socket.dev Open in urlscan Pro
2606:4700:20::681a:485 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers
Submission: On November 11 via api (November 11th 2024, 1:04:42 pm UTC) from IN — Scanned from DE

Summary HTTP 130 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 130 HTTP transactions. The main IP is 2606:4700:20::681a:485, located in United States and belongs to CLOUDFLARENET, US. The main domain is socket.dev.
TLS certificate: Issued by WE1 on October 28th 2024. Valid for: 3 months.

This is the only time socket.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
44	2606:4700:20:... 2606:4700:20::681a:485	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.149.250.58 34.149.250.58	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
130	3

44 2606:4700:20::681a:485 (United States)

ASN13335 (CLOUDFLARENET, US)

socket.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.250.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.250.149.34.bc.googleusercontent.com

cdn.sanity.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	socket.dev socket.dev	1 MB
3	sanity.io cdn.sanity.io — Cisco Umbrella Rank: 11451	135 KB
130	2

	Domain	Requested by
44	socket.dev	socket.dev
3	cdn.sanity.io	socket.dev
130	2

This site contains links to these domains. Also see Links.

Domain
www.forbes.com
docs.socket.dev
fortune.com
www.twitter.com
www.linkedin.com
www.facebook.com
corp.roblox.com
backlinko.com
www.npmjs.com
npm-stat.com
devforum.roblox.com
pypi.org
www.pepy.tech
github.com
tria.ge
chromewebstore.google.com
addons.mozilla.org
feedback.socket.dev
discord.gg
status.socket.dev
twitter.com

Subject Issuer	Validity	Valid
socket.dev WE1	`2024-10-28` - `2025-01-26`	3 months	crt.sh
*.sanity.io Sectigo RSA Domain Validation Secure Server CA	`2024-09-18` - `2025-09-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers
Frame ID: 3C76A18479F09F6BF995F5877DA92BE9
Requests: 130 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Roblox Developers Targeted with npm Packages Infected with S...

Page Statistics

130
Requests

36 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1251 kB
Transfer

3576 kB
Size

0
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.forbes.com/sites/davidprosser/2024/10/22/how-socket-plans-to-save-the-world-from-open-source-attacks/
Title: Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →

Search URL Search Domain Scan URL

URL: https://docs.socket.dev/
Title: DocsWant to read all the docs? Start here

Search URL Search Domain Scan URL

URL: https://fortune.com/ranking/cyber
Title: Fortune Cyber 60

Search URL Search Domain Scan URL

URL: https://www.twitter.com/intent/tweet?text=Roblox%20Developers%20Targeted%20with%20npm%20Packages%20Infected%20with%20Skuld%20Infostealer%20and%20Blank%20Grabber%20https%3A%2F%2Fsocket.dev%2Fblog%2Froblox-developers-targeted-with-npm-packages-infected-with-infostealers

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fsocket.dev%2Fblog%2Froblox-developers-targeted-with-npm-packages-infected-with-infostealers&title=Roblox%20Developers%20Targeted%20with%20npm%20Packages%20Infected%20with%20Skuld%20Infostealer%20and%20Blank%20Grabber

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fsocket.dev%2Fblog%2Froblox-developers-targeted-with-npm-packages-infected-with-infostealers&quote=Roblox%20Developers%20Targeted%20with%20npm%20Packages%20Infected%20with%20Skuld%20Infostealer%20and%20Blank%20Grabber

Search URL Search Domain Scan URL

URL: https://corp.roblox.com/newsroom/2024/09/rdc-2024-robloxs-next-frontier
Title: boasts

Search URL Search Domain Scan URL

URL: https://backlinko.com/roblox-users
Title: community

Search URL Search Domain Scan URL

URL: https://www.npmjs.com/package/@akashbabu/node-dll
Title: node-dll

Search URL Search Domain Scan URL

URL: https://npm-stat.com/charts.html?package=%40akashbabu%2Fnode-dll&from=2021-10-27&to=2024-10-27
Title: downloaded

Search URL Search Domain Scan URL

URL: https://devforum.roblox.com/t/rolimons-api-module/2015062
Title: Rolimon’s API Module

Search URL Search Domain Scan URL

URL: https://pypi.org/project/rolimons/
Title: rolimons

Search URL Search Domain Scan URL

URL: https://www.pepy.tech/projects/rolimons
Title: downloaded

Search URL Search Domain Scan URL

URL: https://github.com/Accutrix/Rolimons
Title: Rolimons

Search URL Search Domain Scan URL

URL: https://github.com/hackirby/skuld
Title: Skuld infostealer

Search URL Search Domain Scan URL

URL: https://github.com/Blank-c/Blank-Grabber
Title: Blank Grabber

Search URL Search Domain Scan URL

URL: https://tria.ge/241029-ar928symhp/behavioral2
Title: Discord webhooks

Search URL Search Domain Scan URL

URL: https://tria.ge/241022-hhz5nssdqc/behavioral2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://chromewebstore.google.com/detail/socket-security/jbcobpbfgkhmjfpjjepkcocalmpkiaop
Title: It takes just 10 seconds to install and get started

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/socket-security/
Title: available for Firefox

Search URL Search Domain Scan URL

URL: https://feedback.socket.dev/
Title: Roadmap

Search URL Search Domain Scan URL

URL: https://discord.gg/JkhgPpXDSd
Title: Discord Community

Search URL Search Domain Scan URL

URL: https://status.socket.dev/
Title: System Status

Search URL Search Domain Scan URL

URL: https://twitter.com/SocketSecurity

Search URL Search Domain Scan URL

URL: https://github.com/SocketDev

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/socketinc/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

130 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request roblox-developers-targeted-with-npm-packages-infected-with-infostealers Show response
socket.dev/blog/ 297 KB
63 KB 925ms
889ms Document
text/html 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c78bd114411f702c36075ae91b7f6ad92aac0ffcec3fb848ed21d844c1ca0dcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=600, stale-while-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e0e7c5ddfd54dac-FRA
content-encoding: gzip
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Mon, 11 Nov 2024 13:04:03 GMT
document-policy: document-write=?0
etag: "4kh1qbnh9w6i8v"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYEJfJo4gtDATlWMnhDpnOMGiLc8OLzDkfLQie8c2eoCZXlXVJFSSogGbKebHZgH0jJ4T%2BVbUcAFDiSxwT77r5gNPwa%2FDe1CmckGqhfUTCDoNKWdD5uJgGrJdDUdvokyKkPbcfWkIaM%3D"}],"group":"cf-nel","max_age":604800}
rndr-id: 2f2933f9-2b16-41de
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=21895&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4230&recv_bytes=4478&delivery_rate=566&cwnd=12000&unsent_bytes=0&cid=c7a6146db9225818&ts=856&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-nextjs-cache: HIT
x-render-origin-server: Render

GET
H3 200 image
socket.dev/_next/ 1 KB
2 KB 488ms
486ms Image
image/webp 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://socket.dev/_next/image?url=%2Fimages%2Flogo-280x80.png&w=96&q=75

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4147a8fbadd5aaca2cd54d79fcc0001a45a7029f0e7a5bb0fb16093998f7876d

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

cf-cache-status: DYNAMIC
etag: QUeo+63Vqsos1U15-MAAGkWnAp8Oeluw+xYJOZj3h20=
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vb2QKeY1bp%2FOcAU3talSA0UVx%2BdcBDXIWfZUYrQc9XvteDEbXxpFEmszQ6XbeNRrcfu1rNun9V9jCmbzbtg51ZfQlAqinRgvcAeD%2BLSQjgoFUV%2B4oYtDzwyhX2RJEWXAItZl%2FBJc5bY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 59e5d936-2735-4d4b
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=39255&sent=742&recv=157&lost=2&retrans=2&sent_bytes=836969&recv_bytes=20555&delivery_rate=2432388&cwnd=207690&unsent_bytes=0&cid=c7a6146db9225818&ts=1421&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: image/webp
content-disposition: inline; filename="logo-280x80.webp"
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=60, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c639c864dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
content-length: 1252
x-nextjs-cache: STALE
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 162fba20b9960c0e.css
socket.dev/_next/static/css/ 8 KB
3 KB 49ms
47ms Stylesheet
text/css 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/css/162fba20b9960c0e.css

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ce42e74a5b178907727000e970f860137da663984c18fa4c5c13ef7733f7ebf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"205c-192ff2abd20"
age: 442409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t6pKwAgmEqknIN4vpcV0L2Pdh2lFldA%2BifgiYLlw4pHqdiw1Kgq81oYH0aF3E17nUWJMu0emTAsWCShANeySY4siIAD9C4XvKSjZtZ2Gg3LVyor1ydxiibB5A%2F%2FIkWosKgQmWKH2SjY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: dea2a2b4-d571-479e
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=72&recv=41&lost=0&retrans=0&sent_bytes=69898&recv_bytes=6519&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=973&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 06 Nov 2024 01:50:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c639c8a4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 webpack-ec80483d6c7ed0bc.js Show response
socket.dev/_next/static/chunks/ 6 KB
4 KB 38ms
35ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/webpack-ec80483d6c7ed0bc.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fb71befddb6b0366f47e4e8d50284123e11d76ff5b975780154527222864890

