www.javatips.net Open in urlscan Pro
2606:4700:30::681c:1610 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Submission: On December 10 via manual (December 10th 2019, 5:48:57 pm UTC) from US

Summary HTTP 315 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 54 IPs in 9 countries across 39 domains to perform 315 HTTP transactions. The main IP is 2606:4700:30::681c:1610, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.javatips.net.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 10th 2019. Valid for: 6 months.

This is the only time www.javatips.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	2606:4700:30:... 2606:4700:30::681c:1610	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	108.161.189.78 108.161.189.78	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	23.111.9.22 23.111.9.22	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	68.183.0.10 68.183.0.10	14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean)
4	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
15	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
21	2606:4700:10:... 2606:4700:10::6814:ec10	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2606:4700:20:... 2606:4700:20::6819:210f	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	94.31.29.32 94.31.29.32	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2 4	172.217.22.6 172.217.22.6	15169 (GOOGLE) (GOOGLE - Google LLC)
1	213.254.244.19 213.254.244.19	36062 (DOUBLE-VE...) (DOUBLE-VERIFY - DoubleVerify)
3	76.74.234.208 76.74.234.208	13768 (COGECO-PEER1) (COGECO-PEER1 - Cogeco Peer 1)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
27	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY - Fastly)
10	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
9	95.100.197.53 95.100.197.53	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2 15	185.33.220.145 185.33.220.145	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 20	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
9	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
36	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
3	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
10	2606:4700:303... 2606:4700:3038::681f:ba3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	185.80.38.195 185.80.38.195	27381 (CASALE-MEDIA) (CASALE-MEDIA - Index Exchange Inc.)
3	185.29.133.58 185.29.133.58	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
1	2600:9000:21f... 2600:9000:21f3:600:1:af78:4c0:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
27	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3 9	2a00:1450:400... 2a00:1450:4001:825::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	136.243.149.243 136.243.149.243	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 3	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
2 4	195.216.249.67 195.216.249.67	47268 (ZANOX) (ZANOX)
1 1	85.10.231.199 85.10.231.199	24940 (HETZNER-AS) (HETZNER-AS)
1 2	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.194.14.197 23.194.14.197	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	185.29.134.233 185.29.134.233	30419 (MEDIAMATH...) (MEDIAMATH-INC - MediaMath Inc)
2	172.217.16.162 172.217.16.162	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	62.149.23.112 62.149.23.112	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
2	52.57.64.247 52.57.64.247	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
13	95.100.196.237 95.100.196.237	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
11	95.100.196.250 95.100.196.250	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	23.37.55.184 23.37.55.184	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	77.245.58.151 77.245.58.151	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc.)
1	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
315	54

11 2606:4700:30::681c:1610 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

www.javatips.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.161.189.78 (United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

m.servedby-buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.22 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

s3.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.183.0.10 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
PTR: srv-eu-nl-12.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:10::6814:ec10 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

services.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
biltag.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
logs.bilsyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:210f (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.31.29.32 (United Kingdom)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.22.6 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s14-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.19 (Ireland)

ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.74.234.208 (Toronto, Canada)

ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA)

cdn1.developermedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.developermedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 95.100.197.53 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-197-53.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.33.220.145 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 34.95.120.147 (United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

adinplay-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3038::681f:ba3 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

s.vlistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.38.195 (Netherlands)

ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA)

a3226.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.133.58 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:600:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

vendorlist.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:825::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.164 (Heppenheim an der Bergstrasse, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal90006.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.216.249.67 (France) 2 redirects

ASN47268 (ZANOX, FR)

ad.zanox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.10.231.199 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-199.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.230 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.194.14.197 (United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-194-14-197.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC - MediaMath Inc, US)

mathid.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.23.112 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: adtelligent6.cc.colocall.com

hb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.64.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-57-64-247.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 95.100.196.237 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-196-237.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 95.100.196.250 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-196-250.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.55.184 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-55-184.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.58.151 (Netherlands)

ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US)
PTR: grantsadvisoronline.com

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.adtelligent3-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	632 KB
44	doubleclick.net 3 redirects ad.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net 8019191.fls.doubleclick.net googleads4.g.doubleclick.net	405 KB
28	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com	16 KB
27	ampproject.org cdn.ampproject.org	675 KB
21	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	666 B
21	bilsyndication.com services.bilsyndication.com biltag.bilsyndication.com assets.bilsyndication.com logs.bilsyndication.com	1 MB
20	openx.net 2 redirects adinplay-d.openx.net eu-u.openx.net	4 KB
12	google.com 3 redirects adservice.google.com www.google.com	740 B
11	casalemedia.com as-sec.casalemedia.com a3226.casalemedia.com	14 KB
11	javatips.net www.javatips.net	142 KB
10	vlistatic.com s.vlistatic.com	5 MB
6	googletagservices.com www.googletagservices.com	146 KB
6	buysellads.com s3.buysellads.com srv.buysellads.com	53 KB
5	mathtag.com tags.mathtag.com pixel.mathtag.com mathid.mathtag.com	22 KB
5	google-analytics.com www.google-analytics.com	35 KB
4	sonobi.com apex.go.sonobi.com sync.go.sonobi.com	2 KB
4	zanox.com 2 redirects ad.zanox.com	2 KB
4	redintelligence.net 1 redirects hal9000.redintelligence.net hal90006.redintelligence.net	6 KB
4	googleapis.com ajax.googleapis.com imasdk.googleapis.com fonts.googleapis.com	122 KB
4	gstatic.com fonts.gstatic.com	47 KB
3	rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com	725 B
3	adtelligent.com hb.adtelligent.com sync.adtelligent.com	2 KB
3	google.de adservice.google.de	513 B
3	developermedia.com cdn1.developermedia.com apps.developermedia.com	10 KB
3	googletagmanager.com www.googletagmanager.com	81 KB
2	adkernel.com sync.adkernel.com
2	facebook.com staticxx.facebook.com www.facebook.com
2	facebook.net connect.facebook.net	60 KB
2	jsdelivr.net cdn.jsdelivr.net	2 KB
2	adinplay.com api.adinplay.com	87 KB
1	2mdn.net s0.2mdn.net	60 KB
1	awin1.com www.awin1.com	621 B
1	media01.eu 1 redirects pb.media01.eu	1 KB
1	consensu.org vendorlist.consensu.org	17 KB
1	doubleverify.com tps.doubleverify.com	440 B
1	buysellads.net cdn4.buysellads.net	1 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
1	servedby-buysellads.com m.servedby-buysellads.com	15 KB
0	152media.com Failed sync.admin.ads.152media.com Failed
315	39

	Domain	Requested by
36	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.javatips.net cdn.ampproject.org googleads.g.doubleclick.net tpc.googlesyndication.com
27	cdn.ampproject.org	securepubads.g.doubleclick.net
27	securepubads.g.doubleclick.net	api.adinplay.com securepubads.g.doubleclick.net www.javatips.net www.googletagservices.com
18	assets.bilsyndication.com	biltag.bilsyndication.com www.javatips.net
15	ib.adnxs.com	2 redirects api.adinplay.com assets.bilsyndication.com
13	acdn.adnxs.com	api.adinplay.com assets.bilsyndication.com
11	eu-u.openx.net	2 redirects api.adinplay.com
11	ads.pubmatic.com	api.adinplay.com assets.bilsyndication.com
11	www.javatips.net	www.javatips.net ajax.cloudflare.com assets.bilsyndication.com
10	s.vlistatic.com	assets.bilsyndication.com
10	hbopenbid.pubmatic.com	api.adinplay.com assets.bilsyndication.com
10	pagead2.googlesyndication.com	ajax.cloudflare.com www.javatips.net pagead2.googlesyndication.com api.adinplay.com googleads.g.doubleclick.net
9	www.google.com	3 redirects www.javatips.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.javatips.net api.adinplay.com
9	adinplay-d.openx.net	api.adinplay.com
9	as-sec.casalemedia.com	api.adinplay.com
6	www.googletagservices.com	pagead2.googlesyndication.com www.javatips.net securepubads.g.doubleclick.net googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com
4	ad.zanox.com	2 redirects hal90006.redintelligence.net www.javatips.net
4	ad.doubleclick.net	2 redirects www.javatips.net
4	fonts.gstatic.com	www.javatips.net
4	s3.buysellads.com	www.javatips.net s3.buysellads.com
3	hal90006.redintelligence.net	1 redirects www.javatips.net hal90006.redintelligence.net
3	tags.mathtag.com	api.adinplay.com tags.mathtag.com
3	adservice.google.com	pagead2.googlesyndication.com www.googletagservices.com
3	adservice.google.de	pagead2.googlesyndication.com www.googletagservices.com
3	www.googletagmanager.com	ajax.cloudflare.com biltag.bilsyndication.com
2	sync.adkernel.com	assets.bilsyndication.com
2	sync.go.sonobi.com	assets.bilsyndication.com
2	prebid-server.rubiconproject.com	assets.bilsyndication.com
2	hb.adtelligent.com	assets.bilsyndication.com
2	apex.go.sonobi.com	assets.bilsyndication.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	8019191.fls.doubleclick.net	1 redirects www.javatips.net
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	a3226.casalemedia.com	api.adinplay.com
2	apps.developermedia.com	cdn1.developermedia.com
2	connect.facebook.net	www.javatips.net connect.facebook.net
2	cdn.jsdelivr.net	api.adinplay.com assets.bilsyndication.com
2	api.adinplay.com	ajax.cloudflare.com api.adinplay.com
2	srv.buysellads.com	m.servedby-buysellads.com s3.buysellads.com
1	sync.adtelligent.com
1	eus.rubiconproject.com	assets.bilsyndication.com
1	s0.2mdn.net	www.javatips.net
1	mathid.mathtag.com	www.javatips.net
1	www.awin1.com	www.javatips.net
1	pb.media01.eu	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	www.javatips.net
1	vendorlist.consensu.org	assets.bilsyndication.com
1	logs.bilsyndication.com
1	www.facebook.com	connect.facebook.net
1	staticxx.facebook.com	connect.facebook.net
1	imasdk.googleapis.com	biltag.bilsyndication.com
1	biltag.bilsyndication.com	services.bilsyndication.com
1	cdn1.developermedia.com	www.javatips.net
1	tps.doubleverify.com	www.javatips.net
1	cdn4.buysellads.net	www.javatips.net
1	ajax.googleapis.com	ajax.cloudflare.com
1	services.bilsyndication.com	ajax.cloudflare.com
1	ajax.cloudflare.com	www.javatips.net
1	m.servedby-buysellads.com	www.javatips.net
0	sync.admin.ads.152media.com Failed	assets.bilsyndication.com
315	63

This site contains links to these domains. Also see Links.

Domain
buy.buysellads.com
srv.buysellads.com
en.wikipedia.org
www.buysellads.com
feedburner.google.com
www.facebook.com
www.stumbleupon.com
www.twitter.com
valueimpression.com

Subject Issuer	Validity	Valid
sni28722.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-10` - `2020-06-17`	6 months	crt.sh
*.servedby-buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-18` - `2021-01-17`	2 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-12-05` - `2020-06-12`	6 months	crt.sh
s3.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-29` - `2020-11-28`	a year	crt.sh
*.buysellads.com COMODO RSA Domain Validation Secure Server CA	`2017-04-20` - `2020-06-12`	3 years	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
bilsyndication.com CloudFlare Inc ECC CA-2	`2019-03-01` - `2020-03-01`	a year	crt.sh
adinplay.com CloudFlare Inc ECC CA-2	`2019-09-23` - `2020-09-22`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2019-08-23` - `2021-08-22`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2019-11-05` - `2021-12-13`	2 years	crt.sh
*.developermedia.com Starfield Secure Certificate Authority - G2	`2019-06-20` - `2020-07-14`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-29` - `2020-04-23`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-07-17` - `2020-03-09`	8 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-10-19` - `2020-10-09`	a year	crt.sh
*.casalemedia.com Go Daddy Secure Certificate Authority - G2	`2018-10-12` - `2020-12-13`	2 years	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2018-01-26` - `2020-04-16`	2 years	crt.sh
vendorlist.consensu.org Amazon	`2019-03-06` - `2020-04-06`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-13` - `2020-02-05`	3 months	crt.sh
*.redintelligence.net Go Daddy Secure Certificate Authority - G2	`2019-03-22` - `2020-03-22`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-04-25`	a year	crt.sh
ad.zanox.com Thawte RSA CA 2018	`2019-06-17` - `2021-07-16`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2019-03-22` - `2020-06-20`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
hb.adtelligent.com Let's Encrypt Authority X3	`2019-12-06` - `2020-03-05`	3 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-02-19`	10 months	crt.sh
*.adkernel.com COMODO RSA Domain Validation Secure Server CA	`2017-11-17` - `2021-01-05`	3 years	crt.sh
sync.adtelligent.com Let's Encrypt Authority X3	`2019-10-14` - `2020-01-12`	3 months	crt.sh

This page contains 70 frames:

Primary Page: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Frame ID: B059E92FD92116543396C3C77FA4E344
Requests: 131 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html
Frame ID: 9E60CD534D28E3DDFAA9A577A176017E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7620071422727774&output=html&h=90&slotname=1819399285%2F9077048485&adk=2173735813&adf=3488246220&w=728&lmt=1575366638&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&flash=0&wgl=1&adsid=NT&dt=1576000116884&bpp=22&bdt=462&fdt=97&idt=97&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&correlator=373565717412&frm=20&pv=2&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2336551643326&dssz=36&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=168&ady=4480&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=PUUgUHd1ri&p=https%3A//www.javatips.net&dtd=112
Frame ID: B1B04D8A892398A059D3BA591378A517
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7620071422727774&output=html&h=250&slotname=1819399285%2F6249522925&adk=3978408602&adf=4249943394&w=300&lmt=1575366638&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&flash=0&wgl=1&adsid=NT&dt=1576000117138&bpp=1&bdt=716&fdt=12&idt=12&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&prev_slotnames=1819399285%2F9077048485&correlator=373565717412&frm=20&pv=1&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2852134593397498&dssz=51&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=496&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&xpc=plQbwj6Xy3&p=https%3A//www.javatips.net&dtd=16
Frame ID: 811251428B60BA51343E7ACD74C093B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7620071422727774&output=html&adk=1812271804&adf=3025194257&lmt=1575366638&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576000117174&bpp=11&bdt=751&fdt=12&idt=12&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_slotnames=1819399285%2F9077048485%2C1819399285%2F6249522925&nras=1&correlator=373565717412&frm=20&pv=1&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2852134593397498&dssz=52&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&dtd=17
Frame ID: 1D3AD071A0B7EC79A5CD551BD590C7E5
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 8E3C455BCFC7CFC6E5885174DF10DF81
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d14b056c82e2%26domain%3Dwww.javatips.net%26origin%3Dhttps%253A%252F%252Fwww.javatips.net%252Ff399900f9e8bf7%26relation%3Dparent.parent&container_width=338&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjavatips.net&locale=en_US&sdk=joey&show_facepile=true&small_header=false
Frame ID: 7F56EF2FD616B9C4A80D41DE69DA547C
Requests: 1 HTTP requests in this frame

