xss.www-sportisimo-de.uat.sportisimo.dev Open in urlscan Pro
185.219.168.41  Public Scan

35 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xss.www-sportisimo-de.uat.sportisimo.dev/	199 KB 56 KB	266ms 212ms	Document text/html	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / PHP/8.0.30 Resource Hash 55d271fc3fa5e86f04e2369bf0f4313a6419437fb67ea6547a3a5b4de7f058e7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Sat, 17 Aug 2024 07:44:20 GMT expires Thu, 19 Nov 1981 08:52:00 GMT permissions-policy autoplay=(), camera=(self), microphone=(), geolocation=(self) pragma no-cache referrer-policy no-referrer-when-downgrade strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff x-frame-options SAMEORIGIN x-powered-by PHP/8.0.30 x-server ecommerce-web-xss-uat-84fbfb456-4lgc7 x-xss-protection 1
GET H2	200	open-sans-v27-latin-ext-regular.woff2 xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/fonts/	22 KB 22 KB	26ms 22ms	Font font/woff2	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/fonts/open-sans-v27-latin-ext-regular.woff2 Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash 6849c2f6dd45325e6d5761c53db3dd6ecf99158e9cf1eb3b4e35f7e4025cb5c0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag "66bb6382-5650" content-type font/woff2 cache-control max-age=31536000 accept-ranges bytes content-length 22096 expires Sun, 17 Aug 2025 07:44:20 GMT
GET H2	200	open-sans-v27-latin-ext-600.woff2 xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/fonts/	22 KB 22 KB	36ms 33ms	Font font/woff2	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/fonts/open-sans-v27-latin-ext-600.woff2 Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash 7996a13ba28f47d09f223e3ab1971511b8390b708862b5f05be497d644845538 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag "66bb6382-5650" content-type font/woff2 cache-control max-age=31536000 accept-ranges bytes content-length 22096 expires Sun, 17 Aug 2025 07:44:20 GMT
GET H2	200	open-sans-v27-latin-ext-700.woff2 xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/fonts/	21 KB 21 KB	37ms 35ms	Font font/woff2	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/fonts/open-sans-v27-latin-ext-700.woff2 Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash 91c82197d183592cfb227c9e4e368e428ce9ba45444603dc7441d8ffe045e01c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag "66bb6382-53f8" content-type font/woff2 cache-control max-age=31536000 accept-ranges bytes content-length 21496 expires Sun, 17 Aug 2025 07:44:20 GMT
GET H2	200	layout.css xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/	598 KB 91 KB	24ms 22ms	Stylesheet text/css	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/layout.css?h=f6803007166b5e6708eb7505829a15ad9e84dc41 Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash 46e974672a45872ada9c574b850c60a3faa401d88db7b6605ff3a92a3663900e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag W/"66bb6382-9560b" content-type text/css cache-control max-age=31536000 expires Sun, 17 Aug 2025 07:44:20 GMT
GET H2	200	vendor-02eab891.js Show response xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/js/	86 KB 31 KB	22ms 21ms	Script application/javascript	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/js/vendor-02eab891.js Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash a899194fb05ff5d1ac22507210f86545a8d036ddc5a2284dc7050ffd63bbad3b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag W/"66bb6382-15648" content-type application/javascript cache-control max-age=31536000 expires Sun, 17 Aug 2025 07:44:20 GMT
GET H2	200	sm.main-562281cf.js Show response xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/js/	429 KB 104 KB	47ms 45ms	Script application/javascript	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/js/sm.main-562281cf.js Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash 890f9795a6f7cc5522801f96ca2b75aae7decf2cb8a90772bc52763901bfce80 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag W/"66bb6382-6b4a4" content-type application/javascript cache-control max-age=31536000 expires Sun, 17 Aug 2025 07:44:20 GMT