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"174f-19309890d08"
age: 297736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ld8lr0T5gTkOhFjtmvjhKXqOo%2FT3rRh%2BUq9dO2YWm3IL%2FZGIQQShn%2BCPCe3CaacpYusV5uPDnlLn9k%2FgFH3uWjvYjZmlztIn0pkfa67L1x%2F5QwoBcGu%2BtZtR24%2FC4pzrpmo%2B2VDNyNU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 775ce1b5-f95a-4274
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=77&recv=65&lost=0&retrans=0&sent_bytes=73275&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=990&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 02:09:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bca34dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 framework-8d83868bf6469d6b.js Show response
socket.dev/_next/static/chunks/ 138 KB
46 KB 45ms
41ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/framework-8d83868bf6469d6b.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

094f2cb246ad82c2d6a3e9e25361cd2ca8048e9ab3f6345de1379bb0201eeda8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"22698-192fa09f2e8"
age: 523727
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WowUd%2BsDZO3f09TimlcLrdHVvxKc8y0bdx6zZnYK6kEP5unxGwms1lkFvH2JXZpiq9wP5My01RoMUeQQoETOIsZmj%2FJxdZQQF8iu3Nt39nDuqwUnplOk7LJcNUF8e4aFR8GoNhpI%2Fuk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 57e884ff-6662-4269
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=996&x=1", cfHdrFlush;dur=1
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 05 Nov 2024 01:56:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bca44dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 main-8aaef9059cd2967e.js Show response
socket.dev/_next/static/chunks/ 128 KB
39 KB 72ms
68ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/main-8aaef9059cd2967e.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9130a748edf535f463a651b0b033ff08ebca668f41544cf78ddb843d9cc056cb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"20008-192deb638a8"
age: 1016039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH5dK8vV1dEovCgMS%2FN%2BXVeSmbXEfthNVNQDouaGo7p9JjHORfD%2BzTqOA0U7G0CEM%2FyaUxU1U6JyaUsXv%2BiJ5fgjOQtrgbUkGOoThJOTuBko5NNFAgQoIS2Qi2%2FQgY3rOkq%2FVjFmuMQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: de67215e-f78e-45f5
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=996&x=1", cfHdrFlush;dur=14
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bca74dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 _app-b91a3a81e2b4015d.js Show response
socket.dev/_next/static/chunks/pages/ 1 MB
340 KB 40ms
36ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8520eb31309d87388d49d1f7fa1ec3bd37f0b8f4c484f6000fb063b60826e3df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"11bf16-1930d5ae910"
age: 233590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bop6ipk3XYKesZq%2B7lZUI4Ndgz88sJ47wrcP9wTM%2F%2BylUI4K6rOSfKyOq58l69A5PwaH9JLw5J%2BXYEU1c%2Bh5KWx0imyktlWDl2WTM3g1349P6c3xVqxnSPbwAGD%2BQ7sqVNqHVf5PEKQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 9b4e4897-72b4-4200
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=81&recv=65&lost=0&retrans=0&sent_bytes=77922&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=992&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 19:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bca84dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 019d026b-ac56dd762051201a.js Show response
socket.dev/_next/static/chunks/ 2 KB
3 KB 73ms
69ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/019d026b-ac56dd762051201a.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89451b62864b2df3b7f0f84e2bce6392202d0c08d0ad254122d05f2670b7d9e3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"8ef-1930d5ae910"
age: 39568
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PbSpfWumavSezdAXjrvcEgx8a32orC1GK%2FSdsILo5sR8iivQowmZ%2FiBp%2FHXBsLYvj2ZJEU9TDdOV7yeHHEKmMxL1zrmT0o%2B26wL0NQWtYY7l13JGbPci44u9ozlMq%2BmpL6CXsXlXviU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 9395a7bf-6b1f-46c2
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=994&x=1", cfHdrFlush;dur=16
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 19:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcaa4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 69480c19-0ce246976297245a.js Show response
socket.dev/_next/static/chunks/ 3 KB
2 KB 121ms
116ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/69480c19-0ce246976297245a.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c501c291d6b0d9beff3dc64e639ba16f69e3c8e80aa4b47d41c8c24190e61fe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"db5-192deb638a8"
age: 1016040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P8rYhiHq5mJCnZ5iAXtbrR3G62oKvUcQ5sDjuMmm0ky8g0hJN0dnKe06Q8HidqIXWa%2B3KdJWASp9VK7ioU%2Fw2oWJCQkpLHzKTblkvqw6Tt8GYZUFH8rsOSsciu%2B9OQIqt5NIOnAPzlw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 6df6baf4-9f11-4604
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1001&x=1", cfHdrFlush;dur=9
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcab4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 41155975-48bce5a6416240df.js Show response
socket.dev/_next/static/chunks/ 30 KB
13 KB 121ms
117ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/41155975-48bce5a6416240df.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ada90b53bd951969b97be850ddf46f1f3c9e0e6950b4debbf72adaa1e4d52de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"785c-192e9c19940"
age: 817500
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ytxEBj6AIMwVUxvHiI2FLICF%2FMKPTQdDe1OSNAEfJB3vbFsIvXt3wKo2iE03hhf%2FcRqexKhRmldWv5GvYIYhULJn0B3pGRJgLd4fMpntTNGikfW4GSEvcP6Gkywrvvi0rXTDNAM2BSc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 0ba9b69f-3ec8-40a8
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=993&x=1", cfHdrFlush;dur=17
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 01 Nov 2024 22:03:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcac4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 257e8032-856b54998993c6e2.js Show response
socket.dev/_next/static/chunks/ 7 KB
3 KB 120ms
116ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/257e8032-856b54998993c6e2.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d33df44341247ce099ac6050832d09e926b8869a1f68ff8494af0a8e051a1b8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1bf0-192deb638a8"
age: 1016040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ESZPl7GhQo0oZyr8xhVTILm%2BKZoW5UCM5rsheOgFPzEj6OD9Iwg3l2bBODsc75wF%2F5CqwBI76ALnaCbtUEu6FAzsNFwxIWIjQPwERwD%2FyuKDA4aMuZgeAYMDXD8F0tf9qagakTC2o4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 8b7cf8e4-b930-4c15
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=996&x=1", cfHdrFlush;dur=16
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcad4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 69d2ed9c-c9f458d13b4ca3a2.js Show response
socket.dev/_next/static/chunks/ 18 KB
8 KB 128ms
125ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/69d2ed9c-c9f458d13b4ca3a2.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9c8d82f680818eaf01f86043c62c69269e9c470688bc183cd1c1fb5ed278a7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"47e0-192deb638a8"
age: 1016040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKayNLIjob886UZACm0BxsazZJu%2BS%2B6Z%2FJYTjRF6nPdqT41K9Guvgb9Rb2gNCD2wc6eRo1SjLD4dlTH08okvb4cPh0WSqtDbVQ%2F0wwyo4gXe9Rj55Nf%2BgGdhRUUgI8rLBw7fP6mDkao%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: ff1dc201-86dd-4e94
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=995&x=1", cfHdrFlush;dur=17
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcaf4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 5d416436-f6ee7a7be4c1790c.js Show response
socket.dev/_next/static/chunks/ 5 KB
3 KB 137ms
133ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/5d416436-f6ee7a7be4c1790c.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e518a6cbc62f09fa312d057e80c5a79f511f77602fe8c6757e4294c892a6ecda

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"15bf-19309890d08"
age: 297736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxxMPzGaA38VRtfinYlUBMjLbctnosXjYuYpBPimx%2F8PeDPIg%2BIZGH0K7I2N2ak2SZmHmo5NELWwipdcH5tn0TO8YsmT7%2B8oc%2BkdZachv0yGKer81lxcrtPS0Eo132r%2BmQ00sEFUc%2Bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: b616d10a-3193-4842
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=996&x=1", cfHdrFlush;dur=16
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 02:09:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcb14dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 36d2f571-ad904af0d37083e4.js Show response
socket.dev/_next/static/chunks/ 10 KB
3 KB 137ms
134ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/36d2f571-ad904af0d37083e4.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