Frame: https://assets.bilsyndication.com/widget/2019/11/05/1572962788.jpg
Frame ID: 377C3593F071DDE253D484D2D23F32F4
Requests: 10 HTTP requests in this frame

Frame: https://assets.bilsyndication.com/widget/2019/11/05/1572962788.jpg
Frame ID: AEAF481407037E0DB75A256A37E53626
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: AF7C4CA00A418D68E3D2D380FC51E28A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: FD242775A8BD5D95F335769BFC3FAFC3
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: F2BD42CAE94A94AEE47D0C20DC412AF8
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 9291A60E85940267C555B48ABE13B5BC
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqD1a8pjEJY0bsz3gGekLdN8DvpgZ1MVWlc2LVrn1J9W41MRaYt_vGUFGcw_2TVcviJaKMtB-Ib96kiKtZeO9dsiRS01NPTSzAd_iQs0ZsqW6wao8wyw9Ks_bGHIGclYv_PSOFUnEcDH9bh2iat31fsRDSTMnd6Ot_hPmx742sILcpLPsX4_245iOZlQdtE2qBtJ-iCGsH5fBH6_tiYebriHdQMlc54-5D7W3sPfIN4EIXj-EVzbo6fDqWmYzg_699ewI8aLAYCBmf5QuhGzOOF6M&sig=Cg0ArKJSzCQw-rSjwwkbEAE&urlfix=1&adurl=
Frame ID: 3F0DD1B83D8E7888B89B81F670EAE3CE
Requests: 12 HTTP requests in this frame

Frame: https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=1323407&r=4F7FD11A&t=5DEFDA75&u=WGUtYWRMbFFKc01BQUNvRE9QOEFBQUJS&m=0fbf81bfdc1020a7664efbabfa5c2890&wp=11&aid=8A8FCD464D27E538&tid=1516E&s=663E8&cp=0.17&n=www.javatips.net&pr=xx&epr=21ce5226c8e58
Frame ID: A08BA6CB5D7316C46E799F8554B90A85
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 53AF2B1D5A697248552D4496D6C07CA8
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 8B072106F63315B4E65CED724644DE47
Requests: 20 HTTP requests in this frame

Frame: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737&dyn_id=
Frame ID: FADA9851BC70A5B8471AB6E5499E991E
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj1kvrRq-YCFVDydwodb7YIhg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397
Frame ID: 675844E1880B2D260B124C5C76D37DE2
Requests: 1 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=85203300106159901049054011073006&a=95b89cf3
Frame ID: 7CEB78C0880935E7D65457E80D5153F2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: C4C636A99E3504E7EE59673B1A38C136
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 797405C54EA72B70717E09992FAE5FEA
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 2F2B7B89F30CF1757124DA1013561D7C
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: D7F84410F2E426163E8E615FC5FE5964
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js
Frame ID: 314BE5D68F67C2C0EA1819AE57BEE95D
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKVd1xSABTLW7R-8rofJFMApDTP8O1rmRoUzkhp4NUwj5KleKear9sNlvFGCg4XAucIexUC-UgSgsgOk1DI-rOJ5ePfjg9UskZ-r_05humFrJknbmd3jPB70wzFs3jKI6BW8jwejpznn9Xu7mO767EQ8FDpGgJthlHxv2VHYsRt5BsypcXRt3Rm2g2-owNPAj97aEERnsD_mrbgHsuXr-PZ5xDnqb78avp6PLt0qw_tRHCDn_V1HC5dWIsGa3zspMsxqnlR1veCwcRsoGZ7vr8nQ&sig=Cg0ArKJSzDmybErCX6fvEAE&urlfix=1&adurl=
Frame ID: 823819F316FBE62269B18B2A36DA9C62
Requests: 11 HTTP requests in this frame

Frame: https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=15D8F52&r=51C9D0B2&t=5DEFDA78&u=WGUtYWRMbFFKc01BQUNvRE9QOEFBQUJS&m=ef68f10b8c32f784eac56c60a40e642a&wp=B&aid=8A8FCE064D2951DE&tid=1516E&s=663EE&cp=0.11&n=www.javatips.net&pr=xx&epr=72912c2c61a42cb
Frame ID: C201187BDBCB48D9DCF1DFD3A2B5F495
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ3IDPAhiz9f9kMAE&v=APEucNWySxjsiHRuUoN6xU90-63zgbfC8ig32AGatsxUFPnyvXiTtwDb5X9LJSmW5hJ-TmrXzA6HA1nWOZejMN3FXKz7BBLWQw
Frame ID: 49E6F70FDAA1C6FD28A4CB337C5FC892
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 06F5BA638266DCDC9EF8907FA6351266
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-15
Frame ID: 4CFE89EB09F12A611645EB8AE8BF61B2
Requests: 4 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-10
Frame ID: 4588B673BE4316B1EB11B8EB323421C4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 4CE157EAC6118ABF3D145D087B76A5C3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CD3148221EE7583533709694C4C38AC5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 97F9BF0A47BE0C73C1BE472607200867
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9C4601AE77A57795E0C0DCBAE96EDB46
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 405B5AEA7A6F945C7C3CB5D9A30D08C1
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: CB1E55224B9AC1F1AC463C56BA68225C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: 1679D1A82EF2F4D8CFD590436AE79B92
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0BA3222E521CFAD56490BC614CE7C3B0
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: 2F3F1AECFBC7C7D35A882D7C4D4FC92B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: BA7CB8589711C71DE4EBC632112614FD
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: 92C83E39F0BCE081D60885E30EAFFF73
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 05343F7E5D5361907E6114C3E9522817
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: 76EC4E07C58294C2B1C084957018B23C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: B1F74A8585AFE08482602A986A50A1FD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: CEBD4A934BFCFAFABE92D4C69FA1A190
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 40CB4646D5B4F5F0000F22A0FE5F3760
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 8778EB7C65CCCF0C671D31FDE795817F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E4D164D8CBF777767C49A562AA19637E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 94E719D2A9D2AB2C03DFBBE3065C0A2A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: 7E72A586CD6F6454592548F93E223C14
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: 036D1F21112C1984A91CA92DE308B02C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Frame ID: 947F2E4E1D119969FDFA951FB124EB5D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E63793CCB64F72E03825B6026F9B1434
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7231A46FE8711A54BBCB53D7EFBC683E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 08E5BB07B2D25C6A2A1EF7790C4E51A5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FCBAC34DAD513C04D8D6B96B74850A32
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 485CA47EBE39186D4E7E11EBAA868763
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 8C326FE26D59A115D48F3B6CBF0B1BD7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: BD70B4FE8150E2FEDB6C3A82C57082B7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B6869CE0784205A65A6A4DF3884CAD79
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 98DE29B59809DFF091481A922C1ACA64
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: EB910F16C0EFDA1184EEA11D8C2C3BB0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: C6A110A88C2C76CE16FC06AEB0FC4DD4
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 0F321E9B9B16BBBD1E2F3C731F209E4D
Requests: 1 HTTP requests in this frame

Frame: https://sync.admin.ads.152media.com/csync?t=a&ep=292298&extuid=%%EXTERNAL_COOKIE_ID%%
Frame ID: D08868E2E08810327A218D3425521723
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9D1B277468C477466DB81324732D8216
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=81350&r={uid}
Frame ID: 2597428C219AA162B008F3B692F4F6B7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=81350&r={uid}
Frame ID: 5C5CE99B2AE941D4D4A6E8C2BA88A234
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: FD339EC13DBC1E6CCBD11DCD629B0D2F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

315
Requests

99 %
HTTPS

41 %
IPv6

39
Domains

63
Subdomains

54
IPs

9
Countries

8671 kB
Transfer

13680 kB
Size

8
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://buy.buysellads.com/checkout/new/?utm_source=javatips-net-sticky-box&utm_medium=ad_via_link&utm_campaign=in_unit&utm_term=stickybox
Title: ad

Search URL Search Domain Scan URL

URL: https://srv.buysellads.com/ads/click/x/GTND42QUCWAILK3NC6ALYKQMCABIKKQMCV7DPZ3JCWSIP2Q7CVAIK23KC6BI52Q7F6SI6K3EHJNCLSIZ?segment=placement:javatipsnet;
Title: IBMBuild once. Deploy anywhere. Easily automate workloads with a no-code platform.

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Cross-site_scripting
Title: Cross-site scripting

Search URL Search Domain Scan URL

URL: https://srv.buysellads.com/ads/click/x/GTND42QUCWAILKQMCEALYKQMCABILKQ7CKBICZ3JCWSIP53JCK7DC53KC6BI52Q7F6SI6K3EHJNCLSIZ
Title:

Search URL Search Domain Scan URL

URL: http://www.buysellads.com/buy/detail/284493/zone/1307695?utm_source=site_284493&utm_medium=website&utm_campaign=imagetext&utm_content=zone_1307695
Title: ads by BSA

Search URL Search Domain Scan URL

URL: https://feedburner.google.com/fb/a/mailverify?uri=javatipsfeed
Title: Email

Search URL Search Domain Scan URL

URL: https://www.facebook.com/javatips.net
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.stumbleupon.com/stumbler/javatipsadmin
Title: StumbleUpon

Search URL Search Domain Scan URL

URL: https://www.twitter.com/java_tips
Title: Twitter

Search URL Search Domain Scan URL

URL: https://valueimpression.com/?ref=www.javatips.net

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://ad.doubleclick.net/ddm/trackimpj/N1114924.3227239CARBONADS/B23173126.255201231;dc_trk_aid=450989496;dc_trk_cid=121246219;ord=1576000116;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimpj/N1114924.3227239CARBONADS/B23173126.255201231;dc_pre=COGU_PjRq-YCFRTJdwodcJsH2A;dc_trk_aid=450989496;dc_trk_cid=121246219;ord=1576000116;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 140

https://hal90006.redintelligence.net/request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7828559610683253%26mt_id%3D6864055%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3Db5315def-da76-4901-a9d3-5f63226a0bfb%26redirect%3D&documentReferer=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ancestorOrigins=https%3A%2F%2Fwww.javatips.net&random=1307182566722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90006.redintelligence.net/request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7828559610683253%26mt_id%3D6864055%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3Db5315def-da76-4901-a9d3-5f63226a0bfb%26redirect%3D&documentReferer=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ancestorOrigins=https%3A%2F%2Fwww.javatips.net&random=1307182566722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 169

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255033249;dc_trk_aid=450834204;dc_trk_cid=121095123;ord=1080040402;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255033249;dc_pre=CMiXj_rRq-YCFUS8dwodhq8E6w;dc_trk_aid=450834204;dc_trk_cid=121095123;ord=1080040402;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 171

https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=85203300106159901049054011073006 HTTP 302
https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737&dt_subid2=&actionid=879111&produktid=postbankratenkredit&dt_url=https%3A%2F%2Fad.zanox.com%2Fppv%2Fimages%2Fonepixel.gif%3Ffoo%3D45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737 HTTP 301
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737&dyn_id=

Request Chain 172

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj1kvrRq-YCFVDydwodb7YIhg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397

Request Chain 175

https://ad.zanox.com/ppv/?45475836C666538628&zpar0=85203300106159901049054011073006 HTTP 302
https://ad.zanox.com/ppv/images/onepixel.gif

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 213

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 288

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1

Request Chain 289

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1

Request Chain 322

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285868%26extuid%3D%24UID HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D285868%2526extuid%253D%2524UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=285868&extuid=2730550440915030665

315 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request anti-cross-site-scripting-xss-for-java-web-application Show response
www.javatips.net/blog/ 87 KB
9 KB 439ms
359ms Document
text/html 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2869013d4fa068216ba5975d985b6677b0e7d356c8738756da25a7daf4a458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.javatips.net
:scheme: https
:path: /blog/anti-cross-site-scripting-xss-for-java-web-application
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Tue, 10 Dec 2019 17:48:36 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=dabfeea4a80116b89e71dd013f077ac751576000116; expires=Thu, 09-Jan-20 17:48:36 GMT; path=/; domain=.javatips.net; HttpOnly; Secure
vary: Accept-Encoding
last-modified: Tue, 03 Dec 2019 09:50:38 GMT
expires: Thu, 09 Jan 2020 17:48:36 GMT
cache-control: max-age=2592000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 54310cf56d6fcbc4-VIE
content-encoding: br

GET
H2 200 style.css
www.javatips.net/themes/imby/css/ 85 KB
16 KB 34ms
30ms Stylesheet
text/css 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.javatips.net/themes/imby/css/style.css

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b7dcb978d90b3e3ed1c4cc33a14870622e9340f8672e526e3edbfc25a97d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1156580
cf-polished: origSize=86865
status: 200
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Sun, 20 Oct 2019 16:40:26 GMT
server: cloudflare
etag: W/"86865-1571589626000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 54310cf7bdebcbc4-VIE
expires: Fri, 27 Dec 2019 08:32:16 GMT

GET
H/1.1 200
OK monetization.js Show response
m.servedby-buysellads.com/ 55 KB
15 KB 31ms
11ms Script
application/javascript 108.161.189.78
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://m.servedby-buysellads.com/monetization.js
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.161.189.78 , United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 7e7b17e13dd03d519f88050a16ef4f3b50a9bf25f889c949d4376436db40323c

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Nov 2019 17:07:23 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: C147F8522CC4EF51
ETag: W/"f1e37f26673275e6067c026e595b148f"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
x-amz-id-2: Scvhz/INPdqLBRjfdmIDoyPYwr0ra9nsE5pkB8ls7d0OjHgNjp5qdhrpzePZ3h7dK9cBS/JZWGc=
Expires: Wed, 11 Dec 2019 17:48:36 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 22ms
17ms Script
application/javascript 2606:4700::6811:4004
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 13:30:24 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5de7b4f0-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 54310cf7cd01cbc8-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Thu, 12 Dec 2019 17:48:36 GMT

GET
H/1.1 200
OK bsa.js Show response
s3.buysellads.com/ac/ 19 KB
8 KB 72ms
15ms Script
application/javascript 23.111.9.22
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.buysellads.com/ac/bsa.js
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.22 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1ff5c8042a24f2d373e46c2a3e7f6ddcc7819cf5e5e7a79ac98106219ee39ca3