GET H2	200	logo.svg xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/images/	5 KB 2 KB	48ms 46ms	Image image/svg+xml	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Show image Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/images/logo.svg?5 Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash c9e934fad328bd421c37e5960156ab5c49c7981998588459c7fdb8dfa206a272 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag W/"66bb6382-154e" content-type image/svg+xml cache-control max-age=31536000 expires Sun, 17 Aug 2025 07:44:20 GMT
GET H2	200	loader.js Show response sdk.privacy-center.org/1a1ba383-6316-42b9-923a-8b927ae7bd4b/	2 KB 1 KB	179ms 75ms	Script application/javascript	2600:9000:26e8:f200:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/1a1ba383-6316-42b9-923a-8b927ae7bd4b/loader.js?target=xss.www-sportisimo-de.uat.sportisimo.dev Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:f200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash ac84f146a456491cbd270309b43deac2d6c93e5e2d45a053c5a4d31e1eb95e57 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-didomi-configs-version 112 content-encoding br via 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront) date Sat, 17 Aug 2024 07:44:20 GMT x-amz-cf-pop FRA56-P10 x-amzn-requestid 0016c2ab-ecfe-4707-a6b5-c8d52a7333f1 x-amzn-trace-id root=1-66bdb070-4214d6b124ef20872a4e2397;parent=5516cdff3cc37e58;sampled=0;lineage=eaae1266:0 vary Accept-Encoding etag W/"4a737e8044a142d98030f3ab5ad9f901" content-type application/javascript; charset=utf-8 x-cache RefreshHit from cloudfront cache-control max-age=60, public alt-svc h3=":443"; ma=86400 x-amz-cf-id o6X94y-ywiGsx9_YkcsiP7GZoLmgvd5lOleV0KRs10tDiVP-UCyjpg==
GET H2	200	v2 Show response integrations.etrusted.com/applications/widget.js/	4 KB 2 KB	241ms 10ms	Script application/javascript	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/applications/widget.js/v2 Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb Security Headers Name Value Strict-Transport-Security max-age= 63072000; includeSubdomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id y6m_lv3sPnnC8IKMQAxgSJ.CL61RpuYE content-encoding gzip via 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront) date Sat, 17 Aug 2024 02:56:48 GMT strict-transport-security max-age= 63072000; includeSubdomains; preload age 17253 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 25 Jul 2023 10:18:33 GMT server AmazonS3 etag W/"d7237287c6c61682525e80a1904e6609" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript cache-control max-age=86400 x-amz-cf-id qqT7QCyaVCC_SA9Vs6dMXlO8pr7IN9aDkqczsb3VwcwV8QrR6Ddy5A==
GET H2	200	XFC643E574BA25B43817F8D17B68F9E6E.js Show response widgets.trustedshops.com/js/	2 KB 2 KB	250ms 10ms	Script text/javascript	13.225.78.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.trustedshops.com/js/XFC643E574BA25B43817F8D17B68F9E6E.js Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-106.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash bd4c697c644538fd346f848f17b91d6ff1c73f03d3941fa083a8541e6915b564 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:42:10 GMT content-encoding gzip via 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront) last-modified Sat, 17 Aug 2024 05:16:36 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 131 x-amz-server-side-encryption AES256 etag W/"8e62afa26e9332d53e310dcfc6b6c2d5" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=3600 x-amz-cf-id wGz-XZCCJbDE-rpkhH2DhJudbqWSfY3q9zKV78MUW9U2hLUc022rRw==
GET H2	200	arrow.svg xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/images/	295 B 412 B	20ms 18ms	Image image/svg+xml	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Show image Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/images/arrow.svg Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/layout.css?h=f6803007166b5e6708eb7505829a15ad9e84dc41 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash 3e6e9ea399d7b1ae1850c894abd4d811c104f126008c341a1dbbcd6737a8f23b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/layout.css?h=f6803007166b5e6708eb7505829a15ad9e84dc41 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag W/"66bb6382-127" content-type image/svg+xml cache-control max-age=31536000 expires Sun, 17 Aug 2025 07:44:20 GMT