467e92d8bdc6c9c1424e8e40d174c2174f97bf8dcfacbd04347a222de70446e7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"28fb-192deb638a8"
age: 1016040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TiyJJh7D89%2BHrfe8EdIBnD5tJGpL3cihF4BNuy637s02VPqvGb1%2BRY%2Bis7HvA%2F4N6ITuht8FNNw3o1HNaFl488MRNlxzpeDmoNMvBnLWz7q8bFAzboU%2BNZKO9ZQM6E%2FOE3SH%2BXiy0bk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: ce8a797c-432c-4176
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=997&x=1", cfHdrFlush;dur=15
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcb24dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 cb355538-03b83a8d5070caf9.js Show response
socket.dev/_next/static/chunks/ 25 KB
10 KB 138ms
134ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/cb355538-03b83a8d5070caf9.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32368407f90fa6679179577b8fd111366c3e3e8406a8452cd0cc1ddc897ce568

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6331-192deb638a8"
age: 1016038
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lbN6u0RNVBLH2Ym3%2BbU9BbOOkvbKq8GrYQZv5%2FqX5ay72p2N1GWX0GYkU1wjZrATIQNaZyH%2FA2BNreElzhBnJsm8ZnZDw%2BMrqLg33LmVMaj24WY0e5ZXFl7gZy57qchM%2FiG6FMoTBw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 503baa7c-1bf7-4263
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=999&x=1", cfHdrFlush;dur=13
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcb34dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 6a4d9673-89d59b9138711f07.js Show response
socket.dev/_next/static/chunks/ 1 KB
2 KB 150ms
147ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/6a4d9673-89d59b9138711f07.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0b9f6031583720a3c586b578c9f451485a4d9ffb150b66b74f2b7c10dd85248

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"582-192deb638a8"
age: 1016039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gNv0%2B2Qpe2z%2BK6qKXTy6EvcXUkAbqKNoJPEtvhr8ZjF%2BvuZVt7TPGa7q2xkWYM0rv%2Fncz8mzgkwRpw9Yho0W%2B8LpgXIkD1%2B%2FQTb0covKs4DBj4Ep6fjQPvIqOvF9SjKOw1lAxDjGZZY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 851b88e2-d2e1-4972
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=999&x=1", cfHdrFlush;dur=13
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcb54dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 4394-36db64e7626c9205.js Show response
socket.dev/_next/static/chunks/ 74 KB
26 KB 145ms
142ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/4394-36db64e7626c9205.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

279207ad2d36ff9576efe06505c206783c78a97d63bbcf56be31f21e27394eb9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1287c-192deb638a8"
age: 1011671
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJWiQMH5PfSMFJGAQ8kaRb4K2HCFAzrpGszK%2BuYdPRpSMVevY1h4p4F9ptMIoE5Yuw45qbbfBO8HdmxS4Iiu66PFOsmlw4NN8fPOuTh61pjnPsbvhql70UuPzJcXv%2FMb3NwQQaFrcFk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 12cd41fa-7914-449f
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1005&x=1", cfHdrFlush;dur=7
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcb64dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 1397-8308f0bcd5679a76.js Show response
socket.dev/_next/static/chunks/ 10 KB
5 KB 159ms
156ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/1397-8308f0bcd5679a76.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

559fc3f58fccd700abce14c6302d2aca836385215bef6d436453252170520dbc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"26f8-19309890d08"
age: 297736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2FF9%2F293zpMiYmMMUMIPVeBsj3HnNL7gEYIUdHTPNcIAo5qUOAzV3CrLMZJOwFaTF8SZMkmvej0VRlSbon2vmIvOul5RlmDB%2FsSdp3tyfvgd%2FAF5WF83EAOFMlPzhICQX%2FMdVjFy%2FUQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 63155f14-8c6f-490c
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1001&x=1", cfHdrFlush;dur=11
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 02:09:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcba4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 6666-0c96deecfab6eb38.js Show response
socket.dev/_next/static/chunks/ 24 KB
10 KB 154ms
152ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/6666-0c96deecfab6eb38.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec96a4ba725b02589dcf37a6d74f9c6656947a3141d1f3d68466173df3c25a5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"5e11-19309890d08"
age: 297736
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EB5xL6A3771%2B%2FxqNXbhOD%2FfanteriDXIi3NQHSZpdbEFSJI8sxhmE%2BtPs4ncplNqOcvDxvtT3QPYQkPIBayJNfHR14oA0lrQHtYpW%2FYISoVWiVmJkGM0Z8G7NTz1VwmvAZNHe3RoqBg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 90b41024-0741-475b
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1003&x=1", cfHdrFlush;dur=9
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 02:09:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcbb4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 6516-cbc7b457bc572947.js Show response
socket.dev/_next/static/chunks/ 9 KB
5 KB 154ms
152ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/6516-cbc7b457bc572947.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c62d5cb340bdd863da76aa5d46d64dd44c563d7046bd6b4a2f720809c5f1fa5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2281-192deb638a8"
age: 1016040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FeQERagQ961rY3H4n1gvVSON2VVgcFyCdnZR13uUKSERyaGyLA9BYK%2BBErYFM6OYuhdHps25uXkM41LhUuiX903vwyGk2tzYrcDn04yvXMXA4eat7zYvSv7DL99X%2FRnT56FdlNuTLnU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 49821aed-fa8e-46ac
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=20762&sent=107&recv=65&lost=0&retrans=0&sent_bytes=107446&recv_bytes=14589&delivery_rate=920165&cwnd=37500&unsent_bytes=0&cid=c7a6146db9225818&ts=997&x=1", cfHdrFlush;dur=15
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcbc4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 726-18f47de860b4e7b2.js Show response
socket.dev/_next/static/chunks/ 48 KB
18 KB 156ms
154ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/726-18f47de860b4e7b2.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91f93706e26d37ab5aaba8e3eb70bb88ce4fb5b48ca2a33a08e87d048793df4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"c158-192deb638a8"
age: 1016036
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znQpSYDJl6s%2BZ18bchTBuIdXHNXI%2Bb6TVSssnhW7XNpp2sIeg8N%2FifiQkq47T%2FYJ4div%2FQF6VaSRwXFaH2Rbaxqgxh2E1bcQQ1i1U3lXd%2B3jvBQx3F%2FuSrDZnwnLX53ZUz3DtXodyXE%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: d5dc0ceb-b664-48a6
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=998&x=1", cfHdrFlush;dur=14
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcbd4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 2499-9af554f601a5cde8.js Show response
socket.dev/_next/static/chunks/ 221 KB
54 KB 155ms
154ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/2499-9af554f601a5cde8.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d4084da8c0b2d94b4c2b967a4d477a58e18347f6a9cc5c7687ba1d4cd832dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"37369-1930d5ae910"
age: 194039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnZOiO9K0MKkNng6ClbHTPfDZWwiNm22%2B9axZJ5kvzMJlCsALJNX7ufwUu2gAanfpiNybxScf18zLVba0Xgev4b1LXjPTRiZDm23cdWBlzO566cpDymQ%2B6zFFZvqTr47ktGYCtqPves%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: da47d7c7-b6bb-40a0
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1001&x=1", cfHdrFlush;dur=11
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 19:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcc04dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 8685-e136ae804165e141.js Show response
socket.dev/_next/static/chunks/ 51 KB
17 KB 169ms
168ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/8685-e136ae804165e141.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5901ff5f2703a6e99333ba95284cd98bfc5f7bba55ec463fe36476c7c64059fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"caee-192ff2abd20"
age: 468270
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DOUqlErYF0Tf5srMuEpdyZKWBVkczVPHDYHOxH1okByYsruibktNxy387G1bfrtBhdoW0nAXu9qT5Xbha6wFq3o%2FGfvsNbsV%2F%2FJss%2Fr7UJsGx5OCiT0AaBp%2FNwKInvLbUFZDgAHYm7k%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: e5720e01-78a8-48b4
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1003&x=1", cfHdrFlush;dur=9
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 06 Nov 2024 01:50:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcc14dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 466-799cad513b0d608a.js Show response
socket.dev/_next/static/chunks/ 11 KB
6 KB 170ms
169ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/466-799cad513b0d608a.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69a446fba8c7b949df12d7eb0c112a789a59491579bc020fc49d4b1bdaf5ce78

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"2dec-192e454aad8"
age: 921792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TT%2FOdFpRanoPnGLca4oFICa51iPyu1JA29tv1fh7QFUJ8GgC3RnJieqXnGcbL9Q0Zooi%2BolyMl69wizPogZGfrFFa%2B6fy9Dun%2FwQR7kIZ7CeqK8r6j0g4Omtv0%2Bz%2BWCTh0QOaROC3to%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 45e123c7-11b1-4496
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1005&x=1", cfHdrFlush;dur=7
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 31 Oct 2024 20:46:47 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcc24dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 %5Bslug%5D-42276813e7babcd2.js Show response
socket.dev/_next/static/chunks/pages/blog/ 12 KB
6 KB 170ms
169ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/pages/blog/%5Bslug%5D-42276813e7babcd2.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac8671bbe43b9776cd6386bfe128d7cfa0593e54bd72e7feb524492af21c286

