URL: https://blt.owasp.org/
Submission: On February 03 via api from US — Scanned from US

Summary

This website contacted 14 IPs in 3 countries across 13 domains to perform 50 HTTP transactions. The main IP is 2606:4700:10::6816:1a4d, located in United States and belongs to CLOUDFLARENET, US. The main domain is blt.owasp.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 4th 2023. Valid for: a year.
This is the only time blt.owasp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 24 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3.226.182.14 14618 (AMAZON-AES)
12 2607:f8b0:400... 15169 (GOOGLE)
1 164.100.134.191 4758 (NICNET-VS...)
1 80.191.24.17 12880 (DCI-AS)
1 89.221.81.102 50733 (BINA-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
50 14
Apex Domain
Subdomains
Transfer
24 owasp.org
blt.owasp.org
www.owasp.org — Cisco Umbrella Rank: 373896
owasp.org — Cisco Umbrella Rank: 166960
220 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
storage.googleapis.com — Cisco Umbrella Rank: 286
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 46008
109 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
169 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
82 KB
1 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7068
58 KB
1 basij.ir
www.basij.ir
1 tic.ir
www.tic.ir
1 tn.gov.in
www.labour.tn.gov.in
1 bugheist.com
www.bugheist.com
1 gstatic.com
fonts.gstatic.com
48 KB
0 aja.ir Failed
www.aja.ir Failed
50 13
Domain Requested by
22 blt.owasp.org blt.owasp.org
12 storage.googleapis.com blt.owasp.org
3 www.google-analytics.com blt.owasp.org
www.google-analytics.com
www.googletagmanager.com
2 cdn.tailwindcss.com 1 redirects blt.owasp.org
2 cdnjs.cloudflare.com blt.owasp.org
cdnjs.cloudflare.com
1 www.googletagmanager.com www.google-analytics.com
1 cdn.mouseflow.com blt.owasp.org
1 www.basij.ir blt.owasp.org
1 www.tic.ir blt.owasp.org
1 owasp.org blt.owasp.org
1 www.owasp.org 1 redirects
1 www.labour.tn.gov.in blt.owasp.org
1 www.bugheist.com blt.owasp.org
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com blt.owasp.org
0 www.aja.ir Failed blt.owasp.org
50 16

This site contains links to these domains. Also see Links.

Domain
github.com
www.facebook.com
twitter.com
steemit.com
owasp.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-04 -
2024-05-03
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
www.bugheist.com
R3
2023-12-17 -
2024-03-16
3 months crt.sh
storage.googleapis.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
labour.tn.gov.in
R3
2023-11-16 -
2024-02-14
3 months crt.sh
*.tic.ir
Certum Domain Validation CA SHA2
2023-12-05 -
2024-12-04
a year crt.sh
basij.ir
Certum Domain Validation CA SHA2
2023-02-05 -
2024-02-05
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-01-09 -
2024-04-02
3 months crt.sh
cdn.mouseflow.com
Cloudflare Inc ECC CA-3
2023-10-25 -
2024-10-23
a year crt.sh

This page contains 1 frames:

Primary Page: https://blt.owasp.org/
Frame ID: B6D7247B95298957F409FFF2D89937A7
Requests: 50 HTTP requests in this frame

Screenshot

Page Title

BLT

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+lightbox(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

92 %
HTTPS

69 %
IPv6

13
Domains

16
Subdomains

14
IPs

3
Countries

2465 kB
Transfer

3812 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.1
Request Chain 32
  • https://www.owasp.org/favicon.ico HTTP 301
  • https://owasp.org/favicon.ico