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2016 18:53:47 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 89C170D683AA612E
ETag: W/"f6b33c51e637efde46d89be5413fab46"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: public, max-age=3600
Connection: keep-alive
x-amz-id-2: ERNtoZOi3/zgyuMSjg1JCgEbcG1TzVjMF+MOWjFQtzRKvqR3ueQfXlVW6Lo9HRhY65H5JAbRwJY=

GET
H/1.1 200
OK CKYICK3U.json Show response
srv.buysellads.com/ads/ 2 KB
1 KB 74ms
37ms Script
application/javascript 68.183.0.10
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CKYICK3U.json?callback=_bsa_go&segment=placement:javatipsnet
Requested by: Host: m.servedby-buysellads.com
URL: https://m.servedby-buysellads.com/monetization.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.183.0.10 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS: srv-eu-nl-12.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 46cda9d688feb40ed03c8cea164fc77d056f7df50064663c13cf76a12443308b

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:36 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 1225
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H2 200 social.png
www.javatips.net/static/images/ 12 KB
12 KB 18ms
17ms Image
image/png 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.javatips.net/static/images/social.png

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

42d6249cf9f7cbbd83a7d235229e1463511e75b0a712db611414e32826b5641e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/themes/imby/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1156580
status: 200
vary: Accept-Encoding
content-length: 12397
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Jun 2016 22:12:39 GMT
server: cloudflare
etag: W/"12397-1465337559000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310cf81f8ccbc4-VIE
expires: Fri, 27 Dec 2019 08:32:16 GMT

GET
H2 200 next-previous.png
www.javatips.net/static/images/ 4 KB
4 KB 27ms
27ms Image
image/png 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.javatips.net/static/images/next-previous.png

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2b9caea392fe59a10d402aff241e8ef6f5762ef5aa9ebc2a100bfd62c8939ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/themes/imby/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13610
status: 200
vary: Accept-Encoding
content-length: 3607
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Feb 2016 06:36:29 GMT
server: cloudflare
etag: W/"3607-1454654189000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310cf82fcbcbc4-VIE
expires: Thu, 09 Jan 2020 14:01:46 GMT

GET
H2 200 related.png
www.javatips.net/static/images/ 10 KB
10 KB 18ms
18ms Image
image/png 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.javatips.net/static/images/related.png

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b417aa4fcb67de2345e359f2526dc4c271e72b1179e6d4b8a55356fa86290e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/themes/imby/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 398564
status: 200
vary: Accept-Encoding
content-length: 10340
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Jun 2016 19:33:21 GMT
server: cloudflare
etag: W/"10340-1465328001000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310cf82fcecbc4-VIE
expires: Sun, 05 Jan 2020 03:05:52 GMT

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/opensans/v10/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v10/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/themes/imby/css/style.css
Origin: https://www.javatips.net

Response headers

date: Thu, 21 Nov 2019 04:08:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Aug 2014 18:06:58 GMT
server: sffe
age: 1690830
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 15556
x-xss-protection: 0
expires: Fri, 20 Nov 2020 04:08:06 GMT

GET
H2 200 popular.png
www.javatips.net/static/images/ 45 KB
45 KB 17ms
17ms Image
image/png 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.javatips.net/static/images/popular.png

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3f25f3f372548a6d8bfe0e4c06ca3bbf82f5da658908608736585c098308170

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/themes/imby/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 398564
status: 200
vary: Accept-Encoding
content-length: 45937
x-xss-protection: 1; mode=block
last-modified: Sun, 06 Aug 2017 15:06:25 GMT
server: cloudflare
etag: W/"45937-1502031985000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310cf83fdacbc4-VIE
expires: Sun, 05 Jan 2020 03:05:52 GMT

GET
H2 200 LQ7WLTaITDg4OSRuOZCps_k_vArhqVIZ0nv9q090hN8.woff2
fonts.gstatic.com/s/breeserif/v5/ 10 KB
10 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/breeserif/v5/LQ7WLTaITDg4OSRuOZCps_k_vArhqVIZ0nv9q090hN8.woff2

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

719cc065a6de7c9959a8fa8fcc3b72d80c98fddea3dfcb95060d2070acd5c853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/themes/imby/css/style.css
Origin: https://www.javatips.net

Response headers

date: Thu, 21 Nov 2019 15:09:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Aug 2014 20:41:06 GMT
server: sffe
age: 1651119
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10172
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:09:57 GMT

GET
H2 200 fontawesome-webfont.woff
www.javatips.net/blog/resource/font/ 43 KB
43 KB 20ms
18ms Font
application/x-font-woff 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.javatips.net/blog/resource/font/fontawesome-webfont.woff

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/themes/imby/css/style.css
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 262667
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 03 Jul 2014 15:44:16 GMT
server: cloudflare
etag: mobile
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff
cache-control: max-age=31536000
cf-ray: 54310cf83ff4cbc4-VIE
expires: Mon, 06 Jan 2020 16:50:49 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 78 KB
29 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6979ca0c032a991062e094e3378d05e0d998877a89daf72408c4494a03143b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29438
x-xss-protection: 0
server: cafe
etag: 4008456307988241172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Dec 2019 17:48:36 GMT

GET
H2 200 roller.js Show response
www.javatips.net/theme/scripts/ 4 KB
1 KB 22ms
20ms Script
application/javascript 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.javatips.net/theme/scripts/roller.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

94d096f8370c356670bfc69b6353f6c1a64d7ebec2eceae713d26420eccf3337

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13611
cf-polished: origSize=6644
status: 200
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Jun 2016 21:44:57 GMT
server: cloudflare
etag: W/"6644-1465335897000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 54310cf888f1cbc4-VIE
expires: Thu, 09 Jan 2020 14:01:45 GMT

GET
H2 200 clientSideInclude.js Show response
www.javatips.net/theme/scripts/ 745 B
484 B 26ms
24ms Script
application/javascript 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.javatips.net/theme/scripts/clientSideInclude.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ec2d32be674edaa0412f7efb69f7d316a52b3cb7445f68976b83415b81d6ca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13610
cf-polished: origSize=2209
status: 200
cf-bgj: minify
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Sep 2010 22:04:36 GMT
server: cloudflare
etag: W/"2209-1284761076000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 54310cf888f4cbc4-VIE
expires: Thu, 09 Jan 2020 14:01:45 GMT

GET
H2 200 / Show response
services.bilsyndication.com/adv1/ 274 B
520 B 268ms
142ms Script
application/javascript 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://services.bilsyndication.com/adv1/?d=1417
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fd91b33be34a22c107036bd473a8d0f7ce874aecef8302e10323d4c1fbd93f7

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-sv: 67.58
content-type: application/javascript
status: 200
cache-control: no-cache, no-store, must-revalidate
cf-ray: 54310cf949dfcbcc-VIE
alt-svc: h3-23=":443"; ma=86400

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/ 295 KB
87 KB 150ms
25ms Script
application/javascript 2606:4700:20::6819:210f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:210f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd0b226974c146b35d395779e177f649e7253b8426071b7c0953fa9331795c4f

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1839247
status: 200
last-modified: Tue, 19 Nov 2019 10:52:51 GMT
server: cloudflare
etag: W/"49a4e-597b0dd9ee9fd-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-server: php-adinplay-1
access-control-allow-credentials: true
cf-ray: 54310cf94e93cbbc-VIE
x-lb: lb-1.ad

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-22006649-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd9ecaa7415ad3dc9c3ff5c4ebd9c2ce74610bdc8f58d737359b28c37a4dd756

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: br
last-modified: Tue, 10 Dec 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27664
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:36 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 03:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1606573
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 Nov 2020 03:32:23 GMT

GET
H/1.1 200
OK s_5f91d38c01322ddae8c8dc60e63839b6.js Show response
s3.buysellads.com/r/ 1 KB
1 KB 21ms
13ms Script
application/javascript 23.111.9.22
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.buysellads.com/r/s_5f91d38c01322ddae8c8dc60e63839b6.js?v=1575997200000
Requested by: Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/bsa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.22 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a63f5ead8a36b3d6c18e56d32415052944f53b367b1cc2372327208448d3afd2

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:36 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Jul 2019 06:45:03 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 5DF419C301EF303F
ETag: W/"b1f55f1c0c60966f456364b2a168f797"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Connection: keep-alive
x-amz-id-2: iWaYVDKjWQ4Txw0abktkN82LIuaci5S/p5FpXHdq2CkkQSYjcyRcSHCFfYOK0ngIgYDnU6kuqiU=

GET
H2 200 1570556790-IBM-icon.png
cdn4.buysellads.net/uu/1/53660/ 758 B
1 KB 94ms
5ms Image
image/png 94.31.29.32
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/uu/1/53660/1570556790-IBM-icon.png
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 , United Kingdom, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a14f21fbad2d0b40ebd699e67795df284ffa4e6e46199d84c5ff3bdef7568327

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
last-modified: Tue, 08 Oct 2019 17:46:31 GMT
server: NetDNA-cache/2.2
x-amz-request-id: AFBF2EA2000C9D60
etag: "793bc2bb613a4afbea09e189be4689f3"
x-cache: HIT
content-type: image/png
status: 200
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 758
x-amz-id-2: r1mOUTi1+j1ik/kKGFCQy4G8s3qVz6RMMPaxUF3oybB/K5PiSZrWEV5NbyaLP0HFoVilbyNa/yk=
expires: Fri, 04 Dec 2020 17:48:36 GMT

GET
H2

200

B23173126.255201231;dc_pre=COGU_PjRq-YCFRTJdwodcJsH2A;dc_trk_aid=450989496;dc_trk_cid=121246219;ord=1576000116;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimpj/N1114924.3227239CARBONADS/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimpj/N1114924.3227239CARBONADS/B23173126.255201231;dc_trk_aid=450989496;dc_trk_cid=121246219;ord=1576000116;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
https://ad.doubleclick.net/ddm/trackimpj/N1114924.3227239CARBONADS/B23173126.255201231;dc_pre=COGU_PjRq-YCFRTJdwodcJsH2A;dc_trk_aid=450989496;dc_trk_cid=121246219;ord=1576000116;dc_lat=;dc_rdid=;ta...

12 KB
12 KB

54ms
54ms

Image
text/javascript

172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimpj/N1114924.3227239CARBONADS/B23173126.255201231;dc_pre=COGU_PjRq-YCFRTJdwodcJsH2A;dc_trk_aid=450989496;dc_trk_cid=121246219;ord=1576000116;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7353
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimpj/N1114924.3227239CARBONADS/B23173126.255201231;dc_pre=COGU_PjRq-YCFRTJdwodcJsH2A;dc_trk_aid=450989496;dc_trk_cid=121246219;ord=1576000116;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.jpg
tps.doubleverify.com/ 305 B
440 B 74ms
52ms Image
image/jpeg 213.254.244.19
DoubleVerify

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=2968086&cmp=23173126&sid=5392159&plc=255201231&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.254.244.19 , Ireland, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:36 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/jpeg
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 12/9/2019 5:48:36 PM

GET
H/1.1 200
OK pro.js Show response
s3.buysellads.com/ac/ 8 KB
4 KB 54ms
54ms Script
application/javascript 23.111.9.22
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.buysellads.com/ac/pro.js
Requested by: Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/bsa.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.22 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 86a2b0cd69afae8f700d7b2ab69f408f1db709d72567e5e994e0bf2efa18ed84

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Oct 2016 18:54:42 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 0C0DC401E377B18B
ETag: W/"49e214d59c291a52de5e3289201f10ec"
Transfer-Encoding: chunked
X-Cache: HIT
Content-Type: application/javascript
Cache-Control: public, max-age=3600
Connection: keep-alive
x-amz-id-2: MVbCe791oVDff6CQRyoZbFpm/DrqY/2/jexhBWLG9/NnNRtnyD8ytEsK+1ZveNulNShKZDGSFoY=

GET
H/1.1 200
OK / Show response
srv.buysellads.com/ads/get/ids/CKYD5K3J/ 3 KB
1 KB 22ms
22ms Script
application/javascript 68.183.0.10
DigitalOcean

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/get/ids/CKYD5K3J/?r=1575997200000
Requested by: Host: s3.buysellads.com
URL: https://s3.buysellads.com/ac/pro.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.183.0.10 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS: srv-eu-nl-12.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 1ca0f8022395d1ac1e94f3ec7135e386ae64a5ee33b58213605ed8199ee40851

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:36 GMT
Content-Encoding: gzip
Server: //srv.buysellads.com
Content-Length: 1078
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK fd2274ef832b4268748f278006544f59-1549541753.jpeg
s3.buysellads.com/creatives/ 38 KB
38 KB 14ms
14ms Image
image/jpeg 23.111.9.22
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.buysellads.com/creatives/fd2274ef832b4268748f278006544f59-1549541753.jpeg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.22 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 334ffbd70e7fa6c0ff2c9fbe7103e7ac09c9caec2689d4262c9126a0e24d7e94

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:36 GMT
Last-Modified: Thu, 07 Feb 2019 12:15:54 GMT
Server: NetDNA-cache/2.2
x-amz-request-id: 797EB09F4F34D805
ETag: "939324dcc8361fb1848562baf5aa536b"
X-Cache: HIT
Content-Type: image/jpeg
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38587
x-amz-id-2: aIHMAbZX6CTow2BSGDCaeMnx6Ku83o4iRtguQXZfJZjnDS1pWD+GcAULs9jHYxuDs4ND0ytoWiw=

GET
H/1.1 200
OK a.min.js Show response
cdn1.developermedia.com/ 28 KB
9 KB 523ms
96ms Script
application/javascript 76.74.234.208
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.developermedia.com/a.min.js
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 66c79d88a8fc51f10536e446ebc6cfb5adbae95cbb338f3242210f21b6ba89ec

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:47:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 03 Sep 2019 14:47:04 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0e46c736662d51:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 9180

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 41ms
21ms Fetch
text/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 2693738113432697870
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: private, max-age=3600
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:36 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 51 KB
16 KB 81ms
81ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

6d8219343860deacf591add0184407f74235ee7f024b013845e543931b81f1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "362 / 170 of 1000 / last-modified: 1575920697"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15832
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:36 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
1 KB 35ms
6ms XHR
application/json 2a04:4e42:3::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20191210

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6284026b6e51c43710cf17741eebfa10b5fd253fbbf64682c95836aebd4787c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
content-length: 735
etag: W/"535-jkHfHVzUJmcdlWMlU7VkwohojsI"
x-served-by: cache-ams21028-AMS, cache-fra19183-FRA
date: Tue, 10 Dec 2019 17:48:36 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
130 B 19ms
19ms Script
application/javascript 2606:4700:20::6819:210f
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:210f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
cf-cache-status: HIT
age: 527034
status: 200
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "10-569081a45f340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-server: php-adinplay-1
accept-ranges: bytes
cf-ray: 54310cfa8a2dcbbc-VIE
access-control-allow-credentials: true
x-lb: lb-1.ad