GET		HP_1556x352_desktop_DE.jpg i-sportisimo-com.uat.sportisimo.dev/cms/banners/116954/background/	0 0
GET		08.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/30583/icons/	0 0
GET		01.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/30585/icons/	0 0
GET		400x400-salomon.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/30587/icons/	0 0
GET		mizuno-156165-5.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/30589/icons/	0 0
GET		06-d.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/30593/icons/	0 0
GET		batoh-puma-produktovy-02.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/32289/icons/	0 0
GET		columbia-saturday-trail-long-short-2.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/32291/icons/	0 0
GET		07-b.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/35745/icons/	0 0
GET		o-neill-baay-maoi-bikini-1.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/36287/icons/	0 0
GET		03-e.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/37481/icons/	0 0
GET		05-d.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/37503/icons/	0 0
GET		aquatic-panter-set-0.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/41690/icons/	0 0
GET		siroka-nabidka-a-skvele-ceny1-2x.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/7033/buttons/german/	0 0
GET		ico-cms-car.svg i-sportisimo-com.uat.sportisimo.dev/cms/menus/33345/buttons/german/	0 0
GET		prodejeny-a-e-shop1-2x.png i-sportisimo-com.uat.sportisimo.dev/cms/menus/7041/buttons/german/	0 0
GET		ico-cms-30day-return.svg i-sportisimo-com.uat.sportisimo.dev/cms/menus/33347/buttons/german/	0 0
GET H2	200	sdk.9fa0574c052297d69842009398735fe6e5757e75.js Show response sdk.privacy-center.org/sdk/9fa0574c052297d69842009398735fe6e5757e75/modern/	354 KB 100 KB	12ms 9ms	Script application/javascript	2600:9000:26e8:f200:5:b7cc:d3c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.privacy-center.org/sdk/9fa0574c052297d69842009398735fe6e5757e75/modern/sdk.9fa0574c052297d69842009398735fe6e5757e75.js Requested by Host: sdk.privacy-center.org URL: https://sdk.privacy-center.org/1a1ba383-6316-42b9-923a-8b927ae7bd4b/loader.js?target=xss.www-sportisimo-de.uat.sportisimo.dev Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26e8:f200:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c0a5fcf75c3fcd9ce56bed33b0d3249ed943514d54ef68dcc4e36f582aeb132e Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Wed, 14 Aug 2024 12:25:05 GMT content-encoding gzip via 1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront) last-modified Wed, 14 Aug 2024 12:24:59 GMT server AmazonS3 x-amz-cf-pop FRA56-P10 age 242356 etag W/"853d1e3a9312e1163aaa49699438ef9e-1" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=31536000 alt-svc h3=":443"; ma=86400 x-amz-cf-id ASnKmD4AzB4R6L4GB3y204JBlb82wf7nYa4V20bVZgXm2CRo0wnZFg==
GET H2	200	wdg-3294ab9c-5cad-4743-b07f-bbe6396be235.json Show response integrations.etrusted.com/manifests/v1/	910 B 1 KB	60ms 33ms	Fetch application/json	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/manifests/v1/wdg-3294ab9c-5cad-4743-b07f-bbe6396be235.json Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/widget.js/v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 4a72501fcbefa65259a5050d914bce18b89b9ee8119d3f686315339a23968998 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id IwzS2a6n_0LIUWl5GuvpiWBrm1tpCakE via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 910 last-modified Wed, 07 Jun 2023 08:43:14 GMT server AmazonS3 etag "0a9ca4f2b504c225ff3ea881503f5f3b" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id 0VpKxHXKMX9zqWL0i8cvw8lHgyqQ0G9eBpSwb8YtCKArHM0MTQefAA==
GET		HP_1556x352_desktop_DE.jpg i-sportisimo-com.uat.sportisimo.dev/cms/banners/116954/background/	0 0