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blt.owasp.org/
333 KB
10 KB
Document
General
Full URL
https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a45f3a8e114364d0fd2fca917306befc0a6d193162e327eb32c116ba1a64f4d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
84fd70f8ae494bcd-BUF
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
date
Sat, 03 Feb 2024 20:32:08 GMT
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy
same-origin
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992326&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=NIJpljiIZbgDiKSz4WKOhZe8QB6nna3%2FqVMxTots7tg%3D"}]}
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992326&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=NIJpljiIZbgDiKSz4WKOhZe8QB6nna3%2FqVMxTots7tg%3D
server
cloudflare
vary
Cookie, Accept-Language
via
1.1 vegur
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
bootstrap.css
blt.owasp.org/static/vendor/bootstrap/css/
151 KB
22 KB
Stylesheet
General
Full URL
https://blt.owasp.org/static/vendor/bootstrap/css/bootstrap.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7655c00ab4f279d1f104fccd3487ecfe638e5b83c46d4539c111d528b5515f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-25d10"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fd34bcd-BUF
style.css
blt.owasp.org/static/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://blt.owasp.org/static/css/style.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ab5db772af2241622ff08db6331f7b30d7dc0e821c2fb8873c02b45eeb04a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-2263"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fd84bcd-BUF
lightbox.min.css
blt.owasp.org/static/css/
3 KB
956 B
Stylesheet
General
Full URL
https://blt.owasp.org/static/css/lightbox.min.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
894fd68751cc02cfcd829bab0c0bb5e1eed2dc592595c27968f9e93c37673ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-b1e"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fda4bcd-BUF
font-awesome.min.css
blt.owasp.org/static/vendor/font-awesome/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://blt.owasp.org/static/vendor/font-awesome/css/font-awesome.min.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-7187"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fdd4bcd-BUF
animate.css
blt.owasp.org/static/css/
78 KB
5 KB
Stylesheet
General
Full URL
https://blt.owasp.org/static/css/animate.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2791cd3d42fb553a90a6e252cb6bbc43362fb7fd5cc87dd5dff0f3aecbc2166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-1393b"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fdf4bcd-BUF
css
fonts.googleapis.com/
11 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e879f420aa6ae1bfa6719c539953674ebb131e49fc56c7b438c8b39011f74b09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 03 Feb 2024 20:32:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 03 Feb 2024 18:53:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Feb 2024 20:32:08 GMT
main.css
blt.owasp.org/static/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://blt.owasp.org/static/css/main.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b19e7365a1dafead070e6a5b0928b8f6523bef14cb73ef51f29e08ad5e79f93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-ea7"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fe14bcd-BUF
text-slider.css
blt.owasp.org/static/css/
340 B
270 B
Stylesheet
General
Full URL
https://blt.owasp.org/static/css/text-slider.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a7fb2b43b88c1bc8900dc37711cec67c3ee24fa45b5780ea9e3337cba87fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-154"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fe34bcd-BUF
activity.css
blt.owasp.org/static/css/
1 KB
438 B
Stylesheet
General
Full URL
https://blt.owasp.org/static/css/activity.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5249b86fbe4933e834df3fffae6fc7792a84bd9657c2f3018b2103940b240334
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-46a"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fe44bcd-BUF
navbar.css
blt.owasp.org/static/css/
3 KB
875 B
Stylesheet
General
Full URL
https://blt.owasp.org/static/css/navbar.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b38e0c8e06a17a64421fcf2fc504ee5f452cce3149a4561ca595b74275ec75b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-bd8"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/css; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fe54bcd-BUF
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/
99 KB
17 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://blt.owasp.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6342786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17188
last-modified
Mon, 25 Jul 2022 19:31:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62deef96-4324"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9bmReDwHW4t5xunCexrY5fCFOCKdWFIFyEgAKaTbbfhWtIMo4G9Lcm3JWjqGU50BfmmXBZos5V7tE%2Fb%2FHrXm3nHE4lSgOw1EG9dMCbga0U5xgvsf0igs67CsWYHbaHd3jVx1e3nCdy1NOSl%2BcHEpTWik"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84fd7105ccd94bcc-BUF
expires
Thu, 23 Jan 2025 20:32:08 GMT
jquery.min.js
blt.owasp.org/static/vendor/jquery/
84 KB
31 KB
Script
General
Full URL
https://blt.owasp.org/static/vendor/jquery/jquery.min.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-1514f"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71056fe64bcd-BUF
notify.js
blt.owasp.org/static/js/
25 KB
9 KB
Script
General
Full URL
https://blt.owasp.org/static/js/notify.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9883545ac9cb86b8ca0154217b6230d9fc5d6b33dd7db399b7b8ea08b9aff7f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-64a6"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71059ff84bcd-BUF
text-slider.js
blt.owasp.org/static/js/
426 B
271 B
Script
General
Full URL
https://blt.owasp.org/static/js/text-slider.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30594fd44eda21d1a7db08e84e04aceb1e92113c3ce7d2f60f11e3fd31fa7928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-1aa"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71059ff94bcd-BUF
3.4.1
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.1
359 KB
109 KB
Script
General
Full URL
https://cdn.tailwindcss.com/3.4.1
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Server
2606:4700:10::ac43:2910 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
151c30a9c3810c4a00decc7ac92110d0660b64b6e25973116935faa14d232a81
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000
last-modified
Fri, 05 Jan 2024 20:53:26 GMT
x-vercel-id
cle1::iad1::nrl2g-1704488004870-28d22f50c8bf
cf-cache-status
HIT
age
2504228
server
cloudflare
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
84fd71063d434bc9-BUF