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 200ms
121ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
905 B 178ms
100ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418720&v=7.2&r=%7B%22id%22%3A%2237ae9bae4cab68%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2242335cc59b526e%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418720%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d078c8df212cea7d057c49661b697672afa1f9d907c9d3e8f90dc2e36240799e

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Tue, 10 Dec 2019 17:48:37 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 110ms
37ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3a4e001007388631acfd6009a9a584d5022e67d82d6ed942bf88ec152deceb16

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:38 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.176:80
AN-X-Request-Uuid: c032042e-f39d-4f13-841e-df083b65a9e1
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 172 B
417 B 69ms
58ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=2ee18789-aca3-4334-81cb-c0b073c63d00&nocache=1576000116882&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=728x90&divIds=javatips-net_728x90&auid=540543788&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: 3011b91d4590dcebbe8b8387c12087ec08e8c235bfe767225c3f858838f3c571

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:36 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.javatips.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 56ms
56ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.javatips.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/ 225 KB
85 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86385
x-xss-protection: 0
server: cafe
etag: 4513681422076315165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 10 Dec 2019 17:48:36 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/ Frame 9E60 0
0 8ms
5ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20191205/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20191205/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkc7zgkOo3KhHjO27ImIp9m57Z-guB5oW3n-lSFrNLXmv9AK7vxPLz6mrbp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 05 Dec 2019 17:43:23 GMT
expires: Thu, 19 Dec 2019 17:43:23 GMT
content-type: text/html; charset=UTF-8
etag: 13309989325511048345
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6574
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 432313
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-22006649-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4499
date: Tue, 10 Dec 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 10 Dec 2019 18:33:37 GMT

GET
H2 200 pubads_impl_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ 166 KB
61 KB 39ms
39ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

f93d1d7d700f850328abfcc87e394dfb26fe1183249925434f8870fba994bc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62423
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:36 GMT

GET
H2 200 CommentAuthenticatorServlet Show response
www.javatips.net/ 95 B
238 B 185ms
184ms XHR
text/html 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://www.javatips.net/CommentAuthenticatorServlet

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/theme/scripts/clientSideInclude.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916eda0640d093fbae757ed613268f5e16caa4d510f12eed506f8cdc2b24fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html;charset=utf-8
status: 200
cache-control: max-age=2592000
cf-ray: 54310cfb2a15cbc4-VIE
x-xss-protection: 1; mode=block
expires: Thu, 09 Jan 2020 17:48:37 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 78 KB
29 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6979ca0c032a991062e094e3378d05e0d998877a89daf72408c4494a03143b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29438
x-xss-protection: 0
server: cafe
etag: 4008456307988241172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Dec 2019 17:48:36 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame B1B0 0
0 256ms
256ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7620071422727774&output=html&h=90&slotname=1819399285%2F9077048485&adk=2173735813&adf=3488246220&w=728&lmt=1575366638&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&flash=0&wgl=1&adsid=NT&dt=1576000116884&bpp=22&bdt=462&fdt=97&idt=97&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&correlator=373565717412&frm=20&pv=2&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2336551643326&dssz=36&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=168&ady=4480&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=PUUgUHd1ri&p=https%3A//www.javatips.net&dtd=112

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7620071422727774&output=html&h=90&slotname=1819399285%2F9077048485&adk=2173735813&adf=3488246220&w=728&lmt=1575366638&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&flash=0&wgl=1&adsid=NT&dt=1576000116884&bpp=22&bdt=462&fdt=97&idt=97&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&correlator=373565717412&frm=20&pv=2&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2336551643326&dssz=36&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=168&ady=4480&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=PUUgUHd1ri&p=https%3A//www.javatips.net&dtd=112
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkc7zgkOo3KhHjO27ImIp9m57Z-guB5oW3n-lSFrNLXmv9AK7vxPLz6mrbp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 10 Dec 2019 17:48:37 GMT
server: cafe
content-length: 23758
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 78 KB
29 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
110 B 14ms
13ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=670754053&t=pageview&_s=1&dl=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ul=en-us&de=UTF-8&dt=Anti%20Cross-Site%20Scripting%20(XSS)%20For%20Java%20Web%20Application&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IAhAAUAB~&jid=683554015&gjid=1848915232&cid=1851485985.1576000117&tid=UA-22006649-1&_gid=1484984055.1576000117&_r=1&gtm=2ouav9&z=96297867

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 78 KB
29 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

6979ca0c032a991062e094e3378d05e0d998877a89daf72408c4494a03143b64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29438
x-xss-protection: 0
server: cafe
etag: 4008456307988241172
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
24 KB 270ms
270ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=2588504505037650&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_728x90&sz=728x90&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000117117&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=195&ady=65&adk=473198061&uci=1&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=41&icsg=150083694928634&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=897x4495&msz=847x90&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=1250

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

077fecb4da3f2ae0721875edad7995d12f610b550b9b45817a34975aa44fdc7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24198
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
24 KB 42ms
42ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

1008ae8c93c140845bf5bfa6d0c6e0a048ff8906a4fa0081196fd99f1613f65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24817
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 107ms
107ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 37ms
37ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

7cb2b5dd8e78acc08ecf4d14332f6b71c16f9c95e77320be78c7b0a8eefedb1b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:39 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.22:80
AN-X-Request-Uuid: 999bec8b-301d-4cfc-b7b7-23a630fc1260
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 173 B
361 B 27ms
27ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=daa8c20b-0c45-422b-863b-8306f6a608f2&nocache=1576000117130&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=300x250&divIds=javatips-net_300x250_article&auid=540543790&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: 5404c9b01a8e91b2c523281402df411f80baba759a2d79548c86d7ddf0f045c8

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:37 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
998 B 145ms
120ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418795&v=7.2&r=%7B%22id%22%3A%22152e27c72fa547e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2216d31779dc565%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418795%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 62ae6d21f029f243f7c5b8a71c096e21d70f4d87c3cba15b77426dfcc1caafc5

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

abc961527d48d1d2975bcbf7fcb1cb8db639e00287a85404f400c67546084111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: tejSTY4jHD4RaCzNT25g7A==
status: 200
date: Tue, 10 Dec 2019 17:48:37 GMT
expires: Tue, 10 Dec 2019 17:55:48 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1780
x-fb-debug: FPGVItn8jes61bWJDtwk+SaWDND7bXHYpiy7aWcd0nZPpKlNIRqZ7wUwOIJpINhfEGZUlnMZWnL/4iWLku91iw==
x-fb-trip-id: 2070832261
x-fb-content-md5: 82341ae951cd4dd57f32c1ca8c60920a
etag: "000d1765f6ff61d05385c51f48b72794"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 104 KB
37 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

42835eddfccf126c4f65091c377c206334c2fb2838212d01965298cd4599b39f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37911
x-xss-protection: 0
server: cafe
etag: 2693738113432697870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 / Show response
biltag.bilsyndication.com/jsv1/1575971444/ 194 KB
49 KB 23ms
21ms Script
application/javascript 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Requested by: Host: services.bilsyndication.com
URL: https://services.bilsyndication.com/adv1/?d=1417
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a9d6131b94e25a36366e61eb13b147c12121c778cf1c583c0074a3bc37f5278

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 25267
cf-polished: origSize=199588
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
x-sv: 67.58
cache-control: public, max-age=16070400
cf-ray: 54310cfc3bcccbcc-VIE
alt-svc: h3-23=":443"; ma=86400

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 8112 0
0 162ms
161ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7620071422727774&output=html&h=250&slotname=1819399285%2F6249522925&adk=3978408602&adf=4249943394&w=300&lmt=1575366638&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&flash=0&wgl=1&adsid=NT&dt=1576000117138&bpp=1&bdt=716&fdt=12&idt=12&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&prev_slotnames=1819399285%2F9077048485&correlator=373565717412&frm=20&pv=1&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2852134593397498&dssz=51&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=496&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&xpc=plQbwj6Xy3&p=https%3A//www.javatips.net&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7620071422727774&output=html&h=250&slotname=1819399285%2F6249522925&adk=3978408602&adf=4249943394&w=300&lmt=1575366638&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&flash=0&wgl=1&adsid=NT&dt=1576000117138&bpp=1&bdt=716&fdt=12&idt=12&shv=r20191205&cbv=r20190131&saldr=sa&abxe=1&prev_slotnames=1819399285%2F9077048485&correlator=373565717412&frm=20&pv=1&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2852134593397498&dssz=51&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1076&ady=496&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&xpc=plQbwj6Xy3&p=https%3A//www.javatips.net&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkc7zgkOo3KhHjO27ImIp9m57Z-guB5oW3n-lSFrNLXmv9AK7vxPLz6mrbp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 10 Dec 2019 17:48:37 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
58 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=318196a7f5851cd8055eac6da0d36f14&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

6fcf4c3d6c3d6f1900858ac6c9e70024d329e65b3586a17e070b26aeb5c53bbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: U4vM8UhjgIfYm7rB3UvA2w==
status: 200
date: Tue, 10 Dec 2019 17:48:37 GMT
expires: Wed, 09 Dec 2020 16:27:12 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59318
x-fb-debug: O6C4x5F3iG+zFCBZrCrtZl/Wl+dE6zBPmeskZm4JWid1864CouzuqqK7mqJ7FtCTIF/1DB2iW9WydBLs7URWog==
x-fb-trip-id: 975780461
x-fb-content-md5: 8cf4734d39864b66c775872ef30024d5
etag: "c94bc48a19cbe06dbfa856996495fbd5"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1D3A 0
0 22ms
22ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7620071422727774&output=html&adk=1812271804&adf=3025194257&lmt=1575366638&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576000117174&bpp=11&bdt=751&fdt=12&idt=12&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_slotnames=1819399285%2F9077048485%2C1819399285%2F6249522925&nras=1&correlator=373565717412&frm=20&pv=1&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2852134593397498&dssz=52&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&dtd=17

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20191205/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7620071422727774&output=html&adk=1812271804&adf=3025194257&lmt=1575366638&plat=1%3A32776%2C2%3A16809992%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C30%3A1081344%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1576000117174&bpp=11&bdt=751&fdt=12&idt=12&shv=r20191205&cbv=r20190131&saldr=aa&abxe=1&prev_slotnames=1819399285%2F9077048485%2C1819399285%2F6249522925&nras=1&correlator=373565717412&frm=20&pv=1&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&ga_fc=0&iag=0&icsg=2852134593397498&dssz=52&mdo=0&mso=2097152&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21065126&oid=3&pvsid=3137690875935645&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&ifi=4&uci=a!4&fsb=1&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkc7zgkOo3KhHjO27ImIp9m57Z-guB5oW3n-lSFrNLXmv9AK7vxPLz6mrbp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Dec 2019 17:48:37 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 cmp.complete.bundle.js Show response
assets.bilsyndication.com/plugins/cmpv2/ 175 KB
42 KB 40ms
25ms Script
application/javascript 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bilsyndication.com/plugins/cmpv2/cmp.complete.bundle.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac7e040c9b4361bc6f582798fa84bae6af18b4d166825fe2eb4011148e4f625

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 1160162
cf-polished: origSize=179254
status: 200
cf-bgj: minify
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-2bc36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 54310cfcbd8ecbcc-VIE
expires: Wed, 27 Nov 2019 08:02:34 GMT

GET
H2 200 prebid-v2.44.0.js Show response
assets.bilsyndication.com/prebid/default/ 315 KB
92 KB 35ms
21ms Script
application/javascript 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: de05272ab91415a63d0f5185dee90f60e48bb38f99db3e4f18f81589f6a56e43

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 473924
cf-polished: origSize=322670
status: 200
cf-bgj: minify
alt-svc: h3-23=":443"; ma=86400
last-modified: Thu, 05 Dec 2019 06:09:47 GMT
server: cloudflare
etag: W/"5de89f2b-4ec6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 54310cfcbd8fcbcc-VIE
expires: Thu, 05 Dec 2019 06:39:53 GMT

GET
H2 200 viPlayer_v25.js Show response
assets.bilsyndication.com/plugins/vlPlayer/min/ 10 KB
3 KB 36ms
21ms Script
application/javascript 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bilsyndication.com/plugins/vlPlayer/min/viPlayer_v25.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0904409f11a37a5fc0c136b8f023ca69fba5f22cb388018398cce65a13ca740

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
age: 918866
cf-polished: origSize=10045
status: 200
cf-bgj: minify
alt-svc: h3-23=":443"; ma=86400
last-modified: Fri, 01 Nov 2019 17:50:03 GMT
server: cloudflare
etag: W/"5dbc704b-273d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 54310cfcbd90cbcc-VIE
expires: Sat, 30 Nov 2019 03:04:11 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 267 KB
91 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0f2756cf2cd474375aa3bbbec452aabc1c016c3379bc8198710b41a02fc8faec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 92689
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 sf_host.min.js Show response
assets.bilsyndication.com/plugins/safeframe/src/js/ 38 KB
16 KB 36ms
23ms Script
application/javascript 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bilsyndication.com/plugins/safeframe/src/js/sf_host.min.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 1160172
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=16070400
cf-ray: 54310cfcbd92cbcc-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Wed, 27 Nov 2019 08:02:25 GMT

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 8E3C 0
0 6ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=318196a7f5851cd8055eac6da0d36f14&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Tue, 08 Dec 2020 21:49:54 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: kZ/GuRJdqGvDu3ofckQauUDzPV3ezdPlHPAOp1/+2MPToPHDHJNq9nPZowWagnJfQp/F3mm81BkxVBFFTUpwjA==
content-length: 12348
x-fb-trip-id: 2070832261
date: Tue, 10 Dec 2019 17:48:37 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 page.php
www.facebook.com/v2.5/plugins/ Frame 7F56 0
0 193ms
174ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d14b056c82e2%26domain%3Dwww.javatips.net%26origin%3Dhttps%253A%252F%252Fwww.javatips.net%252Ff399900f9e8bf7%26relation%3Dparent.parent&container_width=338&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjavatips.net&locale=en_US&sdk=joey&show_facepile=true&small_header=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=318196a7f5851cd8055eac6da0d36f14&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.5/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter.php%3Fversion%3D44%23cb%3Df2d14b056c82e2%26domain%3Dwww.javatips.net%26origin%3Dhttps%253A%252F%252Fwww.javatips.net%252Ff399900f9e8bf7%26relation%3Dparent.parent&container_width=338&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fjavatips.net&locale=en_US&sdk=joey&show_facepile=true&small_header=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v2.11
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: QZ6XvVcV6MwVQcTHBiwGChAbG6wSjek7LQlz5v9/J3PopENwbUfUONZ5mh3pZioL/1WaxTFDjfJLmoLTDpNQlQ==
date: Tue, 10 Dec 2019 17:48:37 GMT
alt-svc: h3-24=":443"; ma=3600

