk.io — Cisco Umbrella Rank: 92858 go.snyk.io — Cisco Umbrella Rank: 206966	833 KB
12	6sc.co j.6sc.co — Cisco Umbrella Rank: 6055 c.6sc.co — Cisco Umbrella Rank: 8967 ipv6.6sc.co — Cisco Umbrella Rank: 6442 b.6sc.co — Cisco Umbrella Rank: 4373	15 KB
9	trendemon.com assets.trendemon.com — Cisco Umbrella Rank: 71316 trackingapi.trendemon.com — Cisco Umbrella Rank: 62966	52 KB
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2069 rs.fullstory.com — Cisco Umbrella Rank: 1949	71 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 373 www.linkedin.com — Cisco Umbrella Rank: 592 px4.ads.linkedin.com — Cisco Umbrella Rank: 6336	4 KB
4	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1889 api-iam.intercom.io — Cisco Umbrella Rank: 2376	14 KB
4	cloudinary.com res.cloudinary.com — Cisco Umbrella Rank: 2070	6 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5983	763 B
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	67 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	156 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 352	12 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	228 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2407	199 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 3035	6 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 171	16 KB
2	segment.io api.segment.io — Cisco Umbrella Rank: 999	335 B
2	6sense.com epsilon.6sense.com — Cisco Umbrella Rank: 10412	577 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
2	speedcurve.com cdn.speedcurve.com — Cisco Umbrella Rank: 5654 lux.speedcurve.com — Cisco Umbrella Rank: 15294	7 KB
1	mktoresp.com 677-thp-415.mktoresp.com — Cisco Umbrella Rank: 263759	482 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 618	395 B
1	t.co t.co — Cisco Umbrella Rank: 542	375 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 820	367 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	38 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 621	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 675	5 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1421	72 KB
1	gstatic.com fonts.gstatic.com	126 KB
1	adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 413	814 B
104	31

	Domain	Requested by
19	snyk.io	snyk.io
9	b.6sc.co	snyk.io
8	go.snyk.io	snyk.io go.snyk.io cdn.segment.com
7	trackingapi.trendemon.com	assets.trendemon.com
4	rs.fullstory.com	edge.fullstory.com
4	res.cloudinary.com	snyk.io
3	www.google.de
3	www.google.com	1 redirects
3	api-iam.intercom.io	js.intercomcdn.com
3	www.google-analytics.com	cdn.segment.com www.google-analytics.com
3	connect.facebook.net	cdn.segment.com connect.facebook.net
3	bat.bing.com	snyk.io bat.bing.com
2	www.facebook.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	px.ads.linkedin.com	2 redirects
2	js.intercomcdn.com	widget.intercom.io
2	assets.trendemon.com	snyk.io assets.trendemon.com
2	munchkin.marketo.net	cdn.segment.com munchkin.marketo.net
2	www.googleadservices.com	cdn.segment.com www.googleadservices.com
2	api.segment.io	cdn.segment.com
2	epsilon.6sense.com	j.6sc.co
2	fonts.googleapis.com	snyk.io
1	stats.g.doubleclick.net	www.google-analytics.com
1	677-thp-415.mktoresp.com	munchkin.marketo.net
1	analytics.twitter.com
1	t.co
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	lux.speedcurve.com
1	www.googletagmanager.com	cdn.segment.com
1	edge.fullstory.com	cdn.segment.com
1	static.ads-twitter.com	cdn.segment.com
1	widget.intercom.io	cdn.segment.com
1	snap.licdn.com	cdn.segment.com
1	cdn.segment.com	snyk.io
1	fonts.gstatic.com	fonts.googleapis.com
1	ipv6.6sc.co	j.6sc.co
1	c.6sc.co	j.6sc.co
1	secure.adnxs.com	j.6sc.co
1	j.6sc.co	snyk.io
1	cdn.speedcurve.com	snyk.io
104	42

This site contains links to these domains. Also see Links.

Domain
learn.snyk.io
docs.snyk.io
security.snyk.io
training.snyk.io
support.snyk.io
cloudsecuritypodcast.tv
app.snyk.io
cheatsheetseries.owasp.org
snyk.statuspage.io
snyk.docs.apiary.io
snippets.snyk.io
go.snyk.io
preferences.snyk.io
github.com
www.npmjs.com
www.devseccon.com
twitter.com
www.youtube.com
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
snyk.io GeoTrust RSA CA 2018	`2022-11-18` - `2023-07-27`	8 months	crt.sh
go.snyk.io Cloudflare Inc ECC CA-3	`2022-07-10` - `2023-07-10`	a year	crt.sh
*.speedcurve.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-07-16` - `2023-08-17`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.6sc.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-08` - `2023-03-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.cloudinary.com Go Daddy Secure Certificate Authority - G2	`2022-05-30` - `2023-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.6sense.com Amazon	`2022-05-31` - `2023-06-29`	a year	crt.sh
*.segment.com Amazon	`2022-12-13` - `2024-01-12`	a year	crt.sh
*.segment.io Amazon	`2023-01-11` - `2024-02-10`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-23` - `2023-01-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.intercom.com Amazon	`2022-03-16` - `2023-04-14`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
*.trendemon.com SSL.com RSA SSL subCA	`2022-07-12` - `2023-06-26`	a year	crt.sh
*.intercomcdn.com Amazon	`2022-12-31` - `2024-01-29`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.fullstory.com R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://snyk.io/learn/cross-site-scripting/
Frame ID: 5B7F7A07CF559F382E8937A2E60940F5
Requests: 95 HTTP requests in this frame

Frame: https://go.snyk.io/index.php/form/XDFrame
Frame ID: 2F6932882F2D7A9BAEC06C0D3BC93F39
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.d51a5b7b.js
Frame ID: 33744494DF0F1FE34944F8C17D662E7C
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: DDF8F2A7698F2C5DEF8C229EAE045AF4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What is cross-site scripting | How to prevent an XSS attack | Snyk

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

98 %
HTTPS

44 %
IPv6

31
Domains

42
Subdomains

38
IPs

7
Countries

1719 kB
Transfer

5149 kB
Size

43
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://learn.snyk.io/
Title: Snyk LearnSelf-service security education

Search URL Search Domain Scan URL

URL: https://docs.snyk.io/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://security.snyk.io/
Title: Vulnerability intelligence

Search URL Search Domain Scan URL

URL: https://training.snyk.io/
Title: Product training

Search URL Search Domain Scan URL

URL: https://support.snyk.io/hc/en-us
Title: Support portal & FAQ’s

Search URL Search Domain Scan URL

URL: https://cloudsecuritypodcast.tv/?utm_source=snyk
Title: Listen to the Cloud Security Podcast, powered by Snyk

Search URL Search Domain Scan URL

URL: https://app.snyk.io/login?cta=login&loc=nav&page=cross-site-scripting-xss
Title: Log in

Search URL Search Domain Scan URL

URL: https://app.snyk.io/login?cta=sign-up&loc=nav&page=cross-site-scripting-xss
Title: Sign up

Search URL Search Domain Scan URL

URL: https://learn.snyk.io/lessons/xss/javascript/
Title: XSS

Search URL Search Domain Scan URL

URL: https://app.snyk.io/login?cta=sign-up&loc=body&page=cross-site-scripting-xss
Title: Sign up for free

Search URL Search Domain Scan URL

URL: https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
Title: OWASP provides

Search URL Search Domain Scan URL

URL: https://snyk.statuspage.io/
Title: API status

Search URL Search Domain Scan URL

URL: https://snyk.docs.apiary.io/
Title: Snyk API

Search URL Search Domain Scan URL

URL: https://security.snyk.io/disclosed-vulnerabilities
Title: Disclosed vulnerabilities

Search URL Search Domain Scan URL

URL: https://snippets.snyk.io/
Title: Code snippets

Search URL Search Domain Scan URL

URL: https://go.snyk.io/jp.html
Title: Japanese site

Search URL Search Domain Scan URL

URL: https://preferences.snyk.io/dont_sell
Title: Do not sell my personal information

Search URL Search Domain Scan URL

URL: https://github.com/snyk/

Search URL Search Domain Scan URL

URL: https://www.npmjs.com/package/snyk

Search URL Search Domain Scan URL

URL: https://www.devseccon.com/the-secure-developer-podcast/

Search URL Search Domain Scan URL

URL: https://twitter.com/snyksec

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCh4dJzctb0NhSibjU-e2P6w

Search URL Search Domain Scan URL

URL: https://www.facebook.com/snyksec

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/snyk

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D970508%26time%3D1673644827092%26url%3Dhttps%253A%252F%252Fsnyk.io%252Flearn%252Fcross-site-scripting%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&liSync=true&e_ipv6=AQL-RunRaQY-GwAAAYWtAWPJXelRh_PhO1iXkyH-agzDBv0UHjCPddpbTLgBIZLYyFBNS7Ua