Redirect headers

date
Sat, 03 Feb 2024 20:32:08 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
cle1::iad1::xlmnm-1706991690192-ad27f706064c
server
cloudflare
age
22
x-vercel-cache
MISS
vary
Accept-Encoding
location
/3.4.1
cache-control
max-age=14400
cf-ray
84fd7105ccd34bc9-BUF
content-length
0
BLT_TRANSPARENT.png
blt.owasp.org/static/img/
34 KB
34 KB
Image
General
Full URL
https://blt.owasp.org/static/img/BLT_TRANSPARENT.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba4a43b4da1547626e506b07b336acfe34ac4b0675f96d27e2b2a7a776d05b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-length
34392
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
"65bc4224-8658"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
image/png
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
vary
Accept-Language, Accept-Encoding
accept-ranges
bytes
cf-ray
84fd71059ffa4bcd-BUF
jquery.validate.js
blt.owasp.org/static/js/
50 KB
14 KB
Script
General
Full URL
https://blt.owasp.org/static/js/jquery.validate.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50926b3619b9a0aeed4bda5a214e6fb702114ecfd4c41dbecba3ed0ac28af704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-c7e4"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd71059ffb4bcd-BUF
activity.js
blt.owasp.org/static/js/
1 KB
498 B
Script
General
Full URL
https://blt.owasp.org/static/js/activity.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c139f347979e9e63ea06dff5cc34e38ba372e35478db47de9d2a20661d161e66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-501"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd710668ac4bcd-BUF
BLT_WHITE.png
blt.owasp.org/static/img/
65 KB
66 KB
Image
General
Full URL
https://blt.owasp.org/static/img/BLT_WHITE.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3219760da2242838068bf8e032c796777b28a3fd70dc32764f841cad68e206c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-length
66900
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
"65bc4224-10554"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
image/png
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
vary
Accept-Language, Accept-Encoding
accept-ranges
bytes
cf-ray
84fd710678b04bcd-BUF
blog.svg
blt.owasp.org/static/img/
1 KB
719 B
Image
General
Full URL
https://blt.owasp.org/static/img/blog.svg
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96391e306d0190e27a9a2dd6359fb69e9787632fa626e9b4b2998a4c163a891d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-420"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
image/svg+xml
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd710729214bcd-BUF
bootstrap.min.js
blt.owasp.org/static/vendor/bootstrap/js/
36 KB
10 KB
Script
General
Full URL
https://blt.owasp.org/static/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-90b5"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd710729224bcd-BUF
ui.js
blt.owasp.org/static/js/
2 KB
731 B
Script
General
Full URL
https://blt.owasp.org/static/js/ui.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cc2cab349ffc8d99402496e8089f09f2a312917635a8df257ceb90cdaf54f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:08 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-767"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992328&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=XOVqDjPUeGsrUA3fyE%2Bytuk2JHu3k7XdhAcpJOdrOL4%3D"}]}
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd710729244bcd-BUF
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://blt.owasp.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 01:26:11 GMT
x-content-type-options
nosniff
age
327958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jan 2025 01:26:11 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/
151 KB
152 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
Origin
https://blt.owasp.org
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6347048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
154840
last-modified
Mon, 25 Jul 2022 19:31:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62deef96-25cd8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dj0eKgl%2F5bZeJA9SKRmS3XQXH97ry%2FugO6azg0ICbz0q4jEuuvWsLnzHfBsFknyBsK1Y7cSvZR5u1TkHi6rEpzJ%2F2EIVo1bDL8ZLhMiMShlPkl9K4FulqFshsxKyKCmxJXIeOLOHomIUT7M65jgsUeVm"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84fd71085e784bcc-BUF
expires
Thu, 23 Jan 2025 20:32:09 GMT
dummy-user.png
blt.owasp.org/static/images/
4 KB
4 KB
Image
General
Full URL
https://blt.owasp.org/static/images/dummy-user.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5b306a4520eee9bfc45ac997e8a5915d1efcab2fe5e621841f0f7699772d898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-length
3822
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992329&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ssaXkxCJX2PqxVN%2FMU3cxTKxVp2xPFIDyxHSNzjVwNs%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
"65bc4224-eee"
x-frame-options
SAMEORIGIN
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992329&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ssaXkxCJX2PqxVN%2FMU3cxTKxVp2xPFIDyxHSNzjVwNs%3D"}]}
content-type
image/png
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
vary
Accept-Language, Accept-Encoding
accept-ranges
bytes
cf-ray
84fd71095bbb4bcd-BUF
favicon.ico
www.bugheist.com/
0
0
Image
General
Full URL
https://www.bugheist.com/favicon.ico
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.226.182.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-182-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