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
24 KB 293ms
293ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=2061446985644346&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_300x250_article&sz=300x250&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000117284&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=195&ady=367&adk=2714104873&uci=2&ifi=5&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=57&icsg=2253265102177018&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=315x255&msz=300x250&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=1250

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

de1f4347c027d5cddba1e72df2e9d8e017f8a0efa851a1d388e0a9cbeeb42c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24203
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 172 B
356 B 27ms
26ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=6fd11cc8-8c7c-41a2-a92b-820e10df9f23&nocache=1576000117295&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=728x90&divIds=javatips-net_728x90_2&auid=540543789&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: a4281f34ac48896c9b2ebae2031c880e3ba5dd3a1630bacfc63e0881fb2a783a

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:37 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 84ms
83ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 1 KB
2 KB 158ms
158ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418792&v=7.2&r=%7B%22id%22%3A%2221ce5226c8e58%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2222de15ed542f5f5%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418792%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: c30b66d992ac513297cdb8afe00f7949d44d045bb6e0e1b5dda4f8715df25a6e

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 982
Expires: Tue, 10 Dec 2019 17:48:37 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 62ms
36ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

f7466a39b89076e7eb078e3b9e7caa2b144f94f5934449fb5bb566ea51f2f122

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:39 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.40:80
AN-X-Request-Uuid: a68ebe99-08ad-4df4-9bd0-b901a45f0c2b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 1 KB
797 B 6ms
5ms XHR
application/json 2a04:4e42:3::621
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20191210

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

6284026b6e51c43710cf17741eebfa10b5fd253fbbf64682c95836aebd4787c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT, HIT
status: 200
content-length: 735
etag: W/"535-jkHfHVzUJmcdlWMlU7VkwohojsI"
x-served-by: cache-ams21028-AMS, cache-fra19183-FRA
date: Tue, 10 Dec 2019 17:48:37 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 hls.min.js Show response
assets.bilsyndication.com/plugins/hls.js/ 247 KB
66 KB 23ms
23ms Script
application/javascript 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
age: 1160165
etag: W/"5dbbbcf2-3dcd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=16070400
cf-ray: 54310cfd8878cbcc-VIE
alt-svc: h3-23=":443"; ma=86400
expires: Wed, 27 Nov 2019 08:02:32 GMT

GET
H2 200 /
logs.bilsyndication.com/sub/ 0
107 B 20ms
17ms Image
image/jpeg 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logs.bilsyndication.com/sub/?d=javatips.net&h=www.javatips.net
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
cf-bgj: imgq:85
server: cloudflare
age: 904375
cf-polished: status=cannot_optimize
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 54310cfd988fcbcc-VIE
alt-svc: h3-23=":443"; ma=86400
content-length: 0

GET
H2 404 pubvendors.json Show response
www.javatips.net/.well-known/ 765 B
394 B 189ms
188ms Fetch
text/html 2606:4700:30::681c:1610
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://www.javatips.net/.well-known/pubvendors.json
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmpv2/cmp.complete.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::681c:1610 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25380a35584d7e4bf8f4ea97604c2dca0b304ed992fd06a1a55cecce1e9d2d62

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
status: 404
cf-ray: 54310cfd99bacbc4-VIE

OPTIONS
H/1.1 200
OK GetTerms Show response
apps.developermedia.com/Ads/PageTerms/ 0
278 B 478ms
100ms XHR
text/plain 76.74.234.208
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.developermedia.com/Ads/PageTerms/GetTerms
Requested by: Host: cdn1.developermedia.com
URL: https://cdn1.developermedia.com/a.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.javatips.net
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 10 Dec 2019 17:47:50 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type, Accept
Content-Length: 0

GET
H2 200 1572962788.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 79 KB
79 KB 22ms
17ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962788.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d62946b49f357b8cc1f07015be1d56492da8ca2ab8f250769e7dc2ec4c0c7b2

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 501018
cf-polished: qual=85, origFmt=jpeg, origSize=111413
status: 200
content-disposition: inline; filename="1572962788.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 80718
last-modified: Tue, 05 Nov 2019 14:06:28 GMT
server: cloudflare
etag: "5dc181e4-1b335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe3abecbcc-VIE
expires: Wed, 04 Dec 2019 23:08:19 GMT

GET
H2 200 1572962700.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 73 KB
74 KB 28ms
23ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962700.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e43b4b0b9863a455cd365e568684a36eed8e112e18def64ef948bdd46606a0c4

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 492958
cf-polished: qual=85, origFmt=jpeg, origSize=119023
status: 200
content-disposition: inline; filename="1572962700.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 75062
last-modified: Tue, 05 Nov 2019 14:05:00 GMT
server: cloudflare
etag: "5dc1818c-1d0ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe3ac1cbcc-VIE
expires: Thu, 05 Dec 2019 01:22:39 GMT

GET
H2 200 1572962727.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 71 KB
71 KB 27ms
22ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962727.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fbe596d715b3b1b1e0940ac7f03a3efca1131af6becd00395caeab690c0b64

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 1160164
cf-polished: qual=85, origFmt=jpeg, origSize=130804
status: 200
content-disposition: inline; filename="1572962727.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 72606
last-modified: Tue, 05 Nov 2019 14:05:28 GMT
server: cloudflare
etag: "5dc181a8-1fef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe3ac3cbcc-VIE
expires: Wed, 27 Nov 2019 08:02:33 GMT

GET
H2 200 1572962750.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 64 KB
64 KB 27ms
23ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962750.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4d7c071d72d7b41076bd9157a12ee75bf9058003642be197e9e59d418aee8c

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 1160163
cf-polished: qual=85, origFmt=jpeg, origSize=103947
status: 200
content-disposition: inline; filename="1572962750.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 65248
last-modified: Tue, 05 Nov 2019 14:05:50 GMT
server: cloudflare
etag: "5dc181be-1960b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe3ac4cbcc-VIE
expires: Wed, 27 Nov 2019 08:02:34 GMT

GET
H2 200 1572962767.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 44 KB
44 KB 25ms
21ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962767.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 769eb9ed7fcfd60268502d88c88a988ece4bd6608c60969b301341c0a1d9d373

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 1160164
cf-polished: qual=85, origFmt=jpeg, origSize=78339
status: 200
content-disposition: inline; filename="1572962767.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 44690
last-modified: Tue, 05 Nov 2019 14:06:07 GMT
server: cloudflare
etag: "5dc181cf-13203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe3ac7cbcc-VIE
expires: Wed, 27 Nov 2019 08:02:33 GMT

GET
H2 200 1572962809.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 112 KB
112 KB 24ms
19ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962809.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b49eef1ad608db416865ce4695143b9c0cb14d5dea8ef2c508f12a1017980e3

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 537608
cf-polished: qual=85, origFmt=jpeg, origSize=150805
status: 200
content-disposition: inline; filename="1572962809.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 114358
last-modified: Tue, 05 Nov 2019 14:06:49 GMT
server: cloudflare
etag: "5dc181f9-24d15"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe3ac8cbcc-VIE
expires: Wed, 04 Dec 2019 12:58:29 GMT

GET
H2 200 1572962830.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 192 KB
192 KB 71ms
70ms Image
image/jpeg 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962830.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a1ced149efa4f0f3d97221e4969ba6a4825773e7a2527294ab8449775676deb

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 1160163
cf-polished: degrade=85, origSize=227959, status=webp_bigger
status: 200
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 196097
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe6b30cbcc-VIE
expires: Wed, 27 Nov 2019 08:02:34 GMT

GET
H2 200 1572962852.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 95 KB
95 KB 58ms
57ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962852.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79c8357f91117e26aa1df7b22d958615d34c0049081c816cae85ab12d91301ec

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 492191
cf-polished: qual=85, origFmt=jpeg, origSize=141774
status: 200
content-disposition: inline; filename="1572962852.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 97036
last-modified: Tue, 05 Nov 2019 14:07:32 GMT
server: cloudflare
etag: "5dc18224-229ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe6b31cbcc-VIE
expires: Thu, 05 Dec 2019 01:35:26 GMT

GET
H2 200 1572962870.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame 377C 103 KB
103 KB 78ms
77ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962870.jpg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0244fbaf12a3852351a4bd2f65d59c422660920c429bf16085453a0ed0c8911

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 537608
cf-polished: qual=85, origFmt=jpeg, origSize=151033
status: 200
content-disposition: inline; filename="1572962870.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 105200
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe6b34cbcc-VIE
expires: Wed, 04 Dec 2019 12:58:29 GMT

GET
H2 200 1572962788.jpg
assets.bilsyndication.com/widget/2019/11/05/ Frame AEAF 79 KB
79 KB 71ms
71ms Image
image/webp 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/widget/2019/11/05/1572962788.jpg
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d62946b49f357b8cc1f07015be1d56492da8ca2ab8f250769e7dc2ec4c0c7b2

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: HIT
age: 501018
cf-polished: qual=85, origFmt=jpeg, origSize=111413
status: 200
content-disposition: inline; filename="1572962788.webp"
cf-bgj: imgq:85
alt-svc: h3-23=":443"; ma=86400
content-length: 80718
last-modified: Tue, 05 Nov 2019 14:06:28 GMT
server: cloudflare
etag: "5dc181e4-1b335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 54310cfe6b36cbcc-VIE
expires: Wed, 04 Dec 2019 23:08:19 GMT

GET
DATA 200
OK truncated
/ Frame AEAF 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame AEAF 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 playlist.m3u8 Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 3 KB
3 KB 467ms
364ms XHR
application/vnd.apple.mpegurl 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist.m3u8
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b912e2588eeb5a03050983bf8d3d68f411c6bc84703ff29af60ee2458d75f786

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Nov 2019 02:43:40 GMT
server: cloudflare
etag: "5dc0e1dc-a3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
access-control-allow-methods: GET
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
accept-ranges: bytes
cf-ray: 54310cfef9245964-VIE
content-length: 2621

GET
H2 200 vi-logo.svg
assets.bilsyndication.com/media/icon/ Frame 377C 11 KB
3 KB 75ms
75ms Image
image/svg+xml 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/media/icon/vi-logo.svg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
age: 1160175
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=16070400
cf-ray: 54310cfe6b38cbcc-VIE
alt-svc: h3-23=":443"; ma=86400

GET
H2 200 vi-icon.svg
assets.bilsyndication.com/media/icon/ Frame AEAF 3 KB
1 KB 20ms
16ms Image
image/svg+xml 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/media/icon/vi-icon.svg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
age: 1160179
etag: W/"5dbbbcf1-dc6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=16070400
cf-ray: 54310cfedcbecbcc-VIE
alt-svc: h3-23=":443"; ma=86400

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame AF7C 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 10 Dec 2019 16:39:37 GMT
expires: Wed, 09 Dec 2020 16:39:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4140
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 280ms
272ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=4073686819723419&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_728x90_2&sz=728x90&scp=hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D728x90%26hb_pb_ix%3D0.11%26hb_adid_ix%3D253eb6e5dcdfffd%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.11%26hb_adid%3D253eb6e5dcdfffd%26hb_bidder%3Dix&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie=ID%3D638064073d153a28%3AT%3D1576000117%3AS%3DALNI_MYO7UXBj6OiOsAP4p9KL8EBEfZ1-Q&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000117663&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=195&ady=4043&adk=2262612107&uci=3&ifi=6&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=57&icsg=5861153964794&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=847x90&msz=847x90&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=1250

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

0604dadda621f21d36b7d1562b26061d419a4467ffaa3f9d710ef00370fa700b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
google-lineitem-id: 4980464377
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138215078321
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 91ms
83ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:37 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
804 B 279ms
191ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418791&v=7.2&r=%7B%22id%22%3A%222834a907918a35c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22291c43bb801e5c%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418791%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3d0dd3c30e8e2528fd4168487507a5fcb821974172d8c8a5bee709f76a07269

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 173 B
357 B 80ms
72ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=d4c27db4-4dff-4c33-bc18-d491c077ca0e&nocache=1576000117675&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=300x250&divIds=javatips-net_300x250&auid=540543782&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: b6eb1c9dd87214b267f0a8f587fe71dc9f270a2873f612314d19f799960fc94f

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:37 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 178ms
94ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a166b61cbc0b18984cc3afdb71b9c9ac769e64ed14f053d287536b3a38d43083

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:39 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: 96df36c2-fc2c-45dc-8922-fdd878e0fc41
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame FD24 0
0 75ms
74ms Document
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 10 Dec 2019 16:39:37 GMT
expires: Wed, 09 Dec 2020 16:39:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4140
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

POST
H/1.1 200
OK GetTerms Show response
apps.developermedia.com/Ads/PageTerms/ 170 B
455 B 108ms
107ms XHR
application/json 76.74.234.208
Cogeco Peer 1

General

Check archive.org

Show headers Download Go to

Full URL: https://apps.developermedia.com/Ads/PageTerms/GetTerms
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 76.74.234.208 Toronto, Canada, ASN13768 (COGECO-PEER1 - Cogeco Peer 1, CA),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 28632d8b99d8b809f92685923b42c9df411aa0ed0c5c05efe7aac89ebe82a112

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 10 Dec 2019 17:47:50 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private
Content-Length: 170

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 39 KB
9 KB 205ms
205ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=4478387750935936&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_300x250&sz=300x250&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000118077&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=1076&ady=134&adk=1718964984&uci=4&ifi=7&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=56&icsg=5861153964794&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=337x290&msz=300x250&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e9f28d47c2bc55f231b98f0b3adc3f2a85060bf7c733d6a5c7e44fb9580f6593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9369
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 173 B
357 B 91ms
87ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=03288e2a-af80-440a-8cd6-5a9c97b642d3&nocache=1576000118150&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=300x250&divIds=javatips-net_300x250_1&auid=540543783&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: ec4a3852b933e4c11512819aedab69d806ed183eee759aae776f8bda037ec636

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:38 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
903 B 224ms
124ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418793&v=7.2&r=%7B%22id%22%3A%22363d5e72207db95%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22375a7c9458ee917%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418793%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 76c2aece5106b25681ac1f4b8716edca4c01e49b45c1327e885e931fdbcffd96

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 10 Dec 2019 17:48:38 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 91ms
90ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