Request Chain 77

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=G8vBY7rgFIvH1wavjLWYBw&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G8vBY7rgFIvH1wavjLWYBw&random=518179876&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G8vBY7rgFIvH1wavjLWYBw&random=518179876&resp=GooglemKTybQhCsO&ipr=y&prhg=0

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
snyk.io/learn/cross-site-scripting/ 78 KB
18 KB 1824ms
1753ms Document
text/html 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx / WP Engine

Resource Hash

e3e8bf860a0e07011df188a88c5327300289b3f1ac799ad8f4f57d10367014ea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://resources.snyk.io
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=600
content-encoding: gzip
content-length: 18186
content-security-policy: frame-ancestors 'self' https://resources.snyk.io
content-type: text/html; charset=UTF-8
date: Fri, 13 Jan 2023 21:20:25 GMT
expires: Fri, 13 Jan 2023 21:30:25 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-cache-group: normal
x-cacheable: SHORT
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 16
x-edgeconnect-origin-mex-latency: 1656
x-frame-options: SAMEORIGIN
x-powered-by: WP Engine
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
snyk.io/wp-includes/css/dist/block-library/ 87 KB
12 KB 34ms
33ms Stylesheet
text/css 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
server: nginx
etag: W/"62c2d8bd-15b64"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 12062
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.6.0.min.js Show response
snyk.io/wp-content/themes/snyk_v2_etyhadar/resources/lib/ 87 KB
31 KB 27ms
27ms Script
application/javascript 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/wp-content/themes/snyk_v2_etyhadar/resources/lib/jquery-3.6.0.min.js?ver=6.0.3

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bad0f97099208aed2e4dd65585988fe4bf6c0024897f7ca43b3a4e8c512c2c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Wed, 23 Mar 2022 09:50:10 GMT
server: nginx
etag: W/"623aed52-15db2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 31155
x-xss-protection: 1; mode=block

GET
H2 200 forms2.min.js Show response
go.snyk.io/js/forms2/js/ 208 KB
69 KB 208ms
28ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.snyk.io/js/forms2/js/forms2.min.js

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 5521
etag: "fc0e78-33e51-5ea394834ab40"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 78912d03d85c9018-FRA
expires: Sat, 14 Jan 2023 01:20:26 GMT

GET
H2 200 lux.js Show response
cdn.speedcurve.com/js/ 19 KB
7 KB 62ms
17ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.speedcurve.com/js/lux.js?id=80837559
Requested by: Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: 9efe00b78b4cc2d861fcee6ad2ccc8d603d79d62673b30545281d75949dc76fa

Request headers

Referer: https://snyk.io/
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits: 1
date: Fri, 13 Jan 2023 21:20:26 GMT
via: 1.1 vegur, 1.1 varnish
content-encoding: gzip
age: 1427
x-cache: HIT
content-length: 7146
x-served-by: cache-hhn-etou8220023-HHN
last-modified: Fri, 13 Jan 2023 20:56:39 GMT
server: Apache
x-timer: S1673644826.080959,VS0,VE7
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Jan 2023 20:56:39 GMT

GET
H2 200 Screen-Shot-2020-07-09-at-13.14.11.png
snyk.io/wp-content/uploads/ 31 KB
31 KB 101ms
100ms Image
image/png 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snyk.io/wp-content/uploads/Screen-Shot-2020-07-09-at-13.14.11.png

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

279f8494ba2a2369f519251d1d62c384043a7afaf2c12c2ef1d2ab39de704986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 10:22:23 GMT
server: nginx
etag: "6103d2df-7b98"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=29429685
accept-ranges: bytes
content-length: 31640
x-xss-protection: 1; mode=block
expires: Wed, 20 Dec 2023 12:15:11 GMT

GET
H2 200 main.js Show response
snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/scripts/ 506 KB
139 KB 615ms
614ms Script
application/javascript 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/scripts/main.js?ver=1673644825

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1b74b6130e9268d0096d88c9f820315a005c94dd04668e906b0657f09513dae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 412, 412
date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Wed, 14 Dec 2022 13:56:13 GMT
server: nginx
x-edgeconnect-midmile-rtt: 0, 16
etag: W/"6399d5fd-7e8e5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 lazyload.min.js Show response
snyk.io/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 33ms
33ms Script
application/javascript 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Thu, 05 May 2022 17:09:51 GMT
server: nginx
etag: W/"627404df-1ed2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 2709
x-xss-protection: 1; mode=block

GET
H2 200 main-purged.css
snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/ 532 KB
61 KB 44ms
44ms Stylesheet
text/css 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

cd9385939974e4b54a0602d660da44b811e8fb87bea3bdfbc262eca593c2bb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 05 Dec 2022 14:29:56 GMT
server: nginx
etag: W/"638e0064-84f6b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-length: 61750
x-xss-protection: 1; mode=block

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 66ms
31ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 13 Jan 2023 21:20:26 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0DFEDADF7F6040BBBF8F79D9EB7D4344 Ref B: FRAEDGE2022 Ref C: 2023-01-13T21:20:26Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11460

GET
H2 200 code.svg
snyk.io/wp-content/uploads/ 2 KB
999 B 68ms
68ms Image
image/svg+xml 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snyk.io/wp-content/uploads/code.svg

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6f4343803c07a76c67aed75328e9027b15547c8e3d7b18f09fe2e02e15c95e7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Tue, 08 Mar 2022 01:58:57 GMT
server: nginx
etag: W/"6226b861-696"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31469667
content-length: 735
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 02:54:53 GMT

GET
H2 200 oss.svg
snyk.io/wp-content/uploads/ 2 KB
1 KB 69ms
68ms Image
image/svg+xml 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snyk.io/wp-content/uploads/oss.svg

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8d0b2536ba16c1baeec1567443fb55bcaf1d7dbb7a885e64c1f126d37900d988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Tue, 08 Mar 2022 01:58:50 GMT
server: nginx
etag: W/"6226b85a-75a"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31469643
content-length: 802
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 02:54:29 GMT

GET
H2 200 container.svg
snyk.io/wp-content/uploads/ 2 KB
1000 B 69ms
68ms Image
image/svg+xml 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snyk.io/wp-content/uploads/container.svg

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0a7eef7e9dad111fe65306c6350aa8a9019d0d7613784b6746bf8dfb24bd1702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Tue, 08 Mar 2022 01:58:55 GMT
server: nginx
etag: W/"6226b85f-66d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31469600
content-length: 736
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 02:53:46 GMT

GET
H2 200 snyk-iac-1.svg
snyk.io/wp-content/uploads/ 2 KB
1 KB 67ms
67ms Image
image/svg+xml 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snyk.io/wp-content/uploads/snyk-iac-1.svg

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8051068d460ef63d06bba0dc321b867cc14855b43d092bda7853c9f1f419cf0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Thu, 21 Jul 2022 10:07:53 GMT
server: nginx
etag: W/"62d92579-9b5"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31469602
content-length: 1030
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 02:53:48 GMT

GET
H2 200 SnykCloud.svg
snyk.io/wp-content/uploads/ 2 KB
1 KB 67ms
66ms Image
image/svg+xml 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snyk.io/wp-content/uploads/SnykCloud.svg

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2b0448a88490dd8155425707eb0f5e0183aeaa817d2e61fbefe9b9060cc061c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload
last-modified: Mon, 25 Jul 2022 21:16:43 GMT
server: nginx
etag: W/"62df083b-9a8"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=30260758
content-length: 1226
x-xss-protection: 1; mode=block
expires: Sat, 30 Dec 2023 03:06:24 GMT

GET
H2 200 6si.min.js Show response
j.6sc.co/ 31 KB
10 KB 69ms
7ms Script
application/javascript 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 01 Dec 2022 20:20:43 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63890c9b-7ad6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 10143
expires: Fri, 13 Jan 2023 21:20:26 GMT

GET
H2 200 xss-attack-expalined.jpg
snyk.io/wp-content/uploads/ 24 KB
25 KB 66ms
65ms Image
image/jpeg 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://snyk.io/wp-content/uploads/xss-attack-expalined.jpg

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4082a71bee327cf9485b6816f9a721f74e7325e9c99699791a78e224283b7f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/learn/cross-site-scripting/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 10:22:26 GMT
server: nginx
etag: "6103d2e2-613e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 24894
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 21:20:26 GMT