IMG_0196.pnge1e264fb-acdf-4cd7-9f6b-651fe273b53f.png
storage.googleapis.com/bhfiles/screenshots/
205 KB
206 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/IMG_0196.pnge1e264fb-acdf-4cd7-9f6b-651fe273b53f.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e24ea8efbbdfb3a3f7132f30a99afe52323c536a6d2cc30c87a34578afabc137

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPra0iXyk-C9gVLkfSRUnJB6zZ9lC3WWJ2W5EE1vU5h9j9UIVO-3o_1H4IYoaNMkgbhW7eA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
210243
last-modified
Fri, 26 Jan 2024 05:09:16 GMT
server
UploadServer
etag
"f82d5f8df77c693f74ce5f847862c025"
x-goog-generation
1706245756015745
content-type
image/png
x-goog-hash
crc32c=VjunBw==, md5=+C1fjfd8aT90zl+EeGLAJQ==
cache-control
public, max-age=3600
x-goog-stored-content-length
210243
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
Screenshot%20from%202024-01-20%2013-51-25.png4dab50f7-6496-471b-ba67-63c2824cfba4.png
storage.googleapis.com/bhfiles/screenshots/
23 KB
23 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/Screenshot%20from%202024-01-20%2013-51-25.png4dab50f7-6496-471b-ba67-63c2824cfba4.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
47fce0014718b4039681df4df0925562544e7822146cdc6aac914eac1f113563

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPqnMciVzUprwdKcMh3rFbS-mahKMxMnXg2vJUJ-ws1zoDeSRGYTrzs4U16yN7i03o_PrHw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23417
last-modified
Sat, 20 Jan 2024 18:54:39 GMT
server
UploadServer
etag
"ce0562b2166120a615e0c31acc05ff12"
x-goog-generation
1705776879163175
content-type
image/png
x-goog-hash
crc32c=r4XC0Q==, md5=zgVishZhIKYV4MMazAX/Eg==
cache-control
public, max-age=3600
x-goog-stored-content-length
23417
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
Screenshot%20from%202023-11-11%2014-52-25.pnge0227c3f-3b9f-4e55-96dd-022d31624e1c.png
storage.googleapis.com/bhfiles/screenshots/
23 KB
24 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/Screenshot%20from%202023-11-11%2014-52-25.pnge0227c3f-3b9f-4e55-96dd-022d31624e1c.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e300ec7cb8c6cc863d41c95054c20510872fffcc779eb09495f35badda76bddf

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPq4uW04dxjQB5iFrUfQkwOIzECt_lXtY0LfiQdtBaypnT0UIlKD07wvPheIRDAr-FFJ_P4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23971
last-modified
Sat, 11 Nov 2023 19:53:03 GMT
server
UploadServer
etag
"5de0523a323c3eab3860e9bc71ae2b54"
x-goog-generation
1699732383559098
content-type
image/png
x-goog-hash
crc32c=mM/3JA==, md5=XeBSOjI8Pqs4YOm8ca4rVA==
cache-control
public, max-age=3600
x-goog-stored-content-length
23971
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
my_photo.jpg
storage.googleapis.com/bhfiles/avatars/user_1193/
1 MB
1 MB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/avatars/user_1193/my_photo.jpg
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f24caa20084fbaf930de8985388b0b7ce27603f511463580d676c0e9361905fe

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPqwxlyQEjSree1VxMiKrK_XEGaSbkCxRnbfeEAkURh4qEoLOhDGOe5yVHGbwzDnQl3Clmg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1271632
last-modified
Fri, 10 Nov 2023 08:53:05 GMT
server
UploadServer
etag
"8785094d7e4585b8715267f7ca6f4e7f"
x-goog-generation
1699606385298809
content-type
image/jpeg
x-goog-hash
crc32c=sbQj3A==, md5=h4UJTX5FhbhxUmf3ym9Ofw==
cache-control
public, max-age=3600
x-goog-stored-content-length
1271632
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
favicon.ico
www.labour.tn.gov.in/
0
0
Image
General
Full URL
https://www.labour.tn.gov.in/favicon.ico
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.100.134.191 , India, ASN4758 (NICNET-VSNL-BOARDER-AP National Informatics Centre, IN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Labout%20Tamilnadu%20Govt%20-%20RXSS%20PoC.png3ad43b6f-2f20-45e4-a2cc-c14b0fcfb6ed.png
storage.googleapis.com/bhfiles/screenshots/
16 KB
16 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/Labout%20Tamilnadu%20Govt%20-%20RXSS%20PoC.png3ad43b6f-2f20-45e4-a2cc-c14b0fcfb6ed.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
afc90c2b51eab054bb90d73f811e61babf68af54c2ebb89d7d1deece212ae42f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPp7JoSwOQwEoF8nzyU3-gyGMoN3ZfVb2GQEqdpBgFeMioglMZ-OpWOVfrCeyRAL5lgZ-0I
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16293
last-modified
Fri, 10 Nov 2023 08:50:57 GMT
server
UploadServer
etag
"6d697c2b58daf849e57b35346f4d1b20"
x-goog-generation
1699606257430235
content-type
image/png
x-goog-hash
crc32c=tLgODA==, md5=bWl8K1ja+EnlezU0b00bIA==
cache-control
public, max-age=3600
x-goog-stored-content-length
16293
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
favicon.ico
owasp.org/
Redirect Chain
  • https://www.owasp.org/favicon.ico
  • https://owasp.org/favicon.ico
0
0
Image
General
Full URL
https://owasp.org/favicon.ico
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Redirect headers