GET H2	200	gtm.js Show response www.googletagmanager.com/	532 KB 152 KB	82ms 54ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TR2Q5RX Requested by Host: xss.www-sportisimo-de.uat.sportisimo.dev URL: https://xss.www-sportisimo-de.uat.sportisimo.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 72eaf6818f6c59cc669630398bc21d4eb4b6f63acf257a594d34ec28fbb4100c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:20 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 155297 x-xss-protection 0 last-modified Sat, 17 Aug 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 17 Aug 2024 07:44:20 GMT
GET H2	200	v1 Show response integrations.etrusted.com/applications/review-carousel-service-widget/	68 KB 19 KB	10ms 9ms	Script text/javascript	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/v1 Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/widget.js/v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 9ee5fed1f63013ec5102e15fde0b78d1ab3197f3eb588f1b8b7041e8fbbd4ef4 Security Headers Name Value Strict-Transport-Security max-age= 63072000; includeSubdomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id IurNgSpalMNwNopDoooZa1HMql_sV0wz content-encoding gzip via 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront) date Sat, 17 Aug 2024 07:41:50 GMT strict-transport-security max-age= 63072000; includeSubdomains; preload age 151 x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 12 Jul 2024 12:02:00 GMT server AmazonS3 etag W/"2d861a53cd1d48a2a6fb391eebc24c69" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript cache-control max-age=600 x-amz-cf-id I15uXSekYjqbxy0qkn0byyGJsx-iQ9gJotELBvWmMiEXPIeENTzCCw==
GET H2	200	index.css integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/	26 KB 5 KB	8ms 7ms	Stylesheet text/css	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash dd5243120966101086ee73809b39ee1f057ae27cfc9196aa6a2a838d519b6044 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers x-amz-version-id ejpjsziQqfdyA.eds8IqaSC064UEurF2 content-encoding gzip via 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront) date Sat, 17 Aug 2024 07:41:34 GMT last-modified Fri, 12 Jul 2024 12:02:00 GMT server AmazonS3 x-amz-cf-pop FRA56-P11 age 167 x-amz-server-side-encryption AES256 etag W/"1e2d3ee1b82602eda74f4ba43272569e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=600 x-amz-cf-id 1IAXKrKPfLfdqsRwsWVrrXFdi2vAitoMeCq_w8dIaN0whLbc8w8Fpg==
GET H2	200	wdg-3294ab9c-5cad-4743-b07f-bbe6396be235.json Show response integrations.etrusted.com/configurations/v1/	86 B 627 B	24ms 23ms	XHR application/json	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/configurations/v1/wdg-3294ab9c-5cad-4743-b07f-bbe6396be235.json Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/v1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e1ae0de4b5f6699dc164a995f7a8c1445190684585fc85e72e4f2f0793942d7d Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id k9n3Y2q4Vttc6F9X6_.KZbE12oYiE76g via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 86 last-modified Wed, 07 Jun 2023 08:43:14 GMT server AmazonS3 etag "1f0a487b2cca0c6d886aa7d033c7f98f" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id QP5z9UjYgLCoo-kGqUnLVkFOXgvm9FBhwnyWJkQShCrl5-UiciFg7A==
GET H2	200	feed.json Show response integrations.etrusted.com/feeds/channels/v1/chl-2110a1a8-434d-4ce8-948b-9197eb627a7c/	411 B 955 B	45ms 45ms	XHR application/json	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/feeds/channels/v1/chl-2110a1a8-434d-4ce8-948b-9197eb627a7c/feed.json Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/v1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash bdfc51bb714a876fc82621b34a1dd66ed898971e5dd49ddd6c61f9617e3d9628 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id stD1zIcKXzeqXkzr4yo5ox9KlBV3aNr3 via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 411 last-modified Wed, 31 Jul 2024 11:34:25 GMT server AmazonS3 etag "2ee7da62a5da6dae31792ad3c0e78657" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id XIGLToaWXmGWBLp4jmKP8QwAp8TCYZND4TYUpBpcE3-kgmUxfAXvHQ==