GET
H2 204 56377455.js Show response
bat.bing.com/p/action/ 0
118 B 104ms
103ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56377455.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 13 Jan 2023 21:20:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8A284821CA9E4D6C8427F96A84CD24CC Ref B: FRAEDGE2022 Ref C: 2023-01-13T21:20:26Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 31ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56377455&Ver=2&mid=3a0d0619-a362-4ba8-ab98-3d35ddc3f7a5&sid=18e81870938811ed9e75813a17a4a061&vid=18e846a0938811ed8ba0afc209da2ab5&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&p=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&r=&evt=pageLoad&sv=1&rn=137302

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 13 Jan 2023 21:20:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 28D08161299F4D94A23B184589FEA9F3 Ref B: FRAEDGE2022 Ref C: 2023-01-13T21:20:26Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 417 B
397 B 137ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Permanent+Marker&display=swap

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3bfa4b5c73e0fdad00c5ff6afdce1248cf86a5d821578076d761dd7c4b360001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 21:04:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 21:20:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
948 B 135ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Material+Icons&family=Material+Icons+Outlined&display=swap

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 21:20:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 13 Jan 2023 21:20:26 GMT

GET
H/1.1 200
OK getuidj Show response
secure.adnxs.com/ 11 B
814 B 123ms
68ms XHR
application/json 37.252.171.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/getuidj

Requested by

Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 13 Jan 2023 21:20:26 GMT
AN-X-Request-Uuid: 5d1650fb-7eab-4603-9fe0-e278e93bc865
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://snyk.io
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.168; 185.213.155.168; 1001.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
196 B 142ms
18ms XHR
text/html 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-137-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://snyk.io
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 20 B
249 B 106ms
14ms XHR
text/html 2a02:26f0:1300:181::1c91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1300:181::1c91 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fe1f7ff4931ae087ad58f48a31244e177230eccdac8f5185f7d231e2967c14cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:26 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://snyk.io
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a03:1b20:6:f011::8e
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 20
expires: Fri, 13 Jan 2023 21:20:26 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 288ms
235ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=ipv6&q=%7B%22address%22%3A%222a03%3A1b20%3A6%3Af011%3A%3A8e%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 arrow-right.svg
res.cloudinary.com/snyk/image/upload/snyk-marketingui/general-icons/ 194 B
563 B 51ms
14ms Image
image/svg+xml 2a04:4e42:600::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/snyk/image/upload/snyk-marketingui/general-icons/arrow-right.svg

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

90e0a035d47f107b0904156b998a76b911719d6bea5896d1546fc6ec2b95ffc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://snyk.io/
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
content-disposition: attachment; filename="arrow-right.svg"
server-timing: fastly;dur=5;cpu=4;start=2023-01-13T21:20:26.321Z;desc=hit,rtt;dur=6
content-length: 145
last-modified: Fri, 18 Feb 2022 10:30:29 GMT
server: Cloudinary
etag: W/"03384f2f742c0baf927593d79ba734fc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 wordmark-logo-color.svg
res.cloudinary.com/snyk/image/upload/snyk-marketingui/brand-logos/ 7 KB
3 KB 50ms
13ms Image
image/svg+xml 2a04:4e42:600::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/snyk/image/upload/snyk-marketingui/brand-logos/wordmark-logo-color.svg

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

4675a6b7617b6c822bb3ca4cb6109e349cdf88120763ad32fd76bc9b804586ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
content-disposition: attachment; filename="wordmark-logo-color.svg"
server-timing: fastly;dur=5;cpu=3;start=2023-01-13T21:20:26.321Z;desc=hit,rtt;dur=5
content-length: 2469
last-modified: Fri, 18 Feb 2022 11:03:21 GMT
server: Cloudinary
etag: W/"5e073d420050fc49223a737b022c5d97"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 admin.svg
res.cloudinary.com/snyk/image/upload/snyk-marketingui/brand-icons/ 4 KB
2 KB 45ms
12ms Image
image/svg+xml 2a04:4e42:600::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/snyk/image/upload/snyk-marketingui/brand-icons/admin.svg

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

dddfe47cf4ce77dc6dac768a6af004c591e4308350273d2b7bcd393c7bf47671

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
content-disposition: attachment; filename="admin.svg"
server-timing: fastly;dur=4;start=2023-01-13T21:20:26.321Z;desc=hit,rtt;dur=5
content-length: 1817
last-modified: Sun, 20 Nov 2022 11:22:30 GMT
server: Cloudinary
etag: W/"2284e4346a80a07b1d571b8459ecd409"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, no-transform, immutable, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 shield-check-icon.svg
res.cloudinary.com/snyk/image/upload/v1645713086/snyk-marketingwp/ 759 B
618 B 45ms
12ms Image
image/svg+xml 2a04:4e42:600::393
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.cloudinary.com/snyk/image/upload/v1645713086/snyk-marketingwp/shield-check-icon.svg

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::393 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

1d3c8780cfca32fa7bf74aca3367dc4092ba95baaf04937274479d437f177d4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=604800
content-disposition: attachment; filename="shield-check-icon.svg"
server-timing: fastly;dur=5;cpu=3;start=2023-01-13T21:20:26.321Z;desc=hit,rtt;dur=5
content-length: 416
last-modified: Thu, 24 Feb 2022 12:25:27 GMT
server: Cloudinary
etag: W/"425044d1f6cc2b11f49673a0b3e9007b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: public, no-transform, max-age=300
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
snyk.io/cdn/fonts/roboto/ 49 KB
49 KB 64ms
63ms Font
font/woff2 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/cdn/fonts/roboto/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 17:16:14 GMT
server: nginx
etag: "62e2c45e-c440"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50240
x-xss-protection: 1; mode=block

GET
H2 200 poppins-v19-latin-ext_latin_devanagari-600.woff2
snyk.io/cdn/fonts/poppins/ 49 KB
49 KB 54ms
53ms Font
font/woff2 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/cdn/fonts/poppins/poppins-v19-latin-ext_latin_devanagari-600.woff2

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 17:16:14 GMT
server: nginx
etag: "62e2c45e-c218"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49688
x-xss-protection: 1; mode=block

GET
H2 200 poppins-v19-latin-ext_latin_devanagari-700.woff2
snyk.io/cdn/fonts/poppins/ 48 KB
48 KB 63ms
63ms Font
font/woff2 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/cdn/fonts/poppins/poppins-v19-latin-ext_latin_devanagari-700.woff2

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4f73127335c22d96e1ee451f7b8ab5d5d6b9ba742735bb647e406e1945659bb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 17:16:14 GMT
server: nginx
etag: "62e2c45e-bfd0"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49104
x-xss-protection: 1; mode=block

GET
H2 200 roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2
snyk.io/cdn/fonts/roboto/ 49 KB
49 KB 63ms
63ms Font
font/woff2 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/cdn/fonts/roboto/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-700.woff2

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 17:16:14 GMT
server: nginx
etag: "62e2c45e-c414"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50196
x-xss-protection: 1; mode=block

GET
H2 200 poppins-v19-latin-ext_latin_devanagari-regular.woff2
snyk.io/cdn/fonts/poppins/ 48 KB
49 KB 61ms
61ms Font
font/woff2 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/cdn/fonts/poppins/poppins-v19-latin-ext_latin_devanagari-regular.woff2

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 17:16:14 GMT
server: nginx
etag: "62e2c45e-c1f4"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 49652
x-xss-protection: 1; mode=block

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v139/ 125 KB
126 KB 162ms
47ms Font
font/woff2 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Material+Icons&family=Material+Icons+Outlined&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 15:21:17 GMT
x-content-type-options: nosniff
age: 280749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128352
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 15:21:17 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 226ms
226ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A26%20GMT%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Requested by

Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 details Show response
epsilon.6sense.com/v3/company/ 746 B
577 B 28ms
13ms XHR
application/json 35.156.134.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Requested by: Host: j.6sc.co
URL: https://j.6sc.co/6si.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.134.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-134-55.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 92bf4ed91337d45e56707628028b3d620a3d3f05a677b555bfa0d924f51ea2b7

Request headers

Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
Authorization: Token 5c775a3896c0af273b0a714e6b6ae8a633adad94
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://snyk.io
access-control-allow-credentials: true
content-length: 398

OPTIONS
H2 200 details
epsilon.6sense.com/v3/company/ Frame 0
0 58ms
9ms Preflight 35.156.134.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://epsilon.6sense.com/v3/company/details
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.134.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-134-55.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://snyk.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://snyk.io
access-control-max-age: 1800
date: Fri, 13 Jan 2023 21:20:26 GMT
server: nginx

GET
H2 200 roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.woff2
snyk.io/cdn/fonts/roboto/ 49 KB
50 KB 39ms
39ms Font
font/woff2 2a02:26f0:4700:190::ecd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snyk.io/cdn/fonts/roboto/roboto-v29-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-500.woff2