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"30f6-19309890d08"
age: 297724
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g6ZofrIP7GrFJOnZBn%2B7c2TXI93RMSuvNu%2Bw7JYGK9E8kzUUpEgvCQ5QaMY6bkTtuh5%2BydtPqOozOJA8fMJ%2FnNLRdQcFJIpY4r0ZRJOh9SXqoRsE8h%2BLTAg%2BXVTOF%2FNNvooGJTjc67g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: d91381d7-7d93-4402
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1005&x=1", cfHdrFlush;dur=7
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 02:09:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcc44dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 _buildManifest.js Show response
socket.dev/_next/static/ca11da7479bceca46c67ef54cfec891ca9318982/ 32 KB
9 KB 180ms
179ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/ca11da7479bceca46c67ef54cfec891ca9318982/_buildManifest.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e6aa08c4b5d3137edffab88be25e5e6683d834d22c98676dc338bbb013107a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"7f04-1930d5ae910"
age: 233590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpWIDusVUU3ha%2FP0Q48CVOj%2BiPLheJkIOusXFxHcAWIdPySZkUq6%2FNiNqgGbWNzVE62kysAk9N5phr0KV0uNj0G%2FbiOrwwD3uHCD1V8xPczxEa%2B5Jt0SlGCCvxX3oIAfCRqoopnQDMY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 89beb2ec-850e-411e
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1005&x=1", cfHdrFlush;dur=7
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 19:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcc64dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 _ssgManifest.js Show response
socket.dev/_next/static/ca11da7479bceca46c67ef54cfec891ca9318982/ 1 KB
2 KB 171ms
170ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/ca11da7479bceca46c67ef54cfec891ca9318982/_ssgManifest.js

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f94a9889f41c7a5397547fa722171a92fbb94f8a703fafc1dbc197474e18ac6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"433-1930d5f9848"
age: 233590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYp%2FtjRoDwU6FoH5dKDzfLjeS3Dsrt88oNAovLcpTUj%2BHQ0Jnb0SwQKKTT0Gi86Z89SLloMwcUnFJY1t17%2FEH8PjctKVVH49w7V4R4o1%2FIDf2ACLBu8AFBZdHQxGlrv7y8K9mWTR5XA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 8944c669-a833-49c7
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=21116&sent=111&recv=66&lost=0&retrans=0&sent_bytes=112246&recv_bytes=14633&delivery_rate=61206&cwnd=39900&unsent_bytes=0&cid=c7a6146db9225818&ts=1003&x=1", cfHdrFlush;dur=9
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 20:03:09 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c63bcc74dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 2d8eee592db2ba48c3d658420f1fc5c962f157fa-1024x1024.webp
cdn.sanity.io/images/cgdhsj6q/production/ 85 KB
85 KB 81ms
25ms Image
image/avif 34.149.250.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/cgdhsj6q/production/2d8eee592db2ba48c3d658420f1fc5c962f157fa-1024x1024.webp?w=1600&fit=max&auto=format

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.250.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.250.149.34.bc.googleusercontent.com

Software

Resource Hash

ed299d61093f2a20d36e991f39e8879e89afa3688342079762a6c03caa40e80f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/

Response headers

x-b3-spanid: 166c04f79292ad9b
x-b3-parentspanid: e82e6b365806a298
age: 262878
x-content-type-options: nosniff
sanity-gateway: k8s-gcp-eu-w1-prod-ing-01
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 12:02:45 GMT
last-modified: Wed, 31 Dec 1969 23:59:59 GMT
content-type: image/avif
vary: origin, accept
x-sanity-asset-storage: gcs-default
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-sampled: 0
x-varnish-age: 16
via: 1.1 google
xkey: project-cgdhsj6q-production
accept-ranges: bytes
x-b3-traceid: ee0bb4decd353e6c0901a6b0cb0560ba
content-length: 86677
vha6-origin: image-varnish-0

GET
H3 200 inter-latin-wght-normal.76ba26f1.woff2
socket.dev/_next/static/media/ 47 KB
49 KB 63ms
58ms Font
font/woff2 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/media/inter-latin-wght-normal.76ba26f1.woff2

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/css/162fba20b9960c0e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://socket.dev
Referer: https://socket.dev/_next/static/css/162fba20b9960c0e.css

Response headers

cf-cache-status: HIT
etag: W/"bd3c-192deb638a8"
age: 1016039
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qRtqsWJZmyj73CrmojElEqvxU0TQpKhJmCSuzTARsx8X35OQOHuUiWVSuWqpeFKh%2BZzZhEFFdiT0Nyuk2v81E9ier12Jzol508EzEkk9M1M76DES268uw1YG6mSgkBbmEjiRcQQcb8w%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 6d96a49e-d899-4069
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=33650&sent=658&recv=143&lost=2&retrans=2&sent_bytes=740657&recv_bytes=19066&delivery_rate=4615539&cwnd=207690&unsent_bytes=0&cid=c7a6146db9225818&ts=1132&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: font/woff2
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c649d784dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
accept-ranges: bytes
content-length: 48444
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 EuclidCircularB-Medium-WebS.woff2
socket.dev/fonts/ 20 KB
21 KB 81ms
76ms Font
font/woff2 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/fonts/EuclidCircularB-Medium-WebS.woff2

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/css/162fba20b9960c0e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a050c2a660efdf0686e7271888649e81e2f956144a04b9ebdaa38da9553fa99

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://socket.dev
Referer: https://socket.dev/_next/static/css/162fba20b9960c0e.css

Response headers

cf-cache-status: HIT
etag: W/"4f38-192eb4c6b78"
age: 585589
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7mLJg%2FpHxumCzQvwEfpPWwXiDhe7DuxyYFk45DKTShYgp7aUHV1SZX7tDnxpFhOrCdQ4Ir%2BrVz5HJb%2FaG%2F6Moc4BJ%2FOEqxg0aOBJl362bHCZrPQnPxQ9OvYHF0uXwj1iGVVCzNEI%2B4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 501e4d88-9aef-43d6
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=33650&sent=714&recv=143&lost=2&retrans=2&sent_bytes=805749&recv_bytes=19066&delivery_rate=4615539&cwnd=207690&unsent_bytes=0&cid=c7a6146db9225818&ts=1134&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: font/woff2
last-modified: Sat, 02 Nov 2024 05:15:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c649d7b4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
accept-ranges: bytes
content-length: 20280
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 EuclidCircularB-Semibold-WebS.woff2
socket.dev/fonts/ 20 KB
21 KB 80ms
74ms Font
font/woff2 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/fonts/EuclidCircularB-Semibold-WebS.woff2

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/css/162fba20b9960c0e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe9ec9790915730d1f9f397690ab7f97aceb2b997ec5080aa51eb7c28fb910f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://socket.dev
Referer: https://socket.dev/_next/static/css/162fba20b9960c0e.css

Response headers

cf-cache-status: HIT
etag: W/"4f10-192eb4c6b78"
age: 585196
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MQZdEvc0yJ%2BSXJEAB9xTAAzLil9yh8cEIUMPcUVrgDPykaIAAUypBwIOrqvDeAVjgyekwBN30xhG2Wq7Nz6%2BMVHjWksdMgwHao11ul5TKyC9GhqPjBtzwhsOPeJMk2w2MuGEJ6GgFHQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 7fd7ea5c-4920-4f1c
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=33650&sent=702&recv=143&lost=2&retrans=2&sent_bytes=791988&recv_bytes=19066&delivery_rate=4615539&cwnd=207690&unsent_bytes=0&cid=c7a6146db9225818&ts=1133&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: font/woff2
last-modified: Sat, 02 Nov 2024 05:15:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c649d7e4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
accept-ranges: bytes
content-length: 20240
origin-agent-cluster: ?1
server: cloudflare

GET
H2 200 daf113902ac4908f0888505c5b37b45f40f13bad-1460x936.png
cdn.sanity.io/images/cgdhsj6q/production/ 48 KB
48 KB 38ms
15ms Image
image/avif 34.149.250.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/cgdhsj6q/production/daf113902ac4908f0888505c5b37b45f40f13bad-1460x936.png?w=1600&fit=max&auto=format

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.250.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.250.149.34.bc.googleusercontent.com