GET H2	200	feed.json Show response integrations.etrusted.com/feeds/grades/v1/channels/chl-2110a1a8-434d-4ce8-948b-9197eb627a7c/touchpoints/all/	2 KB 2 KB	27ms 26ms	XHR application/octet-stream	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/feeds/grades/v1/channels/chl-2110a1a8-434d-4ce8-948b-9197eb627a7c/touchpoints/all/feed.json Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/v1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 359c0074433f6a9993f9ea04d09aa3ab0c71bdeb7b29348e9b20e366abf23bd0 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id ya8se6IobhPauBw.p3ap_G8T_xzm7QiW via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 1954 last-modified Sat, 17 Aug 2024 04:16:15 GMT server AmazonS3 etag "8f18d10182dc35d631f862b767049f4d" access-control-max-age 3000 access-control-allow-methods GET content-type application/octet-stream access-control-allow-origin * access-control-expose-headers ETag vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id 7kGIrdjJtKkQ9GkY6X8xz0Zn_cLZm88btiYSADsCxpenfnUTFWwwSA==
GET H2	200	feed.json Show response integrations.etrusted.com/feeds/review-carousel-service/v1/widgets/wdg-3294ab9c-5cad-4743-b07f-bbe6396be235/	3 KB 2 KB	50ms 49ms	XHR application/json	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/feeds/review-carousel-service/v1/widgets/wdg-3294ab9c-5cad-4743-b07f-bbe6396be235/feed.json Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/v1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 7291e0943c7aedebff9a100c2be48686aea25e82ee6c31f1de07940f82415ac8 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id oKA28yX.Q416.d09Ob.DQU1vw_tGP.Bm content-encoding gzip via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Sat, 17 Aug 2024 00:06:51 GMT server AmazonS3 etag W/"0cd3dcb302fb8178aafebee756d5626c" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id eutTt7UPQoXm4ytm458Fr3IKQ5WAeKvcRkhaITydGpJsmplae1uDxQ==
GET H2	200	de-DE.json Show response integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/assets/locales/	2 KB 1 KB	26ms 25ms	XHR application/json	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/assets/locales/de-DE.json Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/v1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 61984e01328fa87999d685988f57ed8a29cfca9d90a0d2050b3a2b59a699dfc9 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id sD9HUFTBb0bCMxaqcX2RSAPou9LUAObq content-encoding gzip via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront last-modified Fri, 12 Jul 2024 12:01:59 GMT server AmazonS3 etag W/"bfc5bce7aa3fac4c33bff3304a2a733f" access-control-max-age 3000 access-control-allow-methods GET content-type application/json access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=600 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method x-amz-cf-id bbZDnhoBeskOP8SkPFkpbGPTqdmSGTta93b2NBmUJe7FwFLom0Ms8Q==
GET H2	200	5caf2d4e221f78555bfd.svg integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/	312 B 874 B	36ms 34ms	Image image/svg+xml	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/5caf2d4e221f78555bfd.svg Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash e4fba3510a945e0bc2e0264612a30cb80ffd5f806e2676a174df1a7d6a44a52e Request headers Referer https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id Cj_zUzGUWGfszBxfD6DJAz5H5hypiuPs via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 312 last-modified Fri, 12 Jul 2024 12:01:59 GMT server AmazonS3 etag "89fb575aaade7866b9c7caa3e487e69d" access-control-max-age 3000 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id J2oKnT8ehxig47YAeyg50nB8-zStm1QSxIoeHaI9nWwIEFmoCWa8Fw==
GET H2	200	46f6e4ad50c49e4c9088.svg integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/	313 B 875 B	28ms 27ms	Image image/svg+xml	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/46f6e4ad50c49e4c9088.svg Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash dced9b29aa1be505cf98ee39bc9ec85521ade9566e86e24cfaf0574f74d4aaa7 Request headers Referer https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id UtbwQ53XWA2PwzXKAM1guzJi8eqMxaM. via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 313 last-modified Fri, 12 Jul 2024 12:01:59 GMT server AmazonS3 etag "832b0fefcaee33c30d1dca187c1e50f1" access-control-max-age 3000 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id YEDaUiNJ2yfx5bvAMFaEyyl2vvHkXdTZrF2knsphHUzAdBcvj9Bhcw==