Requested by

Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:4700:190::ecd Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/styles/main-purged.css?ver=1670250596
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
last-modified: Thu, 28 Jul 2022 17:16:14 GMT
server: nginx
etag: "62e2c45e-c51c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 50460
x-xss-protection: 1; mode=block

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/ 420 KB
72 KB 85ms
13ms Script
text/javascript 143.204.210.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js
Requested by: Host: snyk.io
URL: https://snyk.io/wp-content/themes/snyk_v2_etyhadar/dist/scripts/main.js?ver=1673644825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.210.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-210-180.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdf3f1d94b10373b992f29349eca9b5f3da4a1ceb2ed0d3758ba40e12bb0c55e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: bE0SPj_KwNMhiyi.2iF6Dtey.KGwvhuA
content-encoding: br
via: 1.1 1cc446ef4692d8e752b16c07f2f58a58.cloudfront.net (CloudFront)
date: Fri, 13 Jan 2023 21:20:26 GMT
x-amz-cf-pop: FRA53-C1
age: 89
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 03 Nov 2022 13:08:59 GMT
server: AmazonS3
etag: W/"d81df0c7da88af0d3e24610781f8aca7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: vJOaaKlXkempzhdwFzBffEjgFTD50Sgn0eT5YLZT9Q_hqynfjUDA7A==

GET
H2 200 getForm Show response
go.snyk.io/index.php/form/ 3 KB
1 KB 100ms
99ms Script
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.snyk.io/index.php/form/getForm?munchkinId=677-THP-415&form=1461&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&callback=jQuery11240607767189877984_1673644826326&_=1673644826327
Requested by: Host: go.snyk.io
URL: https://go.snyk.io/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f9bfeafc658baefb6ae93a2bbe7e81fa048870afed42611553a416a95205bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:26 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 78912d07cf9b9018-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

POST
H2 200 i Show response
api.segment.io/v1/ 21 B
167 B 534ms
173ms XHR
application/json 44.228.105.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/i

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.105.181 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-105-181.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://snyk.io
date: Fri, 13 Jan 2023 21:20:27 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
168 B 530ms
173ms XHR
application/json 44.228.105.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.228.105.181 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-228-105-181.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://snyk.io
date: Fri, 13 Jan 2023 21:20:27 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 38ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Jan 2023 21:20:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: n8+AAb92stHmdLyD2LaCuxWOBD0ijm0ReJMK/o5Qb0PFkx0pF3bdi2rEkKGz+hBMeGH8Q4kBW9ga6Ap1DfdzjA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 198ms
105ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

6e8e8822630240eec492223262b6c95ce67b715b57872ada3e9ee197feb94e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15155
x-xss-protection: 0
server: cafe
etag: 15007264592431658177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Jan 2023 21:20:27 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 87ms
19ms Script
application/x-javascript 2a02:26f0:11a::217:9a4a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a4a Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=46316
accept-ranges: bytes
content-length: 4777

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 164ms
48ms Script
text/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 13 Jan 2023 20:21:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3513
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 13 Jan 2023 22:21:54 GMT

GET
H2 200 ksrvzmf2 Show response
widget.intercom.io/widget/ 18 KB
7 KB 57ms
24ms Script
application/javascript 13.32.27.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/ksrvzmf2
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-114.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38f2731cb6188682358bb50e21727eb2104f4f733c8afad949f95f4464644b98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: ysNXKZj4pCwgLqZBAtRgmpbnXy4BPA2m
content-encoding: gzip
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
date: Fri, 13 Jan 2023 21:00:29 GMT
x-amz-cf-pop: FRA56-C2
age: 1209
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 6172
last-modified: Fri, 13 Jan 2023 17:19:16 GMT
server: AmazonS3
etag: "e4313ab970618043d915bade4bd2fc76"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: HbzjYDmkMT9Z26TOyminJJi0zfEooO2CGR0ELipOTGugDt4ZPWknGw==

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 105ms
17ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6373-VIE

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 263 KB
66 KB 128ms
30ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9ebee46eca18876c7d599bf20bd8f65c9d947350847e1aa7088cedef3d0af160

Request headers

Referer: https://snyk.io/
Origin: https://snyk.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 20:28:36 GMT
content-encoding: br
age: 3111
x-guploader-uploadid: ADPycdvKOnNz_cej69DO56zRWiwEw3FozAPYmd13AlaP4DDEZTjBkZp8KaeXEFjVy0cXAAfIHP_5yJbyZ_JbjEJ1SXqHnQTYADAC
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67185
last-modified: Wed, 04 Jan 2023 15:42:06 GMT
server: UploadServer
etag: "e8df8ade6333ce0c76d894b903d986f2"
vary: Accept-Encoding
x-goog-generation: 1672846926468441
x-goog-hash: crc32c=xR86Zw==, md5=6N+K3mMzzgx22JS5A9mG8g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 67185
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 13 Jan 2023 21:28:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
38 KB 126ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T8QMQW9&l=dataLayer

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

77a1f9e229b91db8948d50b7c08b0cefb09b0689b877c44c8e9913958e5b009b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38301
x-xss-protection: 0
last-modified: Fri, 13 Jan 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Jan 2023 21:20:27 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 248ms
9ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 21:20:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
Content-Type: application/x-javascript
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 forms2.min.js Show response
go.snyk.io/js/forms2/js/ 208 KB
69 KB 31ms
31ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.snyk.io/js/forms2/js/forms2.min.js

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/UspolAZH46ZIH3mN3bdf7rx63q24gitb/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 5522
etag: "fc0e78-33e51-5ea394834ab40"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 78912d08a9449018-FRA
expires: Sat, 14 Jan 2023 01:20:27 GMT

GET
H2 200 forms2.css
go.snyk.io/js/forms2/css/ 13 KB
3 KB 34ms
34ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.snyk.io/js/forms2/css/forms2.css

Requested by

Host: go.snyk.io
URL: https://go.snyk.io/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 5521
etag: "fc0ec7-3437-5ea394834ab40"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 78912d08b9479018-FRA
content-length: 2623
expires: Sat, 14 Jan 2023 01:20:27 GMT

GET
H2 200 forms2-theme-simple.css
go.snyk.io/js/forms2/css/ 826 B
342 B 32ms
32ms Stylesheet
text/css 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.snyk.io/js/forms2/css/forms2-theme-simple.css

Requested by

Host: go.snyk.io
URL: https://go.snyk.io/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 3288
etag: "fc0ec8-33a-5ea394834ab40"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 78912d08b9489018-FRA
content-length: 242
expires: Sat, 14 Jan 2023 01:20:27 GMT

GET
H2 200 /
lux.speedcurve.com/lux/ 0
168 B 36ms
10ms Image
image/webp 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lux.speedcurve.com/lux/?v=305&id=80837559&sid=167364482609863195&uid=167364482609863195&l=Cross-site-scripting&HN=snyk.io&PN=%2Flearn%2Fcross-site-scripting%2F&fl=128&NT=1673644824154fs0ds1de16cs16sc34ce72qs72bs1824be1829ol1833oi1898os2669oe2669oc2670ls2670le2670sr2228fc2228lc2228&LJS=d28t17f17c1n63e1r100x7146l1879s1943&PS=ns19bs0is10119ss4bc4ic8211ia1it32dd13nd771vh1200vw1600dh11695dw1600ds18186ct4G_er0nt0dm8&CPU=s|0,n|0,d|0,x|0,i|2228&CLS=0.433726
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220026-HHN
date: Fri, 13 Jan 2023 21:20:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1673644827.056494,VS0,VE2
x-cache: HIT
content-type: image/webp
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 getForm Show response
go.snyk.io/index.php/form/ 3 KB
1 KB 60ms
60ms Script
application/javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.snyk.io/index.php/form/getForm?munchkinId=677-THP-415&form=1461&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&callback=jQuery11240607767189877984_1673644826326&_=1673644826328
Requested by: Host: go.snyk.io
URL: https://go.snyk.io/js/forms2/js/forms2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77f9bfeafc658baefb6ae93a2bbe7e81fa048870afed42611553a416a95205bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 78912d08f9d69018-FRA
cached: true
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.92

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Jan 2023 21:20:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kktPSdAxo0cjrpfEFkt0vfLpNTsg/8e3/NYql0DUMN9yurSn2AzpvvYqIowjudNoq6MHLqR5Xl/Yw9ePQtujEQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 228850815488552 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 137ms
137ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/228850815488552?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dab22acc97b55451bf2bae289106812c3c146377de63ef7b9fd9b57c10c01c5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 13 Jan 2023 21:20:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: XfnjdtcFs+nCt6cHEjX6sBTQqkmbqQZoS36ziJUkKXcPsPVjiPUHTFUnJcdh8P0eAheV+qMgild2/y+mDEX9zg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 XDFrame Show response
go.snyk.io/index.php/form/ Frame 2F69 2 KB
781 B 116ms
116ms Document
text/html 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.snyk.io/index.php/form/XDFrame