x-fastly-request-id
3a85e0bedc19742945473a64f2b4c978e447e12e
date
Sat, 03 Feb 2024 20:32:09 GMT
via
1.1 varnish
cf-cache-status
MISS
server
cloudflare
x-github-request-id
1236:0ECC:5D9C27D:7873F99:65BEA2C8
x-timer
S1706992329.298324,VS0,VE10
vary
Accept-Encoding
x-cache
MISS
content-type
text/html
location
https://owasp.org/favicon.ico
cache-control
max-age=14400
x-served-by
cache-nyc-kteb1890076-NYC
cf-ray
84fd7109ec4e4bcd-BUF
x-cache-hits
0
Screenshot%20from%202023-11-04%2015-43-45.png370110bd-1945-4826-a3b7-ef41761c0f9b.png
storage.googleapis.com/bhfiles/screenshots/
111 KB
112 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/Screenshot%20from%202023-11-04%2015-43-45.png370110bd-1945-4826-a3b7-ef41761c0f9b.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3a4e9d758e7a476064ede4f1516405510485ce387b2ed40e40d9fe9114191679

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPrghMNdmr8kA3sd17EC9ZRVK0J9tLH83QMHMn9s61yQao-sl3l3U2WxnyYBCb2J4TOGbGE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114166
last-modified
Sat, 04 Nov 2023 19:45:05 GMT
server
UploadServer
etag
"f3c9b546a0d9db1726301960219b4184"
x-goog-generation
1699127104965138
content-type
image/png
x-goog-hash
crc32c=PifIbg==, md5=88m1RqDZ2xcmMBlgIZtBhA==
cache-control
public, max-age=3600
x-goog-stored-content-length
114166
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
Screenshot%20from%202023-10-30%2022-32-56.png32b4812d-aa60-4a07-808d-31ed98ad0017.png
storage.googleapis.com/bhfiles/screenshots/
8 KB
8 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/Screenshot%20from%202023-10-30%2022-32-56.png32b4812d-aa60-4a07-808d-31ed98ad0017.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7b4dab90242ad971a404e90443c78d8e3f4f4a9d21467af29a5ae43685bf1bd2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPoP2uMhws4Vv5FU_NATAy4DTJIzhdErRU6WtrpzdIn18nni1KLEtmW06YxfBmJNw4rdGQk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8238
last-modified
Tue, 31 Oct 2023 01:35:50 GMT
server
UploadServer
etag
"75cb0f33563a4521fa137326dd4323b2"
x-goog-generation
1698716150105018
content-type
image/png
x-goog-hash
crc32c=e5Zl6A==, md5=dcsPM1Y6RSH6E3Mm3UMjsg==
cache-control
public, max-age=3600
x-goog-stored-content-length
8238
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
Screenshot%20from%202023-10-30%2022-32-56.png6070246b-6e27-4f74-9226-9b0a0215cc38.png
storage.googleapis.com/bhfiles/screenshots/
8 KB
8 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/Screenshot%20from%202023-10-30%2022-32-56.png6070246b-6e27-4f74-9226-9b0a0215cc38.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7b4dab90242ad971a404e90443c78d8e3f4f4a9d21467af29a5ae43685bf1bd2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPpt0ofjVns6tg2OG_5xsae4i981y7guSdFc8_J0u-CHTx4ssnv2BJ-a5YOWeCgYHZwy7aU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8238
last-modified
Tue, 31 Oct 2023 01:35:09 GMT
server
UploadServer
etag
"75cb0f33563a4521fa137326dd4323b2"
x-goog-generation
1698716109421790
content-type
image/png
x-goog-hash
crc32c=e5Zl6A==, md5=dcsPM1Y6RSH6E3Mm3UMjsg==
cache-control
public, max-age=3600
x-goog-stored-content-length
8238
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
ekugl4om_400x400.jpg
storage.googleapis.com/bhfiles/avatars/user_1162/
21 KB
22 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/avatars/user_1162/ekugl4om_400x400.jpg
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a99846ea07709996dcbda4b3af6cbe32d11532c8173aa43ead3138cb7708dada