GET H2	200	9e37aaa6d56c1935703c.svg integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/	248 B 810 B	32ms 31ms	Image image/svg+xml	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/9e37aaa6d56c1935703c.svg Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 38e437aaae847000e09206326db33b8b4f535d7e7ed4424bdff4b44cd27ff0ff Request headers Referer https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id FUD61eW.j.aFfPYl49hRkoTDmKCgXZad via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 248 last-modified Fri, 12 Jul 2024 12:01:59 GMT server AmazonS3 etag "0a0183070a4c3acb1c200b2b577f3bf3" access-control-max-age 3000 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id 5U-diCkcG5UQeO1iOLrZo-g2THiGjOxvzrQBOoRTSpYuFV9rSOd_2Q==
GET H2	200	439a022eae213a0377ab.svg integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/	245 B 807 B	27ms 26ms	Image image/svg+xml	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/439a022eae213a0377ab.svg Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash b42766cbe1b75839be4c164f109142c0d7078def280ae11ae28a5cff0e818a2d Request headers Referer https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id eGjwj.2Snm68JV39.uvnEMop24PSKjUz via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 245 last-modified Fri, 12 Jul 2024 12:01:59 GMT server AmazonS3 etag "21e3cc738d26d19f17d6ee1f83801a48" access-control-max-age 3000 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id GsfPr_9ZE0g7pr2_EVjE6bRFqbHmJFeyFHP_sv_uno_Mk-UCS03b9A==
GET H2	200	383921f86ce605de6858.svg integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/	787 B 1 KB	28ms 27ms	Image image/svg+xml	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/383921f86ce605de6858.svg Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 0631ab7f443a4d7b388841b4df4c1b5c40fc515b1394730229a496add18380d2 Request headers Referer https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id 5x0V9Ce7mQrobNG8reeVgI_LsAr1N88j via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 787 last-modified Fri, 12 Jul 2024 12:01:59 GMT server AmazonS3 etag "9b6ce127dc1bd21e5233909260cb5deb" access-control-max-age 3000 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id fY1euVS3ZLDTP9xJc9uu7uQh5vOpYYT4fI1keadrO9G6rBBUrvszZg==
GET H2	200	f935c7395ce5f72e6f2d.svg integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/	496 B 1 KB	26ms 25ms	Image image/svg+xml	18.244.18.53 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/f935c7395ce5f72e6f2d.svg Requested by Host: integrations.etrusted.com URL: https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.244.18.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-244-18-53.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash d7e930777b0f04e004a30f72ca695a0ab9d6835a87fe7893195211760f5e0be5 Request headers Referer https://integrations.etrusted.com/applications/review-carousel-service-widget/1.18.5/index.css Origin https://xss.www-sportisimo-de.uat.sportisimo.dev User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT x-amz-version-id .Dxq1BTUVTOlmIfTGXEwqwK3c_DTM8M2 via 1.1 094f3889138382e35e0daededad0ca5e.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P11 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront content-length 496 last-modified Fri, 12 Jul 2024 12:02:00 GMT server AmazonS3 etag "ef956d88c0e4dc6eb105db73815eaa11" access-control-max-age 3000 access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * access-control-expose-headers ETag cache-control max-age=600 vary Origin,Access-Control-Request-Headers,Access-Control-Request-Method accept-ranges bytes x-amz-cf-id p0P3ky3oFYY5Wvdz_8zr3FPI9qEjSf5nf9eHQRY9X3dmvRk5HQak2w==
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	122ms 7ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR2Q5RX Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sat, 17 Aug 2024 06:40:39 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 3822 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sat, 17 Aug 2024 08:40:39 GMT