Requested by

Host: go.snyk.io
URL: https://go.snyk.io/js/forms2/js/forms2.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06f745c3571f84a3d26083d84544b914497c6debdc0ad523345a1c217a9b41fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://snyk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 78912d093a589018-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 13 Jan 2023 21:20:27 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 trends.min.js Show response
assets.trendemon.com/tag/ 222 KB
44 KB 107ms
8ms Script
application/javascript 13.32.27.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/tag/trends.min.js
Requested by: Host: snyk.io
URL: https://snyk.io/learn/cross-site-scripting/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-73.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c19246ab5275cd1e458abaac031271ec39afe5653da291bba2fd7753717e0433

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:56:33 GMT
content-encoding: gzip
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jan 2023 09:50:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 41038
etag: "238badef0faa5d9ffdcbb2884038a1f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 44466
x-amz-cf-id: Zp3GiGnh12AtZEmEIaBPVvM3oLldyeOkaoGqqCC8dCiXW6bWOiZPNQ==

GET
H2 200 frame-modern.d51a5b7b.js Show response
js.intercomcdn.com/ Frame 3374 461 KB
126 KB 37ms
8ms Script
application/javascript 65.9.66.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.d51a5b7b.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ksrvzmf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

09c84ad0c4e935ca3ac5b2e75d2474efd7f053aaa1c88b0702f4e93d608ccaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 19:27:21 GMT
content-encoding: gzip
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-version-id: 3x8z1.u6RbCAs7Q0zwVrCiaX5qwaYm_1
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C1
age: 6787
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 128182
last-modified: Fri, 13 Jan 2023 17:16:56 GMT
server: AmazonS3
etag: "efa6075b521392c9b847379c8482924d"
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 8IIkXl_Iv5eVatNN1BH6gt8bF3UMlX8cvYr_wY-Nurs_mCCpIzVvow==

GET
H2 200 vendor-modern.574ba586.js Show response
js.intercomcdn.com/ Frame 3374 236 KB
73 KB 50ms
21ms Script
application/javascript 65.9.66.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.574ba586.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/ksrvzmf2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-61.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b591ededbdeb9204848d91a7a66e5f482417d3994b912117ca0b23dce15689d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: jnIf4TBFn2BihSzrcSITAU_N5HFG6PGv
content-encoding: gzip
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
date: Fri, 13 Jan 2023 19:32:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-C1
age: 6459
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74424
last-modified: Thu, 12 Jan 2023 11:53:15 GMT
server: AmazonS3
etag: "021d7586dd2d05352968d8ea9385a399"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: sJS2Nxj5tLpVLCHy_dWjvLLB8GKW4NInk5BWl3E8VbBKJAwHIO0uAA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/970508/domain/snyk.io/ 36 B
367 B 43ms
8ms XHR
application/json 2600:9000:223d:3000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/970508/domain/snyk.io/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:3000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 20:24:10 GMT
content-encoding: gzip
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 3377
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: AGQkBrdbL73FVVjxoqFjY2si7mbpO7oWhCAF_urgYA86Cik8A6ZfqA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D970508%26time%3D1673644827092%26url%3Dhttps%253A%252F%252Fsnyk.io%252Flearn%252Fc...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&liSync=true&e_ipv6=AQL-RunRaQY-GwAAAYWtAWPJXelRh_PhO1iXkyH-...

0
483 B

231ms
153ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&liSync=true&e_ipv6=AQL-RunRaQY-GwAAAYWtAWPJXelRh_PhO1iXkyH-agzDBv0UHjCPddpbTLgBIZLYyFBNS7Ua
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 4B96CCEDA3F74AF19C5CD9E5DA165E3E Ref B: FRAEDGE1821 Ref C: 2023-01-13T21:20:27Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-ltx1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyK81xOzPzDMNJvPqvBg==

Redirect headers

date: Fri, 13 Jan 2023 21:20:27 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8D69CD70C8F44C71BEF5E3263AA986EB Ref B: FRAEDGE1815 Ref C: 2023-01-13T21:20:27Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=970508&time=1673644827092&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&liSync=true&e_ipv6=AQL-RunRaQY-GwAAAYWtAWPJXelRh_PhO1iXkyH-agzDBv0UHjCPddpbTLgBIZLYyFBNS7Ua
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXyK81tpCcpA2H1yYLaDw==

GET
H2 200 adsct
t.co/i/ 43 B
375 B 157ms
128ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=9a0041ea-b907-4298-8690-0600f524ccac&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a0085561-e07e-4e55-82eb-f1b78b09366c&tw_document_href=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nusjs&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 122
date: Fri, 13 Jan 2023 21:20:27 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 88aa00a71edfe9c7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 802ed9ba37e0ee26bd68cf226344702e574b15cc7cb9d09bd685c73a37b2de29
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 184ms
113ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=9a0041ea-b907-4298-8690-0600f524ccac&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=a0085561-e07e-4e55-82eb-f1b78b09366c&tw_document_href=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nusjs&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 13 Jan 2023 21:20:26 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 96230361ec2de5d9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 3d2f96d8334e5d5833ca6affe7d4aea590cdccdad9f58370a95c0453d53e6946
content-length: 43

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 194ms
194ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A27%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A26%20GMT%22%2C%22timeSpent%22%3A%221003%22%2C%22totalTimeSpent%22%3A%221003%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 3374 15 KB
3 KB 759ms
527ms XHR
application/json 3.93.95.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d51a5b7b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.95.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-95-179.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d7413087b8e6676ea0eee60a27d5bb5b724dfb3b4948c4bc49ed27a3d70ee444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0705273452fc644ba
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 000drcdgpqvqabf7g7gg
x-runtime: 0.397041
server: nginx
etag: W/"d7413087b8e6676ea0eee60a27d5bb5b"
x-ratelimit-remaining: 13308
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://snyk.io
x-intercom-version: 1b70057432fe5653a735be9065107399f48cd2da
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1673644830
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H2 200 forms2.min.js Show response
go.snyk.io/js/forms2/js/ Frame 2F69 208 KB
69 KB 25ms
25ms Script
application/x-javascript 104.17.73.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://go.snyk.io/js/forms2/js/forms2.min.js

Requested by

Host: go.snyk.io
URL: https://go.snyk.io/index.php/form/XDFrame

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.73.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://go.snyk.io/index.php/form/XDFrame
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
age: 5522
etag: "fc0e78-33e51-5ea394834ab40"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=14400
cf-ray: 78912d0a4ca49018-FRA
expires: Sat, 14 Jan 2023 01:20:27 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 4 KB
2 KB 374ms
308ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: a0ec1c7a15d0bb65c714d234f7d82a864a6597cb7d6234d960aca063f919f166

Request headers

Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://snyk.io
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1471

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 128 KB
47 KB 79ms
78ms Script
application/javascript 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-K59728M&cid=1441195946.1673644827

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b8b7c03cb06b3167148b5773721dda24a31a4ef2d3e8922897461cbe6f2cd24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 13 Jan 2023 21:20:27 GMT

GET
H2 200 2025 Show response
trackingapi.trendemon.com/api/settings/ 696 B
835 B 414ms
107ms Script
application/x-javascript 44.205.198.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/settings/2025?callback=jsonp946630&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.198.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-198-31.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: e431ee201ae34abef880e6ba97b0ac62d1a5fa08ba1974de2f477cef7380f923

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 696
content-type: application/x-javascript; charset=UTF-8

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 30ms
30ms Script
application/x-javascript 23.45.104.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.45.104.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-104-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 21:20:27 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Sun, 23 Apr 2023 21:20:27 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/923832244/ 2 KB
1 KB 43ms
42ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/923832244/?random=1673644827329&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

37b0cf0ac9541cd7363f34a53894e6559b13a99ee3e0650066c908a857a68089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1026
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/ 3 KB
2 KB 128ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/?random=1673644827333&cv=9&fst=1673644827333&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=path%3D%2Flearn%2Fcross-site-scripting%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DWhat%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%3Burl%3Dhttps%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04723a99f7226f4f6ed6cdc7c52a44254cb8f1902020823e23a80d3866442c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1012
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 39ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=228850815488552&ev=PageView&dl=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&rl=&if=false&ts=1673644827362&sw=1600&sh=1200&v=2.9.92&r=stable&a=seg&ec=0&o=30&cs_est=true&fbp=fb.1.1673644827361.1567149810&it=1673644827039&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 13 Jan 2023 21:20:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 200
OK visitWebPage
677-thp-415.mktoresp.com/webevents/ 2 B
482 B 427ms
33ms Ping
text/plain 134.213.193.62
RACKSPACE-LON

General

Check archive.org

Show headers Download Go to

Full URL: https://677-thp-415.mktoresp.com/webevents/visitWebPage?_mchNc=1673644827372&_mchCn=&_mchId=677-THP-415&_mchTk=_mch-snyk.io-1673644827371-39761&_mchHo=snyk.io&_mchPo=&_mchRu=%2Flearn%2Fcross-site-scripting%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.213.193.62 Nuremberg, Germany, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 21:20:27 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: f933eae7-8f29-4e32-81bb-d00bf1215905

GET
H2

200

/
www.google.de/pagead/1p-conversion/923832244/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24...
https://www.google.com/pagead/1p-conversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_jav...
https://www.google.de/pagead/1p-conversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java...