3dc8ede8ce99e76f1f50942b8d40a7dfbaa11a73afde3a0f485132969e037623

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:40 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.103:80
AN-X-Request-Uuid: 42973706-aa2a-4c1e-8003-78504d6ccb8d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 192ms
192ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame F2BD 51 KB
16 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8219343860deacf591add0184407f74235ee7f024b013845e543931b81f1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "362 / 335 of 1000 / last-modified: 1575920697"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15832
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:38 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9291 51 KB
16 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d8219343860deacf591add0184407f74235ee7f024b013845e543931b81f1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "362 / 111 of 1000 / last-modified: 1575920697"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15832
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:38 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F0D 0
0 73ms
73ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqD1a8pjEJY0bsz3gGekLdN8DvpgZ1MVWlc2LVrn1J9W41MRaYt_vGUFGcw_2TVcviJaKMtB-Ib96kiKtZeO9dsiRS01NPTSzAd_iQs0ZsqW6wao8wyw9Ks_bGHIGclYv_PSOFUnEcDH9bh2iat31fsRDSTMnd6Ot_hPmx742sILcpLPsX4_245iOZlQdtE2qBtJ-iCGsH5fBH6_tiYebriHdQMlc54-5D7W3sPfIN4EIXj-EVzbo6fDqWmYzg_699ewI8aLAYCBmf5QuhGzOOF6M&sig=Cg0ArKJSzCQw-rSjwwkbEAE&urlfix=1&adurl=

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Dec 2019 17:48:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK Cookie set ifnotify
a3226.casalemedia.com/ Frame A08B 0
0 167ms
78ms Document
text/html 185.80.38.195
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=1323407&r=4F7FD11A&t=5DEFDA75&u=WGUtYWRMbFFKc01BQUNvRE9QOEFBQUJS&m=0fbf81bfdc1020a7664efbabfa5c2890&wp=11&aid=8A8FCD464D27E538&tid=1516E&s=663E8&cp=0.17&n=www.javatips.net&pr=xx&epr=21ce5226c8e58
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.80.38.195 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3226.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: CMID=Xe-adLlQJsMAACoDOP8AAABR; CMPS=3226; CMDD=AAZjoAE*; CMPRO=1218; CMST=Xe-adF3v2nUB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Date: Tue, 10 Dec 2019 17:48:38 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Set-Cookie: CMST=Xe-adF3v2nYB;domain=casalemedia.com;path=/;expires=Wed, 11 Dec 2019 17:48:38 GMT CMDD=AAZjoAE*;domain=casalemedia.com;path=/;expires=Wed, 11 Dec 2019 17:48:38 GMT CMRUM3=835defda7605a0&275defda760b40&515defda7605a0&045defda7605a0&bf5defda7605a0&585defda7605a0&2d5defda7605a0&af5defda7605a0;domain=casalemedia.com;path=/;expires=Wed, 09 Dec 2020 17:48:38 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3F0D 2 KB
2 KB 173ms
74ms Script
application/x-javascript 185.29.133.58
MediaMath Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWVRnek4yWTFaVFF0T0dWaU5DMDFOMll6TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc4Mjg1NTk2MTA2ODMyNTMvNjg2NDA1NS80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeGUwQkNEQUpfSmloRERhUnZWMDczakEvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzc4Mjg1NTk2MTA2ODMyNTMvenJoLzAvMzM5MS83OC85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzYwMDAxMTcv/3xtN2rL5vhTLGNqjX005jLhHiAk&nodeid=512&auctionid=7828559610683253&exch=cas&sid=4802372&cid=6864055&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software: MMBD/3.160.1 /
Resource Hash: 9bd75d54c29dbec33cde03c84085f67fce4254aacdc86a624bdcba954dfe9f1c

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:38 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1576000117
Last-Modified: Tue, 10 Dec 2019 17:48:37 GMT
Server: MMBD/3.160.1
x-mm-latency: 1 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: count
Cache-Control: no-cache
x-mm-host: zrh-router-x21, zrh-bidder-x67
Connection: close
x-mm-pending-bid-state: eyJOb3RpZnlUeXBlIjoid2ViIiwiUEJEYXRhU291cmNlIjoiUEJDIiwiV2FpdEZvcldlYiI6ZmFsc2UsIldhaXRGb3JJbXAiOmZhbHNlLCJXYWl0Rm9yQ2siOnRydWUsIlBCU3RhdGUiOiJXaW4iLCJEdXBOb3RpZnkiOmZhbHNlLCJCaWRDbGFpbWVkIjpmYWxzZSwiUEJTV29ya2VkIjpmYWxzZSwiUEJTV2luUGF5bG9hZCI6IiJ9
Content-Type: application/x-javascript; charset=UTF-8
Expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F0D 77 KB
29 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:38 GMT

GET
H2 200 playlist0.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 1 MB
1 MB 24ms
24ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist0.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d258f19aed8ee58beefed6082608e2e23e00ceac2546c216e6d82277fa2504d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
cf-cache-status: HIT
age: 11791
status: 200
content-length: 1434628
last-modified: Tue, 05 Nov 2019 02:26:09 GMT
server: cloudflare
etag: "5dc0ddc1-15e404"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d033ca45964-VIE

GET
BLOB 200
OK 72d4a7a4-9e63-4ae8-a356-09f122fcca9f
https://www.javatips.net/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.javatips.net/72d4a7a4-9e63-4ae8-a356-09f122fcca9f
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2 200 vendorlist.json Show response
vendorlist.consensu.org/ 92 KB
17 KB 96ms
7ms Fetch
application/json 2600:9000:21f3:600:1:af78:4c0:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vendorlist.consensu.org/vendorlist.json
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/cmpv2/cmp.complete.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:600:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e356e7e1d432bfb23c6eaf5c1b4a85b9c14ac4a10700ca215fc97fbd0d43f1ae

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 06:40:14 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 40105
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 05 Dec 2019 16:00:32 GMT
server: AmazonS3
access-control-max-age: 604800
access-control-allow-methods: GET
x-amz-version-id: PbAXzCTLB.Ky0_QflqbpxMzhIOiS.jl4
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA2-C2
content-type: application/json; charset=utf-8
x-amz-cf-id: _GlSC8nqQRNDVZTliaNA2QUm2QDt_qhgNIsIsNAoDtyi1Nq_3qr9FQ==

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ 20 KB
7 KB 202ms
85ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3684
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7132
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 16:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "796f98bb73f13f89"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 16:47:14 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 53AF 200 KB
55 KB 119ms
7ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16841
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:07:57 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 53AF 15 KB
6 KB 138ms
26ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16818
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5592
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ac5c138bfec1b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 53AF 151 KB
41 KB 131ms
20ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16823
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 53AF 3 KB
1 KB 129ms
19ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16832
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "49ed1549bef9ee2d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:06 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 53AF 44 KB
14 KB 123ms
14ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16836
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14180
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "15a9b640489a7720"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:02 GMT

GET
DATA 200
OK truncated
/ Frame 53AF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6cc7e7fb2699349c61529d781f447651cb02dc1fd803dc6f45411644a42d813

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2493317719579096929
tpc.googlesyndication.com/simgad/ Frame 53AF 27 KB
27 KB 11ms
7ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2493317719579096929?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmf9j-hwsQkd-UGrE0fVKCPJR-5TA

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0a53ee4b90f6e50755f3ee86e1a32831c31622578b55814848c47a10d2c25cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 06:43:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Dec 2019 04:52:47 GMT
server: sffe
age: 39892
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 27583
x-xss-protection: 0
expires: Wed, 09 Dec 2020 06:43:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 53AF 2 KB
3 KB 10ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65696
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 53AF 295 B
426 B 9ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71717
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 53AF 0
0 22ms
19ms Image
text/html 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTH8ORWOCiZiFPo_SgXdcawls_5Dt4i5ouCTiwpkCRXvaKKClQCVdiOOlgNVCo4QOrn7ZMi1RE5QT15Pm56PFTb0wbqbQ
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 53AF 0
0 23ms
20ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4HLYdtrvXdbZB9GM7_UPhNCqgASE48TIWq27-JrNCoDS5MKPDhABIJHi5B9glQKgAdn3t_gDyAECqQK_GPufyOSDPuACAKgDAcgDCKoEmwJP0BKyZaDWWz-LwGaGGopoWEqpTW4PEN5B7WDaEa22PvKbqhzEeKxVOvUaynt0TxbFJs1AcD6x4LmOcCAI4sow_FPsl97MRrYZUK4HzMsqHxORUh6ZuTaQLmrn-kYQYt1CA3Rs5rr1jPibEU6gb4nslVjXMMseU7C2Arf6nbQzcE6LQwkDh1JdeJzUaaoN_93d-swkmJWPDw12qKqGxFEqenE3B41lBHkaonSEWc9h9znjlgI8y3oB7RLRrwMUuzCZjzFv7mCkD6EMIIR5J4BLPtQlT06dvahpoiIdb3VmJb3QQ1OtWaoMgpKFMJBxj1bB_ntXHGRnqO_BcbJuyWjjsfdTOvMr1U1X06hspEe6YZUSHf8y_iGc-VbzwATr-ZjgwgLgBAGgBgKAB4-IyAeoB47OG6gH1ckbqAeT2BuoB7oGqAfZyxuoB8_MG6gH8tkbqAemvhuoB-zVG9gHAfIHBBD1jwTSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0ODY3NzA3NDU1OTk3NDmACgPICwHYEwM&sigh=oEZdoI9cydw&tpd=AGWhJmvo7NpFQP3ptMyYWQwefLfxu2drAxo24NfVhBnfYLH4Ew
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 46 KB
10 KB 293ms
217ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=4092010149888114&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_300x250_1&sz=300x250&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000118680&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=1076&ady=2534&adk=3637415290&uci=5&ifi=8&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=55&icsg=5861153964794&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=337x290&msz=300x250&psts=CioI-bXvxhLoAbHzivKCBIICD7C4v8gBqLm_yAGK4veRUdECPsswazx9_JU&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

daf14e2a9398947a01c1f3b3d7806eb96db8fd1d3cdd83d2bffd3a4e4f28575e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10310
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 160ms
81ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

04175446ad698dc72c64fddcb5daf60129b35837a74bb90cd885a314ad76882f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:40 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.135:80
AN-X-Request-Uuid: e86ad82e-5498-46b7-a47d-b68117e112be
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
804 B 213ms
134ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418794&v=7.2&r=%7B%22id%22%3A%224449327c3eef8b2%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22453950c9e52f78f%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418794%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8c04c0e2848c3baa5be9fd58c86ed9334af961035bbc40ef6a5c7ebb3784e001

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 10 Dec 2019 17:48:38 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 173 B
357 B 93ms
20ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=50ec997d-ea03-430f-96fd-ea6c1aecadd5&nocache=1576000118689&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=300x250&divIds=javatips-net_300x250_2&auid=540543784&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: a2af5ecf1a0479f45e4083755d5fbc5168370ac4b1366c8ce3a481169e1b0b40

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:38 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 158ms
86ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

GET
H/1.1 200
OK df2muyo5c9nk Show response
hal9000.redintelligence.net/zone/ Frame 3F0D 10 KB
3 KB 74ms
1ms Script
text/html 136.243.149.243
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/df2muyo5c9nk?subid=&rnd=7828559610683253&extVar[]=DOUBLEBORDER:1&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7828559610683253%26mt_id%3D6864055%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3Db5315def-da76-4901-a9d3-5f63226a0bfb%26redirect%3D
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.243.149.243.136.clients.your-server.de
Software: Apache /
Resource Hash: f640128096ba762ef0f7d37a1c8acd1458caf91973fd153426ef4ac5456c63fc

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:38 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 2746
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3F0D 43 B
359 B 102ms
18ms Image
image/gif 2.18.233.201
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=15&v2=7828559610683253&v3=651871&v4=4802372&v5=6864055&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWVRnek4yWTFaVFF0T0dWaU5DMDFOMll6TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc4Mjg1NTk2MTA2ODMyNTMvNjg2NDA1NS80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeGUwQkNEQUpfSmloRERhUnZWMDczakEvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzc4Mjg1NTk2MTA2ODMyNTMvenJoLzAvMzM5MS83OC85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzYwMDAxMTcv/3xtN2rL5vhTLGNqjX005jLhHiAk&nodeid=512&auctionid=7828559610683253&exch=cas&sid=4802372&cid=6864055&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 1913 979072d master cdg-pixel-x9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:38 GMT
Server: MT3 1913 979072d master cdg-pixel-x9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3F0D 49 B
329 B 152ms
68ms Image
image/gif 185.29.133.58
MediaMath Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=cas&bid=7828559610683253&st=4802372&time=1576000118&nodeid=512
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?id=5aW95q2jLzIwLyAvWVRnek4yWTFaVFF0T0dWaU5DMDFOMll6TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc4Mjg1NTk2MTA2ODMyNTMvNjg2NDA1NS80ODAyMzcyLzE1L0RmOEtzclhRS1lIZzhHN3lqYjFaeGUwQkNEQUpfSmloRERhUnZWMDczakEvMS8xNS8wLzAvOTU2ODAzLzI0MjA5Mjc3NDQvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzc4Mjg1NTk2MTA2ODMyNTMvenJoLzAvMzM5MS83OC85OTkvNDAvMTQ0Ljc2LjEwOS4wLzAuMDAwLzE1NzYwMDAxMTcv/3xtN2rL5vhTLGNqjX005jLhHiAk&nodeid=512&auctionid=7828559610683253&exch=cas&sid=4802372&cid=6864055&price=0.17&act=LiIiJiQocHxrPSwuJCMqcHxrKy5wfGshIioqJCMqcHxrOiwkOQsiPwQgPQMiOSQrcH0&group=eu&bp=a_bhgaac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software: MMBD/3.160.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:38 GMT
Server: MMBD/3.160.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x40, zrh-bidder-x67
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 10 Dec 2019 17:48:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame F2BD 109 B
171 B 27ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.javatips.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F2BD 109 B
171 B 26ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.javatips.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F2BD 166 KB
61 KB 91ms
81ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

f93d1d7d700f850328abfcc87e394dfb26fe1183249925434f8870fba994bc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62423
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9291 109 B
171 B 18ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.javatips.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9291 109 B
171 B 20ms
18ms Script
application/javascript 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.javatips.net

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9291 166 KB
61 KB 82ms
81ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

f93d1d7d700f850328abfcc87e394dfb26fe1183249925434f8870fba994bc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62423
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:38 GMT

GET
H/1.1

200
OK

request.php Show response
hal90006.redintelligence.net/ Frame 3F0D
Redirect Chain

https://hal90006.redintelligence.net/request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90006.redintelligence.net/request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

3 KB
2 KB

89ms
82ms

Script
application/x-javascript

138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7828559610683253%26mt_id%3D6864055%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3Db5315def-da76-4901-a9d3-5f63226a0bfb%26redirect%3D&documentReferer=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ancestorOrigins=https%3A%2F%2Fwww.javatips.net&random=1307182566722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 71f5f2b52a5a4240f8c200f67f8f2b6ab2b9784cce4efb72635241c50f3ad04c