Software

Resource Hash

4635a615653e4d7a92156f672c8e2c88537ada670b961510f789d270f2345ec0

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/

Response headers

x-b3-spanid: f2468d27dc4f13fd
x-b3-parentspanid: c62ed78664787f05
age: 262861
x-content-type-options: nosniff
sanity-gateway: k8s-gcp-eu-w1-prod-ing-01
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 08 Nov 2024 12:03:02 GMT
last-modified: Wed, 31 Dec 1969 23:59:59 GMT
content-type: image/avif
vary: origin, accept
x-sanity-asset-storage: gcs-default
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-sampled: 0
x-varnish-age: 0
via: 1.1 google
xkey: project-cgdhsj6q-production
accept-ranges: bytes
x-b3-traceid: b92920c8e06937aa4a0ae64c63cb65bc
content-length: 48787

POST
H3 200 monitoring-tunnel Show response
socket.dev/ 2 B
2 KB 262ms
262ms Fetch
application/json 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/monitoring-tunnel?o=555220&p=5890145

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://socket.dev/

Response headers

access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLAtN2jCdqgnL24Dzi%2FoMq5kcXRwL7bbDfIAhwEHHu8YyS6RyfrVbj%2Btjs7JS0h%2BhDyKhIBg5kun7EfeGVqQq%2B116CyFRnMOA%2B1AU9dsO46R9nWmdgW5mpILuUS%2BaxKm2eGrHznxkyg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 103656b2-a371-4277
x-render-origin-server: nginx
server-timing: cfL4;desc="?proto=QUIC&rtt=36878&sent=748&recv=163&lost=2&retrans=2&sent_bytes=839432&recv_bytes=22839&delivery_rate=26796&cwnd=207690&unsent_bytes=0&cid=c7a6146db9225818&ts=1583&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
cf-ray: 8e0e7c661ea24dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
access-control-allow-origin: *
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 monitoring-tunnel Show response
socket.dev/ 2 B
2 KB 29654ms
29634ms Fetch
application/json 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/monitoring-tunnel?o=555220&p=5890145

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://socket.dev/

Response headers

access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iRovhI07t8VDQBIXkwbucfBbrXKZ%2Bj0JMQpCDxx8Vc92gV8KLyEPU6kybfgdOZ03PtDWCtYEpL2%2FPIxixFxVAq7CvpmPeAsaETHHwQxkLjHW18SzxSQ%2B%2FwRxoATfa72Fkf4fIL0dDI4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 2ac2c8f6-78d0-4733
x-render-origin-server: nginx
server-timing: cfL4;desc="?proto=QUIC&rtt=26709&sent=1388&recv=298&lost=2&retrans=2&sent_bytes=1568248&recv_bytes=77434&delivery_rate=2168389&cwnd=214890&unsent_bytes=0&cid=c7a6146db9225818&ts=2007&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:04 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
cf-ray: 8e0e7c66ff684dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
access-control-allow-origin: *
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 monitoring-tunnel Show response
socket.dev/ 2 B
2 KB 29655ms
29635ms Fetch
application/json 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/monitoring-tunnel?o=555220&p=5890145

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://socket.dev/

Response headers

access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M8G%2F63SUXcLefYQeEIsE4ik0Jii%2B5tYtPfQ3220iFagkk8LI8MCchfM0hihVV16HsFTaLkZkSNOETYDJFGm7qFU6rJ3LCwJu6shelZeXok1HvGfmzuEcHXXwyoKnC4Fw4jgvL1ehpvU%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 8928253d-3039-402c
x-render-origin-server: nginx
server-timing: cfL4;desc="?proto=QUIC&rtt=26709&sent=1399&recv=298&lost=2&retrans=2&sent_bytes=1579995&recv_bytes=77434&delivery_rate=2168389&cwnd=214890&unsent_bytes=0&cid=c7a6146db9225818&ts=2008&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:04 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
cf-ray: 8e0e7c66ff6a4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
access-control-allow-origin: *
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 5282.f5d1873bffa705d3.js Show response
socket.dev/_next/static/chunks/ 7 KB
5 KB 47ms
45ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/5282.f5d1873bffa705d3.js

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/webpack-ec80483d6c7ed0bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bb4360de8d20a9b995c4cc71762fe17af1e729188a6928912b9b3de1e46cc98

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1cfe-192deb638a8"
age: 1016037
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=po6%2FdN74yRTE5%2BcGEt5OS3Wl97i0XgXIrsmTnPCVycGSgltfiNsCJ1i2ZJEJ1z%2BUGXRyX5c%2Ba4xvkDJJD3vMCxQmWHy3Tufzpa3pNvEMUGJ5UqL7m1f%2Fyj8s30UuYhdhxtejS6jMXUg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 6d9bb692-2b43-4c7d
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=36878&sent=751&recv=163&lost=2&retrans=2&sent_bytes=841282&recv_bytes=22839&delivery_rate=26796&cwnd=207690&unsent_bytes=0&cid=c7a6146db9225818&ts=1590&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:03 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 30 Oct 2024 18:35:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c677fee4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET 637-bf7ab4fd686c0c43.js
socket.dev/_next/static/chunks/ 0
0

GET is-impersonating
socket.dev/api/auth/ 0
0

GET feature-flag-overrides
socket.dev/api/feature-flags/ 0
0

GET session
socket.dev/api/auth/ 0
0

GET
H3 200 07372dc1581f6b0fed6246998585bccd6d3d4e5c-800x800.jpg
cdn.sanity.io/images/cgdhsj6q/production/ 2 KB
2 KB 56ms
47ms Image
image/avif 34.149.250.58
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.sanity.io/images/cgdhsj6q/production/07372dc1581f6b0fed6246998585bccd6d3d4e5c-800x800.jpg?w=100&fit=max&auto=format

Requested by

Host: socket.dev
URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.250.58 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

58.250.149.34.bc.googleusercontent.com

Software

Resource Hash

ee5841bbbd3c69d35add0d871213f7f0e130d4f99a415921bfbebbd5a3833579

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/

Response headers

x-b3-spanid: 8b7d4e27e190e81
x-b3-parentspanid: 4d5602a19c22e03d
age: 200755
x-content-type-options: nosniff
sanity-gateway: k8s-gcp-eu-w1-prod-ing-01
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 09 Nov 2024 05:18:08 GMT
last-modified: Wed, 31 Dec 1969 23:59:59 GMT
content-type: image/avif
vary: origin, accept
x-sanity-asset-storage: gcs-default
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'none'
cache-control: public, max-age=31536000, s-maxage=2592000
x-b3-sampled: 0
x-varnish-age: 0
via: 1.1 google
xkey: project-cgdhsj6q-production
accept-ranges: bytes
x-b3-traceid: ce0fa2604ed54af503ebfc58df1745ae
content-length: 1908

POST info
socket.dev/api/ 0
0

GET en-US.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/ 0
0

GET
H3 200 68c0a17d-68b8d3d707a18807.js
socket.dev/_next/static/chunks/ 0
2 KB 148ms
110ms Other
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/68c0a17d-68b8d3d707a18807.js

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/main-8aaef9059cd2967e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"b85-192ff2abd20"
age: 454481
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s1JDL4dpfwiSdaW6LNoZ09ZGU39C9Q9HzGqXLPnbrMHJorPp51YSDKyitohlId%2BXu7sfclN9aSKcI0CyB%2F8US6ssgHYimq5Yxx4Y4%2Fb0NKbKru8y3Yd9BLrycaQG%2FEhXv%2BQ4DYojH3Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 423ad8cf-d2a2-4e46
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=39331&sent=1033&recv=279&lost=2&retrans=2&sent_bytes=1165058&recv_bytes=76566&delivery_rate=121532&cwnd=210090&unsent_bytes=0&cid=c7a6146db9225818&ts=1952&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:04 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 06 Nov 2024 01:50:44 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c6969cb4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 fec483df-aafc60e42f6cb3d7.js
socket.dev/_next/static/chunks/ 0
0 154ms
116ms Other
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/fec483df-aafc60e42f6cb3d7.js

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/main-8aaef9059cd2967e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"4ffb7-1927e38ce28"
age: 2302085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yjfiCHc4gFtcCpAR0JBrYMe0AQb%2BY2jb9mfpFWW4f6A455WcZpvtNDO7RYYT%2Fj76hvIFWPpFESIgNAq1GLGDSwyTTRv3MvRrrMnJPiCyN9N1m0jVH5j3Aq4NqXj43FgdNBYIBjTfZK8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: b2acc054-8956-4db7
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=39331&sent=1033&recv=279&lost=2&retrans=2&sent_bytes=1165058&recv_bytes=76566&delivery_rate=121532&cwnd=210090&unsent_bytes=0&cid=c7a6146db9225818&ts=1952&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:04 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Sat, 12 Oct 2024 00:55:05 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c6969cd4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 3a17f596-8f3ea98e0b57e40c.js
socket.dev/_next/static/chunks/ 0
0 155ms
116ms Other
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/3a17f596-8f3ea98e0b57e40c.js