42 B
108 B

77ms
76ms

Image
image/gif

2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G8vBY7rgFIvH1wavjLWYBw&random=518179876&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Protocol

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/923832244/?random=879047774&cv=9&fst=1673644827329&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=G8vBY7rgFIvH1wavjLWYBw&random=518179876&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
436 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-69111857-1&cid=1441195946.1673644827&jid=1419102192&gjid=220980372&_gid=173841171.1673644827&_u=aGBAgEADQAAAAEgCIAB~&z=1133127732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 13 Jan 2023 21:20:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://snyk.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 47ms
47ms Image
image/gif 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1909393244&t=pageview&_s=1&dl=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&dp=%2Flearn%2Fcross-site-scripting%2F&ul=en-us&de=UTF-8&dt=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEADQAAAAAgCIAB~&jid=1419102192&gjid=220980372&cid=1441195946.1673644827&tid=UA-69111857-1&_gid=173841171.1673644827&cd4=Alyssa%20Miller&z=673167170

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 18:07:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11577
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/923832244/ 42 B
548 B 190ms
74ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/923832244/?random=1673644827333&cv=9&fst=1673643600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2Flearn%2Fcross-site-scripting%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DWhat%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%3Burl%3Dhttps%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&async=1&fmt=3&is_vtc=1&random=2243659320&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/923832244/ 42 B
548 B 204ms
74ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/923832244/?random=1673644827333&cv=9&fst=1673643600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=path%3D%2Flearn%2Fcross-site-scripting%2F%3Breferrer%3D%3Bsearch%3D%3Btitle%3DWhat%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%3Burl%3Dhttps%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&frm=0&url=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&tiba=What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk&async=1&fmt=3&is_vtc=1&random=2243659320&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 145ms
82ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69111857-1&cid=1441195946.1673644827&jid=1419102192&_u=aGBAgEADQAAAAEgCIAB~&z=1210471180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 163ms
86ms Image
image/gif 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-69111857-1&cid=1441195946.1673644827&jid=1419102192&_u=aGBAgEADQAAAAEgCIAB~&z=1210471180

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrations Show response
rs.fullstory.com/rec/ 3 KB
3 KB 117ms
115ms Script
text/javascript 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/integrations?OrgId=RX2JA
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/javascript; charset=utf-8

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 350ms
333ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=RX2JA&UserId=6696862087073792&SessionId=4920861443182592&PageId=4984125749415936&Seq=1&PageStart=1673644827430&PrevBundleTime=0&LastActivity=5&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1fdd470cc80bce2677a23afbd6a010bbe6dea3a5ac17b620123c5a98ceb6eee5

Request headers

Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://snyk.io
date: Fri, 13 Jan 2023 21:20:28 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 identity.min.js Show response
assets.trendemon.com/global/ 17 KB
6 KB 8ms
7ms Script
application/javascript 13.32.27.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.trendemon.com/global/identity.min.js
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-73.fra56.r.cloudfront.net
Software: / Express
Resource Hash: c66036f1288dcf003502e4f687e102a7ec6afe8bfa29daa9a5bb5ab62eb3567c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 09:56:30 GMT
content-encoding: gzip
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 41037
x-powered-by: Express
x-cache: Hit from cloudfront
trd-ts: 2023-01-11T09:56:28.337Z
last-modified: Wed, 11 Jan 2023 09:49:49 GMT
etag: W/"46f8-185a03c5e48"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-amz-cf-id: SYzu_k8tZ25aZz7vExcr3m8kIKxC7NvQUskV9BxPisBHi7ocy6517Q==

GET
H2 200 me Show response
trackingapi.trendemon.com/api/Identity/ 94 B
509 B 113ms
113ms Script
application/x-javascript 44.205.198.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/Identity/me?accountId=2025&DomainCookie=16736448278227456&fingerPrint=4c3859b1872acfc8e01195effeca3600&callback=jsonp35343&vid=
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.198.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-198-31.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 91823db2d3c0a3076cd774ff8759140d87fd2d0b2ff1c0ff72379900b6a86918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:27 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 94
content-type: application/x-javascript; charset=UTF-8

POST
H2 200 / Show response
www.facebook.com/tr/ Frame DDF8 0
43 B 9ms
8ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://snyk.io
Referer: https://snyk.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://snyk.io
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 13 Jan 2023 21:20:27 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 3374 15 KB
3 KB 499ms
499ms XHR
application/json 3.93.95.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d51a5b7b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.95.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-95-179.compute-1.amazonaws.com

Software

nginx /

Resource Hash

36bd225b63fffa80372d6ab8fe2a7cb675b966f516943a5399a4752156505f10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Jan 2023 21:20:28 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0705273452fc644ba
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0006fo0itaolh6b1emi0
x-runtime: 0.360050
server: nginx
etag: W/"36bd225b63fffa80372d6ab8fe2a7cb6"
x-ratelimit-remaining: 13307
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://snyk.io
x-intercom-version: 1b70057432fe5653a735be9065107399f48cd2da
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1673644830
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

POST
H2 200 events Show response
api-iam.intercom.io/messenger/web/ Frame 3374 4 B
742 B 268ms
267ms XHR
application/json 3.93.95.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/events

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d51a5b7b.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.93.95.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-93-95-179.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 13 Jan 2023 21:20:28 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0705273452fc644ba
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0009gfn2qif2pj1mjql0
x-runtime: 0.130966
server: nginx
etag: W/"e10808d43975dc400731053386849f86"
x-ratelimit-remaining: 13326
vary: Accept,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://snyk.io
x-intercom-version: 1b70057432fe5653a735be9065107399f48cd2da
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-ratelimit-reset: 1673644830
x-ratelimit-limit: 13333
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
x-frame-options: SAMEORIGIN

GET
H2 200 marketingautomation Show response
trackingapi.trendemon.com/api/ 95 B
232 B 114ms
114ms Script
application/x-javascript 44.205.198.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/marketingautomation?AccountId=2025&ClientUrl=aHR0cHM6Ly9zbnlrLmlvL2xlYXJuL2Nyb3NzLXNpdGUtc2NyaXB0aW5nLw%3D%3D&CookieId=16736448278227456&MaCookie=aWQ6Njc3LVRIUC00MTUmdG9rZW46X21jaC1zbnlrLmlvLTE2NzM2NDQ4MjczNzEtMzk3NjE%3D&MaCookieName=X21rdG9fdHJr&MaName=marketo&callback=jsonp981802&vid=2025:16736448278227456
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.198.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-198-31.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 2fee4c5548a4b9e697d6d1037df42b91e41ccdba1c64499a414b00d9bdfa9e69

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:28 GMT
cache-control: no-store,no-cache
server: Kestrel
content-length: 95
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 pageview
trackingapi.trendemon.com/api/events/ 43 B
234 B 138ms
138ms Image
image/gif 44.205.198.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/pageview?accountId=2025&url=aHR0cHM6Ly9zbnlrLmlvL2xlYXJuL2Nyb3NzLXNpdGUtc2NyaXB0aW5nLw%3D%3D&cookie=16736448278227456&referral=&variant=&vid=2025:16736448278227456&r=1673644828018
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.198.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-198-31.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:28 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 multiple
trackingapi.trendemon.com/api/events/client-app/ 43 B
234 B 105ms
105ms Image
image/gif 44.205.198.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackingapi.trendemon.com/api/events/client-app/multiple?accountId=2025&url=aHR0cHM6Ly9zbnlrLmlvL2xlYXJuL2Nyb3NzLXNpdGUtc2NyaXB0aW5nLw%3D%3D&app=sixsense&names=%5B%5D&vid=2025:16736448278227456&r=1673644828023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.198.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-198-31.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Jan 2023 21:20:28 GMT
server: Kestrel
age: 1691358
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 191ms
191ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A28%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A27%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222004%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:28 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 personal Show response
trackingapi.trendemon.com/api/experience/ 15 B
114 B 184ms
183ms Script
application/x-javascript 44.205.198.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal?AccountId=2025&ClientUrl=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&MarketingAutomationCookie=id%3A677-THP-415%26token%3A_mch-snyk.io-1673644827371-39761&ExcludeUnitsJson=%5B%5D&callback=jsonp673603&vid=2025:16736448278227456
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.198.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-198-31.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: a6cbfbfb4e32dfca8f89166dd165da21fbcba5f8b55e2448c16788d635c8db87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:28 GMT
server: Kestrel
content-length: 15
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 personal-embedded Show response
trackingapi.trendemon.com/api/experience/ 15 B
114 B 109ms
109ms Script
application/x-javascript 44.205.198.31
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trackingapi.trendemon.com/api/experience/personal-embedded?AccountId=2025&ClientUrl=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&MarketingAutomationCookie=id%3A677-THP-415%26token%3A_mch-snyk.io-1673644827371-39761&Ids=%5B%5D&Groups=%5B%5D&callback=jsonp235045&vid=2025:16736448278227456
Requested by: Host: assets.trendemon.com
URL: https://assets.trendemon.com/tag/trends.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.205.198.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-205-198-31.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: c892aa334e57eaf92f57ab21eaa989979d73158c30aa8b97da2be29e537fa598