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPpuS_Fu_aLYgQA6IA7LFwAHOacQvQbvAu8hulKaP4_1BRnfJYN819H6O_4hJfSOg8RewVc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21849
last-modified
Wed, 01 Mar 2023 10:01:15 GMT
server
UploadServer
etag
"68a441d309aed31d3f8a5ac2e8af3afa"
x-goog-generation
1677664875860793
content-type
image/jpeg
x-goog-hash
crc32c=NprTqQ==, md5=aKRB0wmu0x0/ilrC6K86+g==
cache-control
public, max-age=3600
x-goog-stored-content-length
21849
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
favicon.ico
www.tic.ir/
0
0
Image
General
Full URL
https://www.tic.ir/favicon.ico
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.191.24.17 , Iran, Islamic Republic Of, ASN12880 (DCI-AS, IR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

tic.png7454d559-aaec-4b88-9665-226e0286b663.png
storage.googleapis.com/bhfiles/screenshots/
33 KB
33 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/tic.png7454d559-aaec-4b88-9665-226e0286b663.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
20109cdb77d05ded23e10c7a749a8444226aeb0e05d872959eb832181b7375cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPqUCKUoN1h1o4IurLVpEK0_m3JUJdDjyhqyhG5fNGewQ-WzYgi8bkmsegySNLUG4ftvvmM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33860
last-modified
Sun, 25 Jun 2023 10:10:33 GMT
server
UploadServer
etag
"6786fb3e0e4e950771b7a1077e931da0"
x-goog-generation
1687687833309348
content-type
image/png
x-goog-hash
crc32c=mAAwkw==, md5=Z4b7Pg5OlQdxt6EHfpMdoA==
cache-control
public, max-age=3600
x-goog-stored-content-length
33860
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
favicon.ico
www.aja.ir/
0
0

aja.pnge53bee5e-534c-4e99-81a1-e3f78764ae4a.png
storage.googleapis.com/bhfiles/screenshots/
33 KB
34 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/aja.pnge53bee5e-534c-4e99-81a1-e3f78764ae4a.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
726f9d266dc51066027c7c7bc9e6d5899989af331c251049205ff063ff51c028

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPrQTiznKTt_PBsSz66DwA0HL5BHfuQ8ofAHryZDVXb8GYR2RWWTPAnyxqLu6huVdlhULcU
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
last-modified
Sun, 25 Jun 2023 10:08:27 GMT
server
UploadServer
etag
"96073b38aceb356212ddb00ffa09d684"
x-goog-generation
1687687707397876
content-type
image/png
x-goog-hash
crc32c=JnUFLA==, md5=lgc7OKzrNWIS3bAP+gnWhA==
cache-control
public, max-age=3600
x-goog-stored-content-length
34108
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
favicon.ico
www.basij.ir/
0
0
Image
General
Full URL
https://www.basij.ir/favicon.ico
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.221.81.102 , Iran, Islamic Republic Of, ASN50733 (BINA-AS, IR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