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/main-8aaef9059cd2967e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"1583-192e9c19940"
age: 807905
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZSJgKbfpcLY0mQ%2FK9z4ETOpJjEtGMp%2FBXo0HB73dZLyR1FqwZUWqfCr3nzZugY1UpFauLbzw6G4Upq628UBtaGoJkF8M4EYJ%2FY9tLOP7dpc%2F%2FCNWEnNAn3euIrjzFE0Pi53YickdQyY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 095e9999-01b2-493f
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=39331&sent=1033&recv=279&lost=2&retrans=2&sent_bytes=1165058&recv_bytes=76566&delivery_rate=121532&cwnd=210090&unsent_bytes=0&cid=c7a6146db9225818&ts=1952&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:04 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 01 Nov 2024 22:03:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c6969d14dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 fea29d9f-e68e75821193dc61.js
socket.dev/_next/static/chunks/ 0
0 155ms
117ms Other
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/fea29d9f-e68e75821193dc61.js

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/main-8aaef9059cd2967e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"f29-192fa09f2e8"
age: 553416
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InxfYu%2BWGSOpRWueTikcQqdYOkodU9S1VygN%2BdW6S6GMAuYmsQLzmGYTDpKEDoUF7jkskvdie%2Bw7BhikFjI3UTvIsgoQ%2F8UVkRBmi097ZNaoBaazh41XpDo8dhwH87S7vVbMG0Wgnj4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: ef26aa69-9df8-4d13
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=39331&sent=1033&recv=279&lost=2&retrans=2&sent_bytes=1165058&recv_bytes=76566&delivery_rate=121532&cwnd=210090&unsent_bytes=0&cid=c7a6146db9225818&ts=1952&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:04 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 05 Nov 2024 01:56:49 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7c6969d54dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET 85d7bc83-4f1607802cf23e3b.js
socket.dev/_next/static/chunks/ 0
0

GET cfaebb58-6b248f6e1c94268a.js
socket.dev/_next/static/chunks/ 0
0

GET 9539-122b6f409adadbf4.js
socket.dev/_next/static/chunks/ 0
0

GET 6817-64e27194f1b77350.js
socket.dev/_next/static/chunks/ 0
0

GET 5461-a5f625b8946539fb.js
socket.dev/_next/static/chunks/ 0
0

GET 7372-857afc308eed8f03.js
socket.dev/_next/static/chunks/ 0
0

GET 6491-1b49402a82c9a694.js
socket.dev/_next/static/chunks/ 0
0

GET 5796-2e1451d590b7c468.js
socket.dev/_next/static/chunks/ 0
0

GET index-9a264fabd3bca210.js
socket.dev/_next/static/chunks/pages/ 0
0

GET features.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET 1436-1ecfd8e7578d9710.js
socket.dev/_next/static/chunks/ 0
0

GET features-09f37ca0f2ba163a.js
socket.dev/_next/static/chunks/pages/ 0
0

GET github.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/ 0
0

GET 9106-09f6df39539b1732.js
socket.dev/_next/static/chunks/ 0
0

GET github-080e66a562bc7bf7.js
socket.dev/_next/static/chunks/pages/features/ 0
0

GET cli.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/ 0
0

GET cli-c079e7b284dbb830.js
socket.dev/_next/static/chunks/pages/features/ 0
0

GET web-extension.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/ 0
0

GET web-extension-ae7f404dbd111bfc.js
socket.dev/_next/static/chunks/pages/features/ 0
0

GET dependency-search.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/ 0
0

GET e21e5bbe-995cf600180520e9.js
socket.dev/_next/static/chunks/ 0
0

GET dependency-search-b53a3b182ef1809b.js
socket.dev/_next/static/chunks/pages/features/ 0
0

GET integrations.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET integrations-eec167a3651435f7.js
socket.dev/_next/static/chunks/pages/ 0
0

GET customers.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET customers-493c7c2967b3ad33.js
socket.dev/_next/static/chunks/pages/ 0
0

GET blog.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET blog-011a92d4a70fe2b8.js
socket.dev/_next/static/chunks/pages/ 0
0

GET changelog.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET changelog-589f20285ba7f85a.js
socket.dev/_next/static/chunks/pages/ 0
0

GET faq-a51a50ba0c0e1cf1.js
socket.dev/_next/static/chunks/pages/ 0
0

GET alerts-a3b6c43552c85e34.js
socket.dev/_next/static/chunks/pages/ 0
0

GET glossary.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET 4577d2ec-3def19d28a45be84.js
socket.dev/_next/static/chunks/ 0
0

GET glossary-a644d0f5eda92f67.js
socket.dev/_next/static/chunks/pages/ 0
0

GET security-news.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/ 0
0

GET %5Bslug%5D-8f173cb91daae88f.js
socket.dev/_next/static/chunks/pages/blog/category/ 0
0

GET news.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/ 0
0

GET engineering.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/ 0
0

GET product.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/ 0
0

GET research.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/ 0
0

GET security.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/ 0
0

GET vercel.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/ 0
0

GET %5Bslug%5D-2b062e92d6293273.js
socket.dev/_next/static/chunks/pages/case-study/ 0
0

GET drata.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/ 0
0

GET Replit.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/ 0
0

GET metamask.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/ 0
0

GET about.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET about-88ebdc22d3c49c26.js
socket.dev/_next/static/chunks/pages/ 0
0

GET love.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET love-ade95cbb3e85ce5f.js
socket.dev/_next/static/chunks/pages/ 0
0

GET careers.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET careers-d1576543d34f2682.js
socket.dev/_next/static/chunks/pages/ 0
0

GET security.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/ 0
0

GET security-87cdecd48e52c7cd.js
socket.dev/_next/static/chunks/pages/ 0
0

GET socket-vs-snyk.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/ 0
0

GET 7997-199cb3be3ce52385.js
socket.dev/_next/static/chunks/ 0
0

GET socket-vs-snyk-c0f43531d31dbe51.js
socket.dev/_next/static/chunks/pages/compare/ 0
0

GET socket-vs-dependabot.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/ 0
0

GET socket-vs-dependabot-7704658b610cf322.js
socket.dev/_next/static/chunks/pages/compare/ 0
0

GET socket-vs-semgrep.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/ 0
0

GET socket-vs-semgrep-69ab90c9712011a3.js
socket.dev/_next/static/chunks/pages/compare/ 0
0

GET socket-vs-endor-labs.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/ 0
0

GET socket-vs-endor-labs-26d42e7e4a735e35.js
socket.dev/_next/static/chunks/pages/compare/ 0
0

GET series-b.json
socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/ 0
0

GET ebc70433-bdeb5b12f01b2f6e.js
socket.dev/_next/static/chunks/ 0
0

GET 9631-444c544fd2cab6bb.js
socket.dev/_next/static/chunks/ 0
0

GET 492-f68b726131c3d78a.js
socket.dev/_next/static/chunks/ 0
0

GET pricing-aeab9c9e10a879b1.js
socket.dev/_next/static/chunks/pages/ 0
0

GET login-e08e3235001167c1.js
socket.dev/_next/static/chunks/pages/auth/ 0
0

GET demo-4cce153e3c3594a8.js
socket.dev/_next/static/chunks/pages/ 0
0

GET github-app-d1f3a264dfebb47e.js
socket.dev/_next/static/chunks/pages/ 0
0

GET integrations-eec167a3651435f7.js
socket.dev/_next/static/chunks/pages/ 0
0

GET %5Bslug%5D-8f173cb91daae88f.js
socket.dev/_next/static/chunks/pages/blog/category/ 0
0

GET %5Bslug%5D-2b062e92d6293273.js
socket.dev/_next/static/chunks/pages/case-study/ 0
0

GET 5796-2e1451d590b7c468.js
socket.dev/_next/static/chunks/ 0
0

GET about-88ebdc22d3c49c26.js
socket.dev/_next/static/chunks/pages/ 0
0

POST
H3 200 _log
socket.dev/api/auth/ 0
2 KB 295ms
227ms Ping
text/plain 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/api/auth/_log

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL2seXAJ4YjMdTtklCCnUgcgUr5iAI5BSbho%2Be%2FqDeU5JXAcI6795TdufVOQf0kG03%2B5RcYmQBWm5BMUTBvw9xbe9BURsKDqu9Njdsg%2FlvSqMaat2EEMI4OHLZ3uSbfPzrd%2B2Y%2FYLQ4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 5fcbf811-7617-4731
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=19574&sent=2314&recv=567&lost=13&retrans=13&sent_bytes=2473656&recv_bytes=119370&delivery_rate=1079&cwnd=152103&unsent_bytes=0&cid=c7a6146db9225818&ts=31373&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:33 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7d200e454dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 monitoring-tunnel Show response
socket.dev/ 2 B
2 KB 249ms
237ms Fetch
application/json 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/monitoring-tunnel?o=555220&p=5890145