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:28 GMT
server: Kestrel
content-length: 15
content-type: application/x-javascript; charset=UTF-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 206ms
206ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A29%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A28%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223005%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:29 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 228ms
228ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A30%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A29%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224006%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:30 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 05 Jun 2021 07:56:05 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "60bb2e15-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 188ms
187ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A31%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A30%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225007%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:31 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 201ms
201ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A32%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A31%20GMT%22%2C%22timeSpent%22%3A%221004%22%2C%22totalTimeSpent%22%3A%226011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:32 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Fri, 21 Feb 2020 18:57:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5e502810-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 bundle Show response
rs.fullstory.com/rec/ 29 B
43 B 300ms
298ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle?OrgId=RX2JA&UserId=6696862087073792&SessionId=4920861443182592&PageId=4984125749415936&Seq=2&PageStart=1673644827430&PrevBundleTime=1673644827985&LastActivity=4864&IsNewSession=true
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 2d8f503a045659d54403954608267485d6165a51d228329a7f188ba33df13b80

Request headers

Referer: https://snyk.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://snyk.io
date: Fri, 13 Jan 2023 21:20:33 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
492 B 188ms
188ms Image
image/gif 96.16.137.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=50d389da3b3e04f03e03d1239ba98024&svisitor=null&visitor=21aac166-f531-45eb-8fd8-23a9b0d0da45&session=0980122f-f771-4c83-898b-c85e1c53fb8a&event=active_time_track&q=%7B%22currentTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A33%20GMT%22%2C%22lastTrackTime%22%3A%22Fri%2C%2013%20Jan%202023%2021%3A20%3A32%20GMT%22%2C%22timeSpent%22%3A%221000%22%2C%22totalTimeSpent%22%3A%227011%22%7D&isIframe=false&m=%7B%22description%22%3A%22Learn%20more%20about%20cross-site%20scripting%20-%20referred%20to%20as%20XSS%20-%20is%20an%20application%20vulnerability%20that%20has%20the%20potential%20to%20wreak%20havoc%20on%20applications%20and%20websites.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22What%20is%20cross-site%20scripting%20%7C%20How%20to%20prevent%20an%20XSS%20attack%20%7C%20Snyk%22%7D&cb=&r=&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fsnyk.io%2Flearn%2Fcross-site-scripting%2F&pageViewId=843e2d8c-1a71-457c-8672-3ff5e1869fed&an_uid=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.137.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-137-162.deploy.static.akamaitechnologies.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://snyk.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 13 Jan 2023 21:20:33 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
snyk.io/	1970-01-20 08:54:06	Name: lux_uid Value: 167364482609863195
.bing.com/	1970-01-20 18:15:40	Name: MUID Value: 2DA705A7DA1F6BD23519173FDBCD6AD8
.snyk.io/	1970-01-20 08:55:31	Name: _uetsid Value: 18e81870938811ed9e75813a17a4a061
.snyk.io/	1970-01-20 18:15:40	Name: _uetvid Value: 18e846a0938811ed8ba0afc209da2ab5
.go.snyk.io/	1970-01-20 08:54:06	Name: __cf_bm Value: 5AjqAJN8XkWl6Q3ziTNZjKQRRsNWEAa7RVLZ5y5O1o8-1673644826-0-Ad0V0VJGnly0yG8P9AZqWJazSUKGGVuElzRzv7tqnI2KtUkkgltrsca4RL+Xr9CPpSwo8EMSpzGmDZo9hEwVeyw=
snyk.io/	1970-01-20 18:30:04	Name: _gd_visitor Value: 21aac166-f531-45eb-8fd8-23a9b0d0da45
snyk.io/	1970-01-20 08:54:19	Name: _gd_session Value: 0980122f-f771-4c83-898b-c85e1c53fb8a
snyk.io/	1970-01-20 09:04:09	Name: _an_uid Value: 0
.6sc.co/	1970-01-20 18:30:04	Name: 6suuid Value: cbd5ce17fb3a00001acbc16318020000bc9d2901
.snyk.io/	1970-01-20 17:39:40	Name: ajs_anonymous_id Value: %22f2992b2d-9251-4a2a-8ca9-be68d87ac51b%22
snyk.io/	1970-01-20 08:55:31	Name: ln_or Value: eyI5NzA1MDgiOiJkIn0%3D
go.snyk.io/	1969-12-31 23:59:59	Name: RSMKTO1 Value: 1845500844.47617.0000
.t.co/	1970-01-20 18:30:04	Name: muc_ads Value: 04ed754b-3352-4fc6-9c90-b1310dbe3b1e
.linkedin.com/	1970-01-20 09:37:16	Name: UserMatchHistory Value: AQLDBkdfUMnn8wAAAYWtAWJh6ZW-Kdc2WDBsI-7RD3YkyQbEh7D_RWxoplT2qTgsNfM0kP5QyDM_MA
.linkedin.com/	1970-01-20 09:37:16	Name: AnalyticsSyncHistory Value: AQIVZiV5JbS2ngAAAYWtAWJhIjeB9pdEYjCVqZ172yjlfhLscvhEeDIXxsylckevS09u-DCts0ur6yVUMAD5Og
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:39:40	Name: bcookie Value: "v=2&e3af4caf-cfb1-441b-86ca-702597629514"
.linkedin.com/	1970-01-20 08:55:31	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2445:u=1:x=1:i=1673644827:t=1673731227:v=2:sig=AQGAhFG7vGG8eIgQFQag7lL9QSmAu3ww"
.twitter.com/	1970-01-20 18:30:04	Name: personalization_id Value: "v1_bLSCw7kzMxwAk2N5UA9tyw=="
.snyk.io/	1970-01-20 18:30:04	Name: _ga Value: GA1.2.1441195946.1673644827
.snyk.io/	1970-01-20 08:55:31	Name: _gid Value: GA1.2.173841171.1673644827
.snyk.io/	1970-01-20 11:03:40	Name: _fbp Value: fb.1.1673644827361.1567149810
.snyk.io/	1970-01-20 18:30:04	Name: _mkto_trk Value: id:677-THP-415&token:_mch-snyk.io-1673644827371-39761
.snyk.io/	1970-01-20 08:54:04	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 08:54:05	Name: test_cookie Value: CheckForPermission
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:39:40	Name: bscookie Value: "v=1&202301132120273398b779-17c7-4bcc-826e-6a3f5e6f29a7AQFbSjpaoMld8OSW51VQd3I7KphDA-ON"
.linkedin.com/	1970-01-20 13:13:16	Name: li_gc Value: MTswOzE2NzM2NDQ4Mjc7MjswMjGWB6/XXSowNh1m9/o8VFF9WmPtpgWKu7kB+clvNKVrRg==
.snyk.io/	1970-01-20 17:39:40	Name: fs_uid Value: #RX2JA#6696862087073792:4920861443182592:::#/1705180827
.snyk.io/	1970-01-20 17:39:40	Name: trd_cid Value: 16736448278227456
.snyk.io/	1970-01-20 15:22:54	Name: intercom-id-ksrvzmf2 Value: 8c508d1f-18f1-49e4-88a3-829d875e5d66
.snyk.io/	1970-01-20 09:04:09	Name: intercom-session-ksrvzmf2 Value:
.snyk.io/	1970-01-20 15:22:54	Name: intercom-device-id-ksrvzmf2 Value: b26e3720-e753-4c5f-b4e9-142366ecd6e6
trackingapi.trendemon.com/	1970-01-20 18:30:04	Name: trd_gavid_2025 Value: 16736448278227456
trackingapi.trendemon.com/	1970-01-20 18:30:04	Name: trd_gvid Value: 16736448278227456
trackingapi.trendemon.com/	1970-01-20 18:30:04	Name: trd_vid_2025 Value: 2025%3A16736448278227456
.snyk.io/	1970-01-20 17:39:40	Name: trd_vid_l Value: 2025%3A16736448278227456
.snyk.io/	1970-01-20 17:39:40	Name: trd_vuid_l Value: -6872935971110968956
.snyk.io/	1970-01-20 17:39:40	Name: trd_first_visit Value: 1673644828
.snyk.io/	1970-01-20 17:39:40	Name: trd_pw Value: 1
.snyk.io/	1970-01-20 08:54:06	Name: trd_pws Value: 1
.snyk.io/	1970-01-20 08:54:06	Name: trd_sid Value: 16736448280162526
.snyk.io/	1970-01-20 08:54:48	Name: trd_ma_cookie Value: aWQ6Njc3LVRIUC00MTUmdG9rZW46X21jaC1zbnlrLmlvLTE2NzM2NDQ4MjczNzEtMzk3NjE%3D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://resources.snyk.io
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