GET H2	200	trustbadge.js Show response widgets.trustedshops.com/assets/	200 KB 45 KB	14ms 12ms	Script text/javascript	13.225.78.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.trustedshops.com/assets/trustbadge.js Requested by Host: widgets.trustedshops.com URL: https://widgets.trustedshops.com/js/XFC643E574BA25B43817F8D17B68F9E6E.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-106.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash a6eaf2d1ab0ee9bdbedf0c97741a379f2fdba891256f4f705ec57a7bc805603e Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 06:47:52 GMT content-encoding gzip via 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront) last-modified Mon, 12 Aug 2024 14:47:20 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 3390 x-amz-server-side-encryption AES256 etag W/"bb5b86308dcff8ceb741e2bb91ede09e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=3600 x-amz-cf-id x7GmcXJvwMabEBzlSZQofxZMbXGPduvTKUUW2u0Zt4kiXGPSm29f-A==
GET H2	200	favicon.svg xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/images/icons/favicons/	1 KB 962 B	16ms 16ms	Other image/svg+xml	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/images/icons/favicons/favicon.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash 003c3e883e3db973a57e0689d437e681361c8c0f8b9e8a1ccfce7da14f09eda8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag W/"66bb6382-59f" content-type image/svg+xml cache-control max-age=31536000 expires Sun, 17 Aug 2025 07:44:21 GMT
GET H2	200	de-DE.b3e6c60bef6a5b8cacee.chunk.js Show response widgets.trustedshops.com/assets/	11 KB 4 KB	11ms 10ms	Script text/javascript	13.225.78.106 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgets.trustedshops.com/assets/de-DE.b3e6c60bef6a5b8cacee.chunk.js Requested by Host: widgets.trustedshops.com URL: https://widgets.trustedshops.com/assets/trustbadge.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-106.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 032ae942e3849e0bebc135afe34df515786f8b9ad4dd5d1fbca513db88051604 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 05:36:44 GMT content-encoding gzip via 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront) last-modified Mon, 12 Aug 2024 14:47:22 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 7658 etag W/"b0728b4a6cfeb0dd2aeb65947dd2fcf8" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=31536000 x-amz-cf-id BLws4tHCGiv34rvKLIlSBAcPIiEexr_zmcrOp97F_ONhtiiUHCrURA==
GET H2	200	favicon.ico xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/images/icons/favicons/	7 KB 2 KB	17ms 16ms	Other image/x-icon	185.219.168.41 CMIS
General Check archive.org Show headers Download Go to Full URL https://xss.www-sportisimo-de.uat.sportisimo.dev/assets/sportisimo/css/images/icons/favicons/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.219.168.41 Prague, Czech Republic, ASN204949 (CMIS, CZ), Reverse DNS Software / Resource Hash a7390f85b7220fa0c9ce8a1fb6e35723f57ec2c22fa50cfe9b0c313ac2186e57 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains last-modified Tue, 13 Aug 2024 13:45:38 GMT etag W/"66bb6382-1cee" content-type image/x-icon cache-control max-age=31536000 expires Sun, 17 Aug 2025 07:44:21 GMT
GET H2	200	ec.js Show response www.google-analytics.com/plugins/ua/	3 KB 1 KB	17ms 15ms	Script text/javascript	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/plugins/ua/ec.js Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 07:44:00 GMT content-encoding br x-content-type-options nosniff age 21 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1129 x-xss-protection 0 last-modified Tue, 27 Jun 2023 17:28:00 GMT server sffe vary Accept-Encoding report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type text/javascript cache-control public, max-age=3600 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 17 Aug 2024 08:44:00 GMT