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://socket.dev/

Response headers

access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYQYllw1WauUrvDm6iUCs5TeHKve84N5jyPnNsZWDxW29aqdqTrRDLEvDdPYkG2kasUx2sol9B3ujucmW%2Bo61UPGgVO1HanPzib2F%2BKlWNcMO2uyVXsILxJ7YrLNRKnJQKydnHgUmQM%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: a66fb31a-066e-4256
x-render-origin-server: nginx
server-timing: cfL4;desc="?proto=QUIC&rtt=19574&sent=2317&recv=568&lost=13&retrans=13&sent_bytes=2475367&recv_bytes=120540&delivery_rate=1079&cwnd=152103&unsent_bytes=0&cid=c7a6146db9225818&ts=31382&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:33 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
cf-ray: 8e0e7d206e984dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
access-control-allow-origin: *
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 monitoring-tunnel Show response
socket.dev/ 41 B
2 KB 390ms
366ms Fetch
application/json 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/monitoring-tunnel?o=555220&p=5890145

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a06d818fed10faddeabd6ed45e2d94bdf3c26df758e6bc90c9b2f2390796ec01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://socket.dev/

Response headers

access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FkoEyC0njsS5G%2FhCwNXIX39tCrFXM7zyFYyNynuesoLVz3ypnHsp4jpopk05JlScMTyK5fV5A9CRMRLONviE4wubNqsexVAweNezkR70Wyq1xTTfu1XQbtvlUjSr3%2BKn2aUVe7EEgQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: b21f9f75-92bf-4849
x-render-origin-server: nginx
server-timing: cfL4;desc="?proto=QUIC&rtt=19409&sent=2322&recv=572&lost=13&retrans=13&sent_bytes=2477259&recv_bytes=120724&delivery_rate=1267&cwnd=152103&unsent_bytes=0&cid=c7a6146db9225818&ts=31526&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:33 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
cf-ray: 8e0e7d206e994dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
access-control-allow-origin: *
origin-agent-cluster: ?1
server: cloudflare

POST
H3 200 monitoring-tunnel Show response
socket.dev/ 41 B
2 KB 1240ms
1218ms Fetch
application/json 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/monitoring-tunnel?o=555220&p=5890145

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2880d7b34b23efcc31f837d8dd981a22742f642a71c2559d8667cc299a58ad4c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://socket.dev/

Response headers

access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHyOwGIoxrSqgH7JK7X92qAz1T1MzOUXwcl3kvjfQdj1aWply7Vl49DXLSBX8pXqWeh5E7B5rvtV3bVUFS5pKxIUWorFixaYn3ab4FzWQnK5hspfJu3BkRPizxiNq3LJKaNacpr%2FPyg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: a26da62d-8bdc-4fb1
x-render-origin-server: nginx
server-timing: cfL4;desc="?proto=QUIC&rtt=19730&sent=2328&recv=576&lost=13&retrans=13&sent_bytes=2481176&recv_bytes=120908&delivery_rate=827&cwnd=152103&unsent_bytes=0&cid=c7a6146db9225818&ts=32382&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:34 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
via: 1.1 google
cf-ray: 8e0e7d206e9c4dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
access-control-allow-origin: *
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 is-impersonating Show response
socket.dev/api/auth/ 25 B
2 KB 590ms
589ms Fetch
application/json 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/api/auth/is-impersonating

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/_app-b91a3a81e2b4015d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc7de5d3d1b29c47e74dc4ba7774ebec06771dd1b26cb679173bc68a237837bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sentry-trace: df37b60d5cf944139030f5b6abc66e63-9c4a10ce25208293-0, df37b60d5cf944139030f5b6abc66e63-aa36c109152713d1-0, ca47799ee12046ba92ea686b9b2efd9b-bfd91d9f37eee576, ca47799ee12046ba92ea686b9b2efd9b-bfd91d9f37eee576
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
baggage: sentry-environment=prod,sentry-release=ca11da7479bceca46c67ef54cfec891ca9318982,sentry-public_key=513886e4d16e470f9c3da24ed939a4d5,sentry-trace_id=df37b60d5cf944139030f5b6abc66e63,sentry-sample_rate=0.00001,sentry-transaction=%2Fblog%2F%5Bslug%5D,sentry-sampled=false, sentry-environment=prod,sentry-release=ca11da7479bceca46c67ef54cfec891ca9318982,sentry-public_key=513886e4d16e470f9c3da24ed939a4d5,sentry-trace_id=df37b60d5cf944139030f5b6abc66e63,sentry-sample_rate=0.00001,sentry-transaction=%2Fblog%2F%5Bslug%5D,sentry-sampled=false, sentry-environment=prod,sentry-release=ca11da7479bceca46c67ef54cfec891ca9318982,sentry-public_key=513886e4d16e470f9c3da24ed939a4d5,sentry-trace_id=ca47799ee12046ba92ea686b9b2efd9b, sentry-environment=prod,sentry-release=ca11da7479bceca46c67ef54cfec891ca9318982,sentry-public_key=513886e4d16e470f9c3da24ed939a4d5,sentry-trace_id=ca47799ee12046ba92ea686b9b2efd9b

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
etag: W/"ewdnte0mwip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjd8t%2BYA4rynGW97Rzoakf9FPHTNktNGJWr04ew8BQg%2FpXQOrKj8SMGgzCv%2Bxam3ihgfRNZBhvd0lGr7H8RvgxYCsogkGLkT1aOcRIzS50fFJe0Qs%2Fd4wjpbCa8kMVUdMQxxVhrlr7Q%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: 84b787d9-7695-4fd3
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=19637&sent=2325&recv=574&lost=13&retrans=13&sent_bytes=2479146&recv_bytes=120816&delivery_rate=815&cwnd=152103&unsent_bytes=0&cid=c7a6146db9225818&ts=31944&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7d21bfa14dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

GET
H3 200 637-bf7ab4fd686c0c43.js Show response
socket.dev/_next/static/chunks/ 1 MB
301 KB 264ms
264ms Script
application/javascript 2606:4700:20::681a:485
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://socket.dev/_next/static/chunks/637-bf7ab4fd686c0c43.js?1731330276307

Requested by

Host: socket.dev
URL: https://socket.dev/_next/static/chunks/webpack-ec80483d6c7ed0bc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:485 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c56fe7c6031b8649f91ade69bdd17792284a919b1851701a31aef16202025530

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"103e6f-1930d5ae910"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SPAqlXOqculomU6Esw%2BZO1caSDFxvnqi8YQCFJiLXI1DGKj%2FU9PHNrSwD5bO%2Fcn28lKu7K%2FL%2BBmwRopdh8GWiq82LUNuoCMMYbbPZcLKaV3PxkLfLuuH0o3xCy0xA8fB%2Bc82Iyr8inQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
rndr-id: c3756edd-0d2c-48b0
x-render-origin-server: Render
server-timing: cfL4;desc="?proto=QUIC&rtt=19394&sent=2332&recv=579&lost=13&retrans=13&sent_bytes=2483085&recv_bytes=121502&delivery_rate=955&cwnd=152103&unsent_bytes=0&cid=c7a6146db9225818&ts=34379&x=1", cfHdrFlush;dur=0
date: Mon, 11 Nov 2024 13:04:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 08 Nov 2024 19:58:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' ; connect-src 'self' https://socketusercontent.com *.api.sanity.io *.crowdin.com *.getkoala.com *.hubspot.com *.hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' *.hubspot.com *.loom.com *.spotify.com *.syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src * data: ; object-src 'none' ; script-src 'self' *.hs-scripts.com *.hscollectedforms.net *.hs-banner.com *.hs-analytics.net *.usemessages.com *.getkoala.com *.crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' *.crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' *.usemessages.com *.getkoala.com *.crowdin.com ;
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e0e7d32fd844dac-FRA
cross-origin-embedder-policy: unsafe-none
permissions-policy: geolocation=(), camera=(), microphone=(), sync-xhr=()
document-policy: document-write=?0
origin-agent-cluster: ?1
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/637-bf7ab4fd686c0c43.js

Domain: socket.dev
URL: https://socket.dev/api/auth/is-impersonating

Domain: socket.dev
URL: https://socket.dev/api/feature-flags/feature-flag-overrides