basij.png6a33f105-170b-402b-9893-9535efc87af9.png
storage.googleapis.com/bhfiles/screenshots/
28 KB
28 KB
Image
General
Full URL
https://storage.googleapis.com/bhfiles/screenshots/basij.png6a33f105-170b-402b-9893-9535efc87af9.png
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
92595a850bae29fcfe49fae5e2a3cde6deb090a3febfb01fe4dfe87430d22fc2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
x-guploader-uploadid
ABPtcPpxGDkm-CGZywFfmz96s9bjywQU22I9MbKKDYooDt2yWQ24uHTALxFc7FtFqgBYsGX020I
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28415
last-modified
Sun, 25 Jun 2023 10:07:02 GMT
server
UploadServer
etag
"42d56e82f922984fc8a5813aa6144862"
x-goog-generation
1687687622185675
content-type
image/png
x-goog-hash
crc32c=+4J9AQ==, md5=QtVugvkimE/IpYE6phRIYg==
cache-control
public, max-age=3600
x-goog-stored-content-length
28415
accept-ranges
bytes
expires
Sat, 03 Feb 2024 21:32:09 GMT
gb.svg
blt.owasp.org/static/img/flags/
535 B
475 B
Image
General
Full URL
https://blt.owasp.org/static/img/flags/gb.svg
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/static/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1a4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51a8613ac1b05eafb9486e6420336bd8b95dae7a9d11def6318776a61c701a08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://blt.owasp.org/static/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
via
1.1 vegur
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
content-encoding
br
reporting-endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1706992329&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ssaXkxCJX2PqxVN%2FMU3cxTKxVp2xPFIDyxHSNzjVwNs%3D
referrer-policy
same-origin
last-modified
Fri, 02 Feb 2024 01:15:16 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65bc4224-217"
vary
Accept-Encoding, Accept-Language
report-to
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1706992329&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ssaXkxCJX2PqxVN%2FMU3cxTKxVp2xPFIDyxHSNzjVwNs%3D"}]}
content-type
image/svg+xml
access-control-allow-origin
*
content-language
en
cache-control
public, max-age=14400
x-frame-options
SAMEORIGIN
cf-ray
84fd7109ec604bcd-BUF
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 03 Feb 2024 20:06:18 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1551
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 03 Feb 2024 22:06:18 GMT
efbbebea-436f-4b6f-9290-14ab36c8f636.js
cdn.mouseflow.com/projects/
195 KB
58 KB
Script
General
Full URL
https://cdn.mouseflow.com/projects/efbbebea-436f-4b6f-9290-14ab36c8f636.js
Requested by
Host: blt.owasp.org
URL: https://blt.owasp.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e082ad6b61d3918b7b94cb1edadc078300d6b3b62710b4f29378f621ce964e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-cache-status
MISS
alt-svc
h3=":443"; ma=86400
x-mf-script-region
US
last-modified
Sun, 07 Jan 2024 08:35:26 GMT
server
cloudflare
etag
W/"1338b6764441da1:0"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
84fd710abc284bc3-BUF
expires
Sun, 04 Feb 2024 20:32:09 GMT
collect
www.google-analytics.com/j/
15 B
219 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1689545790&t=pageview&_s=1&dl=https%3A%2F%2Fblt.owasp.org%2F&ul=en-us&de=UTF-8&dt=BLT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=184148785&gjid=353218550&cid=155568920.1706992329&tid=UA-66634107-1&_gid=1919625096.1706992329&_r=1&_slc=1&z=1040984862
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a2305c57c77552f4e156381091ce9c15f3eaf1d0d064071c3ddb10dd89017405
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Feb 2024 20:32:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blt.owasp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
231 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TJDHVT49Y0&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7f00412a5dfc189c3ac3ff50e070597ac98268bf05d2553c245e3def6ed0bc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 20:32:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83895
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 03 Feb 2024 20:32:09 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TJDHVT49Y0&gtm=45je41v0v9126556116za200&_p=1706992329669&gcd=11l1l1l1l2&npa=0&dma=0&ul=en-us&sr=1600x1200&cid=155568920.1706992329&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fblt.owasp.org%2F&dt=BLT&sid=1706992329&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3496
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TJDHVT49Y0&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Feb 2024 20:32:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://blt.owasp.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.aja.ir
URL
https://www.aja.ir/favicon.ico

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| tailwind string| /template.html function| example string| GoogleAnalyticsObject function| ga object| _mfq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| mouseflowHeatmap object| mouseflow object| google_tag_manager

5 Cookies

Domain/Path Name / Value
blt.owasp.org/ Name: csrftoken
Value: hrjmrVW0Ycc5JOAeO9mmGInguQ50XXuN
.owasp.org/ Name: _ga
Value: GA1.2.155568920.1706992329
.owasp.org/ Name: _gid
Value: GA1.2.1919625096.1706992329
.owasp.org/ Name: _gat
Value: 1
.owasp.org/ Name: _ga_TJDHVT49Y0
Value: GS1.2.1706992329.1.0.1706992329.0.0.0