GET H2	200	sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg widgets.trustedshops.com/assets/images/	48 KB 12 KB	11ms 11ms	Image image/svg+xml	13.225.78.106 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://widgets.trustedshops.com/assets/images/sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.78.106 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-78-106.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash 6af29312056c28d3566230a5a50cb63bafa7d6cdc3b65508439db0d985c10bfe Request headers Referer https://xss.www-sportisimo-de.uat.sportisimo.dev/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sat, 17 Aug 2024 01:20:16 GMT content-encoding gzip via 1.1 286eb4b50e0acf373dd03645aee00b7e.cloudfront.net (CloudFront) last-modified Mon, 12 Aug 2024 14:47:22 GMT server AmazonS3 x-amz-cf-pop FRA2-C2 age 23046 etag W/"b4672d465962967c88bab0a32f3f9d66" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=31536000 x-amz-cf-id 4-3ybCDINMK-UcxAyxIsWkHosG8oWsAA29OQK2QwCQn1SbZLUACL3A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/banners/116954/background/HP_1556x352_desktop_DE.jpg

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/30583/icons/08.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/30585/icons/01.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/30587/icons/400x400-salomon.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/30589/icons/mizuno-156165-5.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/30593/icons/06-d.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/32289/icons/batoh-puma-produktovy-02.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/32291/icons/columbia-saturday-trail-long-short-2.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/35745/icons/07-b.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/36287/icons/o-neill-baay-maoi-bikini-1.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/37481/icons/03-e.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/37503/icons/05-d.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/41690/icons/aquatic-panter-set-0.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/7033/buttons/german/siroka-nabidka-a-skvele-ceny1-2x.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/33345/buttons/german/ico-cms-car.svg

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/7041/buttons/german/prodejeny-a-e-shop1-2x.png

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/menus/33347/buttons/german/ico-cms-30day-return.svg

Domain

i-sportisimo-com.uat.sportisimo.dev

URL

https://i-sportisimo-com.uat.sportisimo.dev/cms/banners/116954/background/HP_1556x352_desktop_DE.jpg

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| gdprAppliesGlobally function| __tcfapi object| dataLayer object| didomiOnReady object| sm object| _tsConfig function| $ function| jQuery function| addToCart function| getCartContent string| didomiCountry string| didomiRegion object| didomiGeoRegulations object| webpackChunkDidomi object| Didomi object| didomiEventListeners object| DidomiSanitizing object| didomiState function| Hammer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data function| _gtm_buffer_object object| _gtm_buffer object| result number| _gtm_setCookie__gtm_splitter string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| webpackChunktrustbadge_6_business_logic object| trustbadge object| gaGlobal object| gaData

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			xss.www-sportisimo-de.uat.sportisimo.dev/	1969-12-31 23:59:59	Name: PHPSESSID Value: 484c22bc6947528d3d7a8b26be6c5e85
			.sportisimo.dev/	1970-01-21 07:38:23	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTkxNWY0YjUtZWU0MC02NzM3LTk0MzItYmFhN2E2NGY5NWZhIiwiY3JlYXRlZCI6IjIwMjQtMDgtMTdUMDc6NDQ6MjAuNzA4WiIsInVwZGF0ZWQiOiIyMDI0LTA4LTE3VDA3OjQ0OjIwLjcxMFoiLCJ2ZXJzaW9uIjpudWxsfQ==
			.sportisimo.dev/	1970-01-21 07:36:56	Name: _gtm_splitter Value: 92.12096472835213
			.sportisimo.dev/	1970-01-21 07:36:56	Name: _ga Value: GA1.2.1899782519.1723880661
			.sportisimo.dev/	1970-01-20 22:52:47	Name: _gid Value: GA1.2.59194390.1723880661
			.sportisimo.dev/	1970-01-21 01:00:56	Name: _gcl_au Value: 1.1.883722640.1723880661
			.sportisimo.dev/	1969-12-31 23:59:59	Name: ga_hit_count Value: 2

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1