677-thp-415.mktoresp.com
analytics.twitter.com
api-iam.intercom.io
api.segment.io
assets.trendemon.com
b.6sc.co
bat.bing.com
c.6sc.co
cdn.linkedin.oribi.io
cdn.segment.com
cdn.speedcurve.com
connect.facebook.net
edge.fullstory.com
epsilon.6sense.com
fonts.googleapis.com
fonts.gstatic.com
go.snyk.io
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js.intercomcdn.com
lux.speedcurve.com
munchkin.marketo.net
px.ads.linkedin.com
px4.ads.linkedin.com
res.cloudinary.com
rs.fullstory.com
secure.adnxs.com
snap.licdn.com
snyk.io
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trackingapi.trendemon.com
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.17.73.206
104.244.42.3
104.244.42.5
13.107.42.14
13.32.27.114
13.32.27.73
134.213.193.62
142.250.186.98
143.204.210.180
151.101.130.217
151.101.66.217
199.232.16.157
23.45.104.85
2600:9000:223d:3000:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2008
2a00:1450:400c:c0d::9a
2a00:1450:400d:806::2003
2a00:1450:400d:807::2004
2a00:1450:400d:807::200e
2a00:1450:400d:80a::2003
2a02:26f0:11a::217:9a4a
2a02:26f0:1300:181::1c91
2a02:26f0:4700:190::ecd
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::393
3.93.95.179
35.156.134.55
35.186.194.58
35.201.112.186
37.252.171.22
44.205.198.31
44.228.105.181
65.9.66.61
96.16.137.162
04723a99f7226f4f6ed6cdc7c52a44254cb8f1902020823e23a80d3866442c6c
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
06f745c3571f84a3d26083d84544b914497c6debdc0ad523345a1c217a9b41fe
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2
09c84ad0c4e935ca3ac5b2e75d2474efd7f053aaa1c88b0702f4e93d608ccaa3
0a7eef7e9dad111fe65306c6350aa8a9019d0d7613784b6746bf8dfb24bd1702
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
1b74b6130e9268d0096d88c9f820315a005c94dd04668e906b0657f09513dae9
1d3c8780cfca32fa7bf74aca3367dc4092ba95baaf04937274479d437f177d4a
1fdd470cc80bce2677a23afbd6a010bbe6dea3a5ac17b620123c5a98ceb6eee5
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
279f8494ba2a2369f519251d1d62c384043a7afaf2c12c2ef1d2ab39de704986
2b0448a88490dd8155425707eb0f5e0183aeaa817d2e61fbefe9b9060cc061c4
2d8f503a045659d54403954608267485d6165a51d228329a7f188ba33df13b80
2fee4c5548a4b9e697d6d1037df42b91e41ccdba1c64499a414b00d9bdfa9e69
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
36bd225b63fffa80372d6ab8fe2a7cb675b966f516943a5399a4752156505f10
37b0cf0ac9541cd7363f34a53894e6559b13a99ee3e0650066c908a857a68089
38f2731cb6188682358bb50e21727eb2104f4f733c8afad949f95f4464644b98
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3bfa4b5c73e0fdad00c5ff6afdce1248cf86a5d821578076d761dd7c4b360001
4082a71bee327cf9485b6816f9a721f74e7325e9c99699791a78e224283b7f83
4675a6b7617b6c822bb3ca4cb6109e349cdf88120763ad32fd76bc9b804586ac
4b8b7c03cb06b3167148b5773721dda24a31a4ef2d3e8922897461cbe6f2cd24
4f73127335c22d96e1ee451f7b8ab5d5d6b9ba742735bb647e406e1945659bb6
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
6dab22acc97b55451bf2bae289106812c3c146377de63ef7b9fd9b57c10c01c5
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6e8e8822630240eec492223262b6c95ce67b715b57872ada3e9ee197feb94e9c
6f4343803c07a76c67aed75328e9027b15547c8e3d7b18f09fe2e02e15c95e7c
77a1f9e229b91db8948d50b7c08b0cefb09b0689b877c44c8e9913958e5b009b
77f9bfeafc658baefb6ae93a2bbe7e81fa048870afed42611553a416a95205bd
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
8051068d460ef63d06bba0dc321b867cc14855b43d092bda7853c9f1f419cf0c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d0b2536ba16c1baeec1567443fb55bcaf1d7dbb7a885e64c1f126d37900d988
90e0a035d47f107b0904156b998a76b911719d6bea5896d1546fc6ec2b95ffc0
91823db2d3c0a3076cd774ff8759140d87fd2d0b2ff1c0ff72379900b6a86918
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
92bf4ed91337d45e56707628028b3d620a3d3f05a677b555bfa0d924f51ea2b7
9ebee46eca18876c7d599bf20bd8f65c9d947350847e1aa7088cedef3d0af160
9efe00b78b4cc2d861fcee6ad2ccc8d603d79d62673b30545281d75949dc76fa
a0ec1c7a15d0bb65c714d234f7d82a864a6597cb7d6234d960aca063f919f166
a6cbfbfb4e32dfca8f89166dd165da21fbcba5f8b55e2448c16788d635c8db87
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b591ededbdeb9204848d91a7a66e5f482417d3994b912117ca0b23dce15689d0
bad0f97099208aed2e4dd65585988fe4bf6c0024897f7ca43b3a4e8c512c2c85
be54ac8b9843afcd92dea7b3e72306efec71ba3b6365f679f179c7ca4a0aea9f
c19246ab5275cd1e458abaac031271ec39afe5653da291bba2fd7753717e0433
c66036f1288dcf003502e4f687e102a7ec6afe8bfa29daa9a5bb5ab62eb3567c
c892aa334e57eaf92f57ab21eaa989979d73158c30aa8b97da2be29e537fa598
cd9385939974e4b54a0602d660da44b811e8fb87bea3bdfbc262eca593c2bb2d
cdf3f1d94b10373b992f29349eca9b5f3da4a1ceb2ed0d3758ba40e12bb0c55e
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d171475258fb6a060d8c6b957b519482eb4911697329c085f2d6ed17994e2657
d7413087b8e6676ea0eee60a27d5bb5b724dfb3b4948c4bc49ed27a3d70ee444
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dddfe47cf4ce77dc6dac768a6af004c591e4308350273d2b7bcd393c7bf47671
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e8bf860a0e07011df188a88c5327300289b3f1ac799ad8f4f57d10367014ea
e431ee201ae34abef880e6ba97b0ac62d1a5fa08ba1974de2f477cef7380f923
ee7e4a24daafdb8c937da249dc9bf3786eb966f53cbcb436a950e49298e8da75
eea93734d5f0032479fa252394415d53cbcd4e7bd6d54764543eaa8b7c9fd10c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f2cd8c1f224de496524c3d6362250eae0c0b4d1d90e2f68ae1fb0ea67cf03138
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe1f7ff4931ae087ad58f48a31244e177230eccdac8f5185f7d231e2967c14cd

snyk.io Open in urlscan Pro 2a02:26f0:4700:190::ecd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

98 %HTTPS

44 %IPv6

31 Domains

42 Subdomains

38 IPs

7 Countries

1719 kBTransfer

5149 kBSize

43 Cookies

24 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

snyk.io Open in urlscan Pro
2a02:26f0:4700:190::ecd Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

98 %
HTTPS

44 %
IPv6

31
Domains

42
Subdomains

38
IPs

7
Countries

1719 kB
Transfer

5149 kB
Size

43
Cookies

104 HTTP transactions
0 data transactions