25 Console Messages

Source Level URL
Text
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.labour.tn.gov.in/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.owasp.org/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.tic.ir/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.aja.ir/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26303)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.basij.ir/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.labour.tn.gov.in/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.owasp.org/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.bugheist.com/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.tic.ir/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.aja.ir/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://blt.owasp.org/(Line 26306)
Message:
Mixed Content: The page at 'https://blt.owasp.org/' was loaded over HTTPS, but requested an insecure element 'http://www.basij.ir/favicon.ico'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://www.bugheist.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://owasp.org/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.tic.ir/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://www.basij.ir/favicon.ico
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network error URL: https://www.labour.tn.gov.in/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blt.owasp.org
cdn.mouseflow.com
cdn.tailwindcss.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
owasp.org
storage.googleapis.com
www.aja.ir
www.basij.ir
www.bugheist.com
www.google-analytics.com
www.googletagmanager.com
www.labour.tn.gov.in
www.owasp.org
www.tic.ir
www.aja.ir
164.100.134.191
2606:4700:10::6816:1a4d
2606:4700:10::ac43:2910
2606:4700::6811:180e
2606:4700::6812:1a32
2607:f8b0:4006:809::200e
2607:f8b0:4006:80d::201b
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:820::2008
3.226.182.14
80.191.24.17
89.221.81.102
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
151c30a9c3810c4a00decc7ac92110d0660b64b6e25973116935faa14d232a81
1ab5db772af2241622ff08db6331f7b30d7dc0e821c2fb8873c02b45eeb04a5a
20109cdb77d05ded23e10c7a749a8444226aeb0e05d872959eb832181b7375cb
2ba4a43b4da1547626e506b07b336acfe34ac4b0675f96d27e2b2a7a776d05b0
30594fd44eda21d1a7db08e84e04aceb1e92113c3ce7d2f60f11e3fd31fa7928
31cc2cab349ffc8d99402496e8089f09f2a312917635a8df257ceb90cdaf54f5
3219760da2242838068bf8e032c796777b28a3fd70dc32764f841cad68e206c2
3a4e9d758e7a476064ede4f1516405510485ce387b2ed40e40d9fe9114191679
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
47fce0014718b4039681df4df0925562544e7822146cdc6aac914eac1f113563
4b38e0c8e06a17a64421fcf2fc504ee5f452cce3149a4561ca595b74275ec75b
50926b3619b9a0aeed4bda5a214e6fb702114ecfd4c41dbecba3ed0ac28af704
51a8613ac1b05eafb9486e6420336bd8b95dae7a9d11def6318776a61c701a08
5249b86fbe4933e834df3fffae6fc7792a84bd9657c2f3018b2103940b240334
52bbd916956b4ed8b9d71d1784e4008b207814ec506203326fb36052f3451adb
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
726f9d266dc51066027c7c7bc9e6d5899989af331c251049205ff063ff51c028
7b4dab90242ad971a404e90443c78d8e3f4f4a9d21467af29a5ae43685bf1bd2
894fd68751cc02cfcd829bab0c0bb5e1eed2dc592595c27968f9e93c37673ba7
8b19e7365a1dafead070e6a5b0928b8f6523bef14cb73ef51f29e08ad5e79f93
92595a850bae29fcfe49fae5e2a3cde6deb090a3febfb01fe4dfe87430d22fc2
96391e306d0190e27a9a2dd6359fb69e9787632fa626e9b4b2998a4c163a891d
9883545ac9cb86b8ca0154217b6230d9fc5d6b33dd7db399b7b8ea08b9aff7f5
a2305c57c77552f4e156381091ce9c15f3eaf1d0d064071c3ddb10dd89017405
a45f3a8e114364d0fd2fca917306befc0a6d193162e327eb32c116ba1a64f4d1
a5b306a4520eee9bfc45ac997e8a5915d1efcab2fe5e621841f0f7699772d898
a7f00412a5dfc189c3ac3ff50e070597ac98268bf05d2553c245e3def6ed0bc5
a99846ea07709996dcbda4b3af6cbe32d11532c8173aa43ead3138cb7708dada
afc90c2b51eab054bb90d73f811e61babf68af54c2ebb89d7d1deece212ae42f
b7e082ad6b61d3918b7b94cb1edadc078300d6b3b62710b4f29378f621ce964e
c139f347979e9e63ea06dff5cc34e38ba372e35478db47de9d2a20661d161e66
c5e8e8eb22e2eaf1ad02370c22c63c04774ab0b83b4329d5945333750814bb2f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e24ea8efbbdfb3a3f7132f30a99afe52323c536a6d2cc30c87a34578afabc137
e2791cd3d42fb553a90a6e252cb6bbc43362fb7fd5cc87dd5dff0f3aecbc2166
e300ec7cb8c6cc863d41c95054c20510872fffcc779eb09495f35badda76bddf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e879f420aa6ae1bfa6719c539953674ebb131e49fc56c7b438c8b39011f74b09
eb7655c00ab4f279d1f104fccd3487ecfe638e5b83c46d4539c111d528b5515f
f24caa20084fbaf930de8985388b0b7ce27603f511463580d676c0e9361905fe
f8a7fb2b43b88c1bc8900dc37711cec67c3ee24fa45b5780ea9e3337cba87fed