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 85203300106159901049054011073006
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1048
Expires: Tue, 10 Dec 2019 17:48:38 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:38 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7828559610683253%26mt_id%3D6864055%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3Db5315def-da76-4901-a9d3-5f63226a0bfb%26redirect%3D&documentReferer=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ancestorOrigins=https%3A%2F%2Fwww.javatips.net&random=1307182566722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 10 Dec 2019 17:48:38 +0100

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 53AF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

63ms
63ms

Image
text/html

2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Tue, 10 Dec 2019 17:48:38 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
9 KB 279ms
278ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=3578543412869312&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_300x250_2&sz=300x250&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000118972&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=1076&ady=3021&adk=1432301419&uci=6&ifi=9&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=55&icsg=5861153964794&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=337x290&msz=300x250&psts=CioI-bXvxhLoAbHzivKCBIICD7C4v8gBqLm_yAGK4veRUdECPsswazx9_JU&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

0e0e845aea78522b80f312eef36d299ff3f54aff0235b382b54c6a756022a0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9263
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
903 B 276ms
198ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418796&v=7.2&r=%7B%22id%22%3A%2250406c0c43650fe%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2251d79201a550762%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418796%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 881aa0420667d52d0ce9e71c4e9995970b759362477767d528c03df96db7c2d6

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 10 Dec 2019 17:48:39 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 70ms
70ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

1fc74bf866c96b07e24357f9678db45eb8a9f840f7b8170b79ef4f87482a85dc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:40 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.199:80
AN-X-Request-Uuid: 0086f532-60a2-4e57-b36a-62c5d29373b6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 173 B
357 B 71ms
71ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=0f5b98b1-6ef4-4125-b1d7-43fec66f70e0&nocache=1576000118979&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=300x250&divIds=javatips-net_300x250_3&auid=540543785&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: 1360a4fdf411646a2673df8eb65ce4cf744c6b7c640364f9b3ca73bcfcc508a7

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:39 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 108ms
108ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:39 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

GET
H2 200 2493317719579096929
tpc.googlesyndication.com/simgad/ Frame 53AF 27 KB
27 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2493317719579096929?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmf9j-hwsQkd-UGrE0fVKCPJR-5TA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0a53ee4b90f6e50755f3ee86e1a32831c31622578b55814848c47a10d2c25cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 06:43:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Dec 2019 04:52:47 GMT
server: sffe
age: 39892
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 27583
x-xss-protection: 0
expires: Wed, 09 Dec 2020 06:43:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 53AF 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65696
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 53AF 295 B
355 B 7ms
2ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71717
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame F2BD 15 KB
4 KB 98ms
96ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1730503084313174&correlator=1688112380371402&output=ldjh&impl=fif&adsid=NT&eid=21062332%2C21062832%2C21064523%2C21065006%2C21065196&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F6839%2Fjavatips.net%2Ftopright&sz=300x250&scp=kw%3DJava%252CSpring%252CAndroid%252CMobile%252CjQuery%252CUnit%2520Test%252CASP.NET%2520MVC%252CDI%252CTDD%252CHosting%252CHibernate%252CEclipse%252CHTML5%252CCSS%252CWEB%252CJavascript%252CEntity%2520Framework%252CSonar%252C%252C&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cdm=www.javatips.net&bc=31&abxe=1&lmt=1576000119&dt=1576000119058&dlt=1576000118169&idt=821&ea=0&frm=23&biw=1585&bih=1200&isw=298&ish=250&oid=3&adx=1078&ady=732&adk=2935765741&uci=cul2tmx6q6g0&ifi=1&ifk=4219235653&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&top=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=6&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=298x250&msz=298x250&ga_vid=1851485985.1576000117&ga_sid=1576000119&ga_hid=1862065084&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

2e3e0bb27e6fb0c3314a7bd140cfadd1f9f9f775b547d5acc878ab5d33a29755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4416
x-xss-protection: 0
google-lineitem-id: 52364790
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238693865
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F2BD 64 KB
24 KB 39ms
38ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

1008ae8c93c140845bf5bfa6d0c6e0a048ff8906a4fa0081196fd99f1613f65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24817
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:39 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame F2BD 0
0 9ms
9ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9291 15 KB
4 KB 85ms
84ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3942509271347887&correlator=84589023521605&output=ldjh&impl=fif&adsid=NT&eid=21062889%2C21065210&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F6839%2Fjavatips.net%2Fros&sz=300x250&scp=kw%3DJava%252CSpring%252CAndroid%252CMobile%252CjQuery%252CUnit%2520Test%252CASP.NET%2520MVC%252CDI%252CTDD%252CHosting%252CHibernate%252CEclipse%252CHTML5%252CCSS%252CWEB%252CJavascript%252CEntity%2520Framework%252CSonar%252C%252C&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cdm=www.javatips.net&bc=31&abxe=1&lmt=1576000119&dt=1576000119077&dlt=1576000118173&idt=895&ea=0&frm=23&biw=1585&bih=1200&isw=298&ish=250&oid=3&adx=1078&ady=1214&adk=3121682831&uci=amf5iaxivnni&ifi=1&ifk=4219235653&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&top=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=6&icsg=170&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=298x250&msz=298x250&ga_vid=1851485985.1576000117&ga_sid=1576000119&ga_hid=257436755&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

37e71e562ae436879500b69e62579c41ae97364033a3ccadbf95516a24d2fecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4398
x-xss-protection: 0
google-lineitem-id: 52364790
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138238693865
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019120201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9291 64 KB
24 KB 40ms
40ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

1008ae8c93c140845bf5bfa6d0c6e0a048ff8906a4fa0081196fd99f1613f65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 02 Dec 2019 14:08:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24817
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:39 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 9291 0
0 6ms
6ms Other
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 8B07 200 KB
54 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16842
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:07:57 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 8B07 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16819
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5592
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ac5c138bfec1b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 8B07 151 KB
40 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16824
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 8B07 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16833
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "49ed1549bef9ee2d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:06 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 8B07 44 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16837
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14180
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "15a9b640489a7720"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B07 4 KB
682 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 10 Dec 2019 17:48:39 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 10 Dec 2019 17:48:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8B07 4 KB
637 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 10 Dec 2019 17:48:39 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 10 Dec 2019 17:48:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:39 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B07 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65697
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B07 295 B
360 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 8B07 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 767571efbe1d6a1a72988ab8af44e51ef8d6db08071ce9e778de2cde60551b64

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15500350018660221592/ Frame 8B07 18 KB
18 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15500350018660221592/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIrAIQnQEYASABLQAAAD8wrAI4nQFFAACAPw&rs=AOga4qkxOBjbPv8En5SObKTQM4AX4yx_lw

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

bbe233d01dde45fccb6b416ad3a98e94f674f5573b3c3a78cb18a4435425b82d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 01:23:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 16 Oct 2019 02:07:21 GMT
server: sffe
age: 1787091
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 18624
x-xss-protection: 0
expires: Thu, 19 Nov 2020 01:23:48 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8578129967820296872/ Frame 8B07 5 KB
5 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8578129967820296872/downsize_200k_v1?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qm5y3CelUOkKslL2rqGB5CLFSvb1A

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d2046a09db7667733b48b3ffc77f65b5b7cf9def2359078117770c9ced03ee15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 11:43:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 08 Jan 2019 00:33:08 GMT
server: sffe
age: 1749929
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 5350
x-xss-protection: 0
expires: Thu, 19 Nov 2020 11:43:10 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8B07 0
0 18ms
17ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwuSTdtrvXeWKLZX03wOZk4ywAozQo8Jazri2_4EKmcyZ3JcOEAEgkeLkH2CVAqAB0vjL4gPIAQbgAgCoAwHIAwqqBJwCT9A1tU1l1XxbYR0Iidm-UQZMSzOwGHumSKmb2yiARqT_cMrXkORjoMouUzLM_ZNeTu_tCueKoNgLTyO_VgZXkZ8gJ7w5dwOmCbW9Td76Dan3c9HjdTC6WDde2MuyTTTETMKJ92UVE5o9G7Gl3BVHJwqOy5DsUidpAxxznLGzWX2rVCxZGq9dxc21sfK7gjV8oKfBplC-8UngH6HUsFLRDBXtYOsBGBdrDtuuJFbbajPZ6kFuHK6Q1BuNTQMkpTN2KEIO5MpltYAvB6IZdrRNUafPVKoDxDac-FWsvgXvYBlG--RKttR_XzeC5DduFVlIQLq_ejXA15ZS44S6BY63EZMbxX5Av8vhqOSsIptT5IfyNfsM7hcjvAmrJn3ABI7im_iCAuAEAaAGN4AHgYjWQ6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJGWB9IICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTQ4Njc3MDc0NTU5OTc0OYAKA8gLAdgTA4gUBA&sigh=xnjirolNCnw&template_id=492&tpd=AGWhJmsVCquapDVrkBs1OpCF-U1y2QgkuZljv14luegpY0D-xQ
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2

200

B22124189.255033249;dc_pre=CMiXj_rRq-YCFUS8dwodhq8E6w;dc_trk_aid=450834204;dc_trk_cid=121095123;ord=1080040402;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/ Frame 8B07
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255033249;dc_trk_aid=450834204;dc_trk_cid=121095123;ord=1080040402;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255033249;dc_pre=CMiXj_rRq-YCFUS8dwodhq8E6w;dc_trk_aid=450834204;dc_trk_cid=121095123;ord=1080040402;dc_lat=;dc_rdid=;tag_for_ch...

42 B
120 B

33ms
33ms

Image
image/gif

172.217.22.6
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255033249;dc_pre=CMiXj_rRq-YCFUS8dwodhq8E6w;dc_trk_aid=450834204;dc_trk_cid=121095123;ord=1080040402;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.6 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s14-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:39 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://ad.doubleclick.net/ddm/trackimp/N718679.3159GOOGLE/B22124189.255033249;dc_pre=CMiXj_rRq-YCFUS8dwodhq8E6w;dc_trk_aid=450834204;dc_trk_cid=121095123;ord=1080040402;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B07 0
0 14ms
13ms Image
text/html 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS93EttWzoXEKgy9v_0Z5d6vouhHG6DGTqD8csseBJFitA8xA682acUoxKwuSiiT7IutqZeF3DIaKW5aID1obDg6utHZA
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H/1.1

200
OK

onepixel.gif
ad.zanox.com/ppv/images/ Frame FADA
Redirect Chain

https://ad.zanox.com/tpv/?45475836C666538628T&zpar0=85203300106159901049054011073006
https://pb.media01.eu/view.aspx?trackid=91C09AA007C123F60FDC6F5FD61F1F1B&dt_subid1=45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737&dt_subid2=&actionid=879111&produ...
https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737&dyn_id=

0
0

80ms
22ms

Document
image/gif

195.216.249.67
ZANOX

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737&dyn_id=
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7828559610683253%26mt_id%3D6864055%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3Db5315def-da76-4901-a9d3-5f63226a0bfb%26redirect%3D&documentReferer=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ancestorOrigins=https%3A%2F%2Fwww.javatips.net&random=1307182566722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Host: ad.zanox.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: zttpvc=5C222043S2639539910373748737T0II5C298918S2639539910377943040T0II45475836C0SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737; zptpvc=5C222043S2639539910373748737T0II5C298918S2639539910377943040T0II45475836C0SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Content-Type: image/gif
Last-Modified: Thu, 04 May 2000 17:04:38 GMT
Accept-Ranges: bytes
ETag: "09764d4eab5bf1:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox: https://www.zanox.com/jobs/international
Date: Tue, 10 Dec 2019 17:49:14 GMT
Content-Length: 43
Via: 10.30.0.120%1
Vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 10 Dec 2019 06:48:39 GMT
Location: https://ad.zanox.com/ppv/images/onepixel.gif?foo=45475836C666538628SV1yq22006758129749147841422036563241yb5yb7T2639539910373748737&dyn_id=
Server: Microsoft-IIS/8.5
Set-Cookie: ASP.NET_SessionId=qiz4vcepwxvcwcnwsnweiybf; path=/; HttpOnly DTU=2B75A7052315BA5C078E984DC47838F0; expires=Fri, 10-Dec-2021 17:48:39 GMT; path=/
P3P: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-XSS-Protection: 1; mode=block
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Tue, 10 Dec 2019 17:48:38 GMT
Content-Length: 0

GET
H2

200

activityi;dc_pre=CMj1kvrRq-YCFVDydwodb7YIhg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397
8019191.fls.doubleclick.net/ Frame 6758
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj1kvrRq-YCFVDydwodb7YIhg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397?

0
0

33ms
33ms

Document
text/html

172.217.21.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj1kvrRq-YCFVDydwodb7YIhg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397?