Domain: socket.dev
URL: https://socket.dev/api/auth/session

Domain: socket.dev
URL: https://socket.dev/api/info

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/85d7bc83-4f1607802cf23e3b.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/cfaebb58-6b248f6e1c94268a.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/9539-122b6f409adadbf4.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/6817-64e27194f1b77350.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/5461-a5f625b8946539fb.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/7372-857afc308eed8f03.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/6491-1b49402a82c9a694.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/5796-2e1451d590b7c468.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/index-9a264fabd3bca210.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/1436-1ecfd8e7578d9710.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/features-09f37ca0f2ba163a.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/github.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/9106-09f6df39539b1732.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/features/github-080e66a562bc7bf7.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/cli.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/features/cli-c079e7b284dbb830.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/web-extension.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/features/web-extension-ae7f404dbd111bfc.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/features/dependency-search.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/e21e5bbe-995cf600180520e9.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/features/dependency-search-b53a3b182ef1809b.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/integrations.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/integrations-eec167a3651435f7.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/customers.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/customers-493c7c2967b3ad33.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/blog-011a92d4a70fe2b8.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/changelog.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/changelog-589f20285ba7f85a.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/faq-a51a50ba0c0e1cf1.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/alerts-a3b6c43552c85e34.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/glossary.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/4577d2ec-3def19d28a45be84.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/glossary-a644d0f5eda92f67.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/security-news.json?slug=security-news

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/blog/category/%5Bslug%5D-8f173cb91daae88f.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/news.json?slug=news

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/engineering.json?slug=engineering

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/product.json?slug=product

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/research.json?slug=research

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/category/security.json?slug=security

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/vercel.json?slug=vercel

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/case-study/%5Bslug%5D-2b062e92d6293273.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/drata.json?slug=drata

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/Replit.json?slug=Replit

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/case-study/metamask.json?slug=metamask

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/about.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/about-88ebdc22d3c49c26.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/love.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/love-ade95cbb3e85ce5f.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/careers.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/careers-d1576543d34f2682.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/security.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/security-87cdecd48e52c7cd.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/socket-vs-snyk.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/7997-199cb3be3ce52385.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/compare/socket-vs-snyk-c0f43531d31dbe51.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/socket-vs-dependabot.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/compare/socket-vs-dependabot-7704658b610cf322.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/socket-vs-semgrep.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/compare/socket-vs-semgrep-69ab90c9712011a3.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/compare/socket-vs-endor-labs.json

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/compare/socket-vs-endor-labs-26d42e7e4a735e35.js

Domain: socket.dev
URL: https://socket.dev/_next/data/ca11da7479bceca46c67ef54cfec891ca9318982/en-US/blog/series-b.json?slug=series-b

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/ebc70433-bdeb5b12f01b2f6e.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/9631-444c544fd2cab6bb.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/492-f68b726131c3d78a.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/pricing-aeab9c9e10a879b1.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/auth/login-e08e3235001167c1.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/demo-4cce153e3c3594a8.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/github-app-d1f3a264dfebb47e.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/integrations-eec167a3651435f7.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/blog/category/%5Bslug%5D-8f173cb91daae88f.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/case-study/%5Bslug%5D-2b062e92d6293273.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/5796-2e1451d590b7c468.js

Domain: socket.dev
URL: https://socket.dev/_next/static/chunks/pages/about-88ebdc22d3c49c26.js

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://socket.dev/blog/roblox-developers-targeted-with-npm-packages-infected-with-infostealers Message: Document-Policy HTTP header: Unrecognized document policy feature name document-write.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' ; connect-src 'self' https://socketusercontent.com .api.sanity.io .crowdin.com .getkoala.com .hubspot.com .hscollectedforms.net https://crowdin.com/api/v2/jipt/cookie https://crowdin.com/api/v2/jipt/project/SocketSecurity https://crowdin.com/api/v2/jipt/project/SocketSecurity/strings wss://api.getkoala.com https://api.github.com ; frame-src 'self' .hubspot.com .loom.com .spotify.com .syntax.fm https://crowdin.com https://platform.twitter.com https://www.youtube.com ; img-src data: ; object-src 'none' ; script-src 'self' .hs-scripts.com .hscollectedforms.net .hs-banner.com .hs-analytics.net .usemessages.com .getkoala.com .crowdin.com https://www.youtube.com https://platform.twitter.com ; style-src 'self' 'unsafe-inline' .crowdin.com fonts.googleapis.com ; font-src 'self' fonts.gstatic.com ; base-uri 'none' ; frame-ancestors https://socket.sanity.studio 'self' ; form-action 'self' https://github.com ; worker-src 'self' .usemessages.com .getkoala.com *.crowdin.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.sanity.io
socket.dev
socket.dev
2606:4700:20::681a:485
34.149.250.58
094f2cb246ad82c2d6a3e9e25361cd2ca8048e9ab3f6345de1379bb0201eeda8
0ac8671bbe43b9776cd6386bfe128d7cfa0593e54bd72e7feb524492af21c286
0f94a9889f41c7a5397547fa722171a92fbb94f8a703fafc1dbc197474e18ac6
1ce42e74a5b178907727000e970f860137da663984c18fa4c5c13ef7733f7ebf
1fb71befddb6b0366f47e4e8d50284123e11d76ff5b975780154527222864890
279207ad2d36ff9576efe06505c206783c78a97d63bbcf56be31f21e27394eb9
2880d7b34b23efcc31f837d8dd981a22742f642a71c2559d8667cc299a58ad4c
2d33df44341247ce099ac6050832d09e926b8869a1f68ff8494af0a8e051a1b8
32368407f90fa6679179577b8fd111366c3e3e8406a8452cd0cc1ddc897ce568
34e6aa08c4b5d3137edffab88be25e5e6683d834d22c98676dc338bbb013107a
4147a8fbadd5aaca2cd54d79fcc0001a45a7029f0e7a5bb0fb16093998f7876d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4635a615653e4d7a92156f672c8e2c88537ada670b961510f789d270f2345ec0
467e92d8bdc6c9c1424e8e40d174c2174f97bf8dcfacbd04347a222de70446e7
49d4084da8c0b2d94b4c2b967a4d477a58e18347f6a9cc5c7687ba1d4cd832dc
4c501c291d6b0d9beff3dc64e639ba16f69e3c8e80aa4b47d41c8c24190e61fe
4c62d5cb340bdd863da76aa5d46d64dd44c563d7046bd6b4a2f720809c5f1fa5
4fe9ec9790915730d1f9f397690ab7f97aceb2b997ec5080aa51eb7c28fb910f
559fc3f58fccd700abce14c6302d2aca836385215bef6d436453252170520dbc
5901ff5f2703a6e99333ba95284cd98bfc5f7bba55ec463fe36476c7c64059fc
5ada90b53bd951969b97be850ddf46f1f3c9e0e6950b4debbf72adaa1e4d52de
69a446fba8c7b949df12d7eb0c112a789a59491579bc020fc49d4b1bdaf5ce78
6bb4360de8d20a9b995c4cc71762fe17af1e729188a6928912b9b3de1e46cc98
8520eb31309d87388d49d1f7fa1ec3bd37f0b8f4c484f6000fb063b60826e3df
89451b62864b2df3b7f0f84e2bce6392202d0c08d0ad254122d05f2670b7d9e3
9130a748edf535f463a651b0b033ff08ebca668f41544cf78ddb843d9cc056cb
91f93706e26d37ab5aaba8e3eb70bb88ce4fb5b48ca2a33a08e87d048793df4a
9a050c2a660efdf0686e7271888649e81e2f956144a04b9ebdaa38da9553fa99
a06d818fed10faddeabd6ed45e2d94bdf3c26df758e6bc90c9b2f2390796ec01
c56fe7c6031b8649f91ade69bdd17792284a919b1851701a31aef16202025530
c78bd114411f702c36075ae91b7f6ad92aac0ffcec3fb848ed21d844c1ca0dcf
c9c8d82f680818eaf01f86043c62c69269e9c470688bc183cd1c1fb5ed278a7d
dc7de5d3d1b29c47e74dc4ba7774ebec06771dd1b26cb679173bc68a237837bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518a6cbc62f09fa312d057e80c5a79f511f77602fe8c6757e4294c892a6ecda
ec96a4ba725b02589dcf37a6d74f9c6656947a3141d1f3d68466173df3c25a5a
ed299d61093f2a20d36e991f39e8879e89afa3688342079762a6c03caa40e80f
ee5841bbbd3c69d35add0d871213f7f0e130d4f99a415921bfbebbd5a3833579
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f0b9f6031583720a3c586b578c9f451485a4d9ffb150b66b74f2b7c10dd85248

socket.dev Open in urlscan Pro 2606:4700:20::681a:485 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

130 Requests

36 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

1251 kBTransfer

3576 kBSize

0 Cookies

26 Outgoing links

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

socket.dev Open in urlscan Pro
2606:4700:20::681a:485 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

36 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1251 kB
Transfer

3576 kB
Size

0
Cookies

130 HTTP transactions
0 data transactions