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8019191.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CMj1kvrRq-YCFVDydwodb7YIhg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkc7zgkOo3KhHjO27ImIp9m57Z-guB5oW3n-lSFrNLXmv9AK7vxPLz6mrbp; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 10 Dec 2019 17:48:39 GMT
expires: Tue, 10 Dec 2019 17:48:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
date: Tue, 10 Dec 2019 17:48:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CMj1kvrRq-YCFVDydwodb7YIhg;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1752160598020.9397?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 200
OK request_content.php
hal90006.redintelligence.net/ Frame 7CEB 0
0 5ms
2ms Document
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90006.redintelligence.net/request_content.php?s=85203300106159901049054011073006&a=95b89cf3
Requested by: Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=df2muyo5c9nk&nw=20&renderingType=javascript&namespace=3fa8b82b2f&subid=&uid=982cede015562998&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&envData=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D7828559610683253%26mt_id%3D6864055%26mt_adid%3D216536%26mt_sid%3D4802372%26mt_exid%3D15%26mt_inapp%3D0%26mt_uuid%3Db5315def-da76-4901-a9d3-5f63226a0bfb%26redirect%3D&documentReferer=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ancestorOrigins=https%3A%2F%2Fwww.javatips.net&random=1307182566722&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Heppenheim an der Bergstrasse, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash

Request headers

Host: hal90006.redintelligence.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: 8lcfmzhxc8d6_uid=bca4b1ec72c93f0c
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Date: Tue, 10 Dec 2019 17:48:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 10 Dec 2019 17:48:39 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1486
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 3F0D 43 B
621 B 138ms
83ms Image
image/gif 23.194.14.197
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.awin1.com/cshow.php?s=2519563&v=14098&q=368694&r=296283&pref1=85203300106159901049054011073006&pv=1
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.194.14.197 , United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-194-14-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:39 GMT
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1

200
OK

onepixel.gif
ad.zanox.com/ppv/images/ Frame 3F0D
Redirect Chain

https://ad.zanox.com/ppv/?45475836C666538628&zpar0=85203300106159901049054011073006
https://ad.zanox.com/ppv/images/onepixel.gif

43 B
460 B

128ms
22ms

Image
image/gif

195.216.249.67
ZANOX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.zanox.com/ppv/images/onepixel.gif
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.216.249.67 , France, ASN47268 (ZANOX, FR),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:49:13 GMT
Via: 10.30.0.118%1
ETag: "09764d4eab5bf1:0"
Last-Modified: Thu, 04 May 2000 17:04:38 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
jobs-at-zanox: https://www.zanox.com/jobs/international
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

Redirect headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:49:14 GMT
Via: 10.30.3.40%1
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: policyref="http://ad.zanox.com/w3c/p3p.xml", CP="NOI CUR OUR STP"
Location: https://ad.zanox.com/ppv/images/onepixel.gif
Cache-Control: no-store
Connection: close
Content-Length: 0
jobs-at-zanox: https://www.zanox.com/jobs/international

GET
H/1.1 200
OK id.js Show response
mathid.mathtag.com/device/ Frame 3F0D 54 KB
19 KB 93ms
30ms Script
text/javascript 185.29.134.233
MediaMath Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://mathid.mathtag.com/device/id.js
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.233 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software: / Express
Resource Hash: b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:39 GMT
Content-Encoding: gzip
X-Powered-By: Express
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
X-MM-Host: cdg-mathid-x2
Connection: keep-alive
Access-Control-Allow-Headers: Content-type, X-Optout
Keep-Alive: timeout=360
Expires: Tue, 10 Dec 2019 18:48:39 GMT

GET
DATA 200
OK truncated
/ Frame 3F0D 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c908eb586a7f0bc72f73add79aae9e593b0d8c6c85d07bc4db9d95319fc1250

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8B07 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.javatips.net

Response headers

date: Thu, 21 Nov 2019 15:36:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 1649538
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:36:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8B07 11 KB
11 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=en
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 05:00:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 46102
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11056
x-xss-protection: 0
expires: Wed, 09 Dec 2020 05:00:17 GMT

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame F2BD 20 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3685
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7132
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 16:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "796f98bb73f13f89"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 16:47:14 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame C4C6 200 KB
54 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16842
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:07:57 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame C4C6 151 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16824
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:15 GMT

GET
DATA 200
OK truncated
/ Frame C4C6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81f54426670d7d98737ddc6a9a49855c99436008847b15abeef5e70cecf569e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8491736462315336528
tpc.googlesyndication.com/simgad/ Frame C4C6 29 KB
29 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8491736462315336528

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dee350e33e4cde5d8136f91ff39c7e6d44c296d54dabf7c28dbec21b5f72c744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 02:41:42 GMT
x-content-type-options: nosniff
age: 1782417
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29627
x-xss-protection: 0
last-modified: Fri, 13 Jul 2018 14:08:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 02:41:42 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C4C6 0
57 B 17ms
16ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyV8STFGzhDsdruhAx3gdVpywHnbmGiJOKLcB2MxdknZmfW4UA_VS0-rJLhBKKMfLgaVSh7JIlxLzkoRoYn_FptdQSLbi3st0fLvjw4xp_gW0Jfbo8z9WenLLPI2dmJ0NHSStSvbXmulo5g7YCmiqq1hZJMJDGghgetyjs2B-ghSjhQOgcugdOoNgj5Thl7XxLd-zTZH-m9ZU4hPsDuebBMlsIihEpg1IevjDaN_iq1YihgzYcS7gdUI6pnNd7OyrPLJ2v3dSKpUdE&sig=Cg0ArKJSzNmiIxRLK35dEAE&adurl=

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame C4C6 0
0 15ms
14ms Image
text/html 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSg1aPAXFVqNcEzIUXyg-ymGdoYB2lore_x2rFwvEsH03bW_DjM_aYj5ls3lhzBiAgMo5I-
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 9291 20 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3685
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7132
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 16:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "796f98bb73f13f89"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 16:47:14 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 7974 200 KB
54 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16842
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:07:57 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 7974 151 KB
40 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16824
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:15 GMT

GET
H2 200 8491736462315336528
tpc.googlesyndication.com/simgad/ Frame 7974 29 KB
29 KB 9ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8491736462315336528

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dee350e33e4cde5d8136f91ff39c7e6d44c296d54dabf7c28dbec21b5f72c744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 02:41:42 GMT
x-content-type-options: nosniff
age: 1782417
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29627
x-xss-protection: 0
last-modified: Fri, 13 Jul 2018 14:08:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 02:41:42 GMT

GET
DATA 200
OK truncated
/ Frame 7974 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e94d40637bea29a6c14cb7c56539e071921692f283c1a0a318ae3f4887c4148

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7974 0
57 B 20ms
18ms Image
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOfavKyj7Kg6bER6JhvTILuMwUsEkaeMA8_c34rAuTXNmyIK_sQe4xWqyrRy4r95WjFpT__5eR0ErTF2sU-cIVlf6ZkGnf2-8uJrkQnZdJC0G67t1Y8uaOzvDfwMWcv4ukB8hsKLaddpymbcajxkn9pRLZwZFyG4uLeMxeRe_JhsEAE_txWxjXEHK8L-wJ8V2M0mtBtYDHK-HYQZAcnfxo-_7uTyQGdPfABd9XuDD59UKxaS4MxGlufjou5c_Emq5582TR&sig=Cg0ArKJSzAel7jkO_BGtEAE&adurl=

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7974 0
0 16ms
13ms Image
text/html 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGobVVdZ9eBHdv47R8VbzcQxhN-Ds0oLTU0SEcOulSYfrqGrft1ls45XePB617OJ4YitBL
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8B07
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

81ms
80ms

Image
text/html

2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Tue, 10 Dec 2019 17:48:39 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 272ms
272ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=3623183600235206&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_300x250_3&sz=300x250&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000119281&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=1076&ady=3319&adk=2849267196&uci=7&ifi=10&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=54&icsg=5861153964794&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=337x290&msz=300x250&psts=CioI-bXvxhLoAbHzivKCBIICD7C4v8gBqLm_yAGK4veRUdECPsswazx9_JU&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5a92cba39df6d43be8c38ca9fd19620c9dd1576879a8598eeb8d0e52726da591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4869
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 97ms
26ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a24e89542d6ab5c228ffd7e8bdf52023f42ede7aea896c6b64e7db1f769dc4bf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:41 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 99074400-150d-4858-975e-7a266f09c162
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 172 B
356 B 66ms
65ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=f5e356cd-4538-4369-bd48-2ed67265a52a&nocache=1576000119286&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=300x250&divIds=javatips-net_300x250_4&auid=540543787&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: e0032f2652978f88ff5ef88592410d501a9170f2917eba7ef9a7eb77fae12750

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:39 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 172
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
804 B 121ms
121ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418797&v=7.2&r=%7B%22id%22%3A%2262ea2635c416eeb%22%2C%22imp%22%3A%5B%7B%22id%22%3A%226377a044ce24bbf%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418797%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 49cafb9b46e8ba80da2e08acc553ad443eaad9be9154ef11e891d29f27da9e8d

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Tue, 10 Dec 2019 17:48:39 GMT

POST translator
hbopenbid.pubmatic.com/ 0
0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 2F2B 200 KB
54 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16842
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:07:57 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 2F2B 15 KB
6 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16819
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5592
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ac5c138bfec1b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 2F2B 151 KB
40 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16824
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 2F2B 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16833
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "49ed1549bef9ee2d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:06 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 2F2B 44 KB
14 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16837
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14180
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "15a9b640489a7720"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:02 GMT

GET
H2 200 2493317719579096929
tpc.googlesyndication.com/simgad/ Frame 2F2B 27 KB
27 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2493317719579096929?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmf9j-hwsQkd-UGrE0fVKCPJR-5TA

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0a53ee4b90f6e50755f3ee86e1a32831c31622578b55814848c47a10d2c25cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 06:43:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Dec 2019 04:52:47 GMT
server: sffe
age: 39893
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 27583
x-xss-protection: 0
expires: Wed, 09 Dec 2020 06:43:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F2B 2 KB
3 KB 9ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65697
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F2B 295 B
359 B 8ms
5ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 2F2B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97f2202fe794a4270a67e2da5a5c79c6bc00650f64eb17218e3c1ca4fd63acc9

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2F2B 0
0 55ms
54ms Image
text/html 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTkuHGDkOLrp8RLvziHTw_8xEmTOWgIt27y-zkTUf8E6VtnHfCQS_NdboavQPVIXlSl_oPIQJEp69O_0pPbS2GZwIE5Cg
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2F2B 0
0 57ms
56ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCpwDd9rvXfps24KBB6SwvqgChOPEyFqtu_iazQqA0uTCjw4QASCR4uQfYJWCioKYB6AB2fe3-APIAQKpAr8Y-5_I5IM-4AIAqAMByAMIqgSbAk_Q2eaJh_AJ8LpAHlfMJrCF-8miqyhyTPhYNjQUVTd8ziWxLxyU12QdqBZGL_BVQLrnbvBUt2NHvNvi_lRu_rJvmHRdtTDrcioo6Cd8mj_nKvkIU0wxJ2fCwZXBZgRhGZiZdHblEKHAAh8Tf8UpJ644_CgHobfimFJoNBhUy3fXNE-lOMQWSJpEKskbtY7os6CbvCsXjoPlJXEcICzQEQI7UQym-7iV4aghyl_N64drKAeG1aFBQ8C11KqhFz1GgBVyv5B2VzL_sESuw_MY1zqtxFpPsAP9n49awreLKsHwIDwN56dldTiD_PF1Vmi0kRcr8a8K-H6M16KPEjw-34LvgN4ducPinDgVaO9MtI9uDu7NtaGrVi46y4zABOv5mODCAuAEAaAGAoAHj4jIB6gHjs4bqAfVyRuoB5PYG6gHugaoB9nLG6gHz8wbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEKKLAtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTQ4Njc3MDc0NTU5OTc0OYAKA8gLAdgTAw&sigh=iduF65sLQbI&tpd=AGWhJmtWDP9WPynJEDnWQgMqK076Xfgi1KKU7pk4exAkPiJIhw
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B07 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65697
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8B07 295 B
359 B 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2F2B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

40ms
40ms

Image
text/html

2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Redirect headers

date: Tue, 10 Dec 2019 17:48:39 GMT
x-content-type-options: nosniff
server: safe
location: https://googleads.g.doubleclick.net/pagead/drt/si
content-type: text/html; charset=UTF-8
status: 302
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 246
x-xss-protection: 0

GET
H2 200 8491736462315336528
tpc.googlesyndication.com/simgad/ Frame C4C6 29 KB
29 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8491736462315336528

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dee350e33e4cde5d8136f91ff39c7e6d44c296d54dabf7c28dbec21b5f72c744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 02:41:42 GMT
x-content-type-options: nosniff
age: 1782417
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29627
x-xss-protection: 0
last-modified: Fri, 13 Jul 2018 14:08:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 02:41:42 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame D7F8 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Tue, 10 Dec 2019 16:39:37 GMT
expires: Wed, 09 Dec 2020 16:39:37 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4142
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 8491736462315336528
tpc.googlesyndication.com/simgad/ Frame 7974 29 KB
29 KB 7ms
5ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8491736462315336528

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

dee350e33e4cde5d8136f91ff39c7e6d44c296d54dabf7c28dbec21b5f72c744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 02:41:42 GMT
x-content-type-options: nosniff
age: 1782417
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29627
x-xss-protection: 0
last-modified: Fri, 13 Jul 2018 14:08:14 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 19 Nov 2020 02:41:42 GMT

GET
H2 200 2493317719579096929
tpc.googlesyndication.com/simgad/ Frame 2F2B 27 KB
27 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2493317719579096929?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmf9j-hwsQkd-UGrE0fVKCPJR-5TA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

0a53ee4b90f6e50755f3ee86e1a32831c31622578b55814848c47a10d2c25cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 06:43:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Dec 2019 04:52:47 GMT
server: sffe
age: 39893
content-type: image/png
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 27583
x-xss-protection: 0
expires: Wed, 09 Dec 2020 06:43:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F2B 2 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65697
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2F2B 295 B
361 B 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71718
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
H2 200 playlist1.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 237 KB
237 KB 24ms
24ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist1.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d30045d2cec1b11ecdaaa9808fff3aada2ae62bff6f7d6dfe97af24227c1476

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
cf-cache-status: HIT
age: 172866
status: 200
content-length: 242708
last-modified: Tue, 05 Nov 2019 02:26:09 GMT
server: cloudflare
etag: "5dc0ddc1-3b414"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d0bfbde5964-VIE

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3F0D 49 B
329 B 84ms
38ms Image
image/gif 185.29.133.58
MediaMath Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=7828559610683253&node_id=512&exch_id=15&mathid_data=%7B%22dv1%22%3A%22TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzc0LjAuMzcyOS4xNjkgU2FmYXJpLzUzNy4zNg%3D%3D%22%2C%22dv2%22%3A%22NWI2NjgwZjU1ZmFiYmMxM2YxMGMwMDgyNTM4NjQ0OTk%3D%22%2C%22dv3%22%3A%22%22%2C%22dv4%22%3A%22MTYwMHwxMjAwfDE2MDB8MTIwMHwyNHx8%22%2C%22dv5%22%3A%22RXVyb3BlL0Jlcmxpbg%3D%3D%22%2C%22dv6%22%3A%22%22%2C%22dv7%22%3A%22MA%3D%3D%22%2C%22dv8%22%3A%22ZmFsc2V8dHJ1ZXx0cnVl%22%2C%22dv9%22%3A%22fGVuLVVTfA%3D%3D%22%2C%22dv10%22%3A%22TW96aWxsYXxOZXRzY2FwZXxMaW51eCB4ODZfNjR8%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.133.58 , United Kingdom, ASN30419 (MEDIAMATH-INC - MediaMath Inc, US),
Reverse DNS
Software: MMBD/3.160.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:39 GMT
Server: MMBD/3.160.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x40, zrh-bidder-x67
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Tue, 10 Dec 2019 17:48:38 GMT

GET
H2 200 playlist2.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 257 KB
257 KB 18ms
17ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist2.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c13c629b47bbc7ae44eb947749117335c6172004836e214708c75a7f8ad88247

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
cf-cache-status: HIT
age: 11790
status: 200
content-length: 262824
last-modified: Tue, 05 Nov 2019 02:26:09 GMT
server: cloudflare
etag: "5dc0ddc1-402a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d0c3bfb5964-VIE

GET
H2 200 playlist3.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 44 KB
44 KB 31ms
31ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist3.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a88801b44e8808ce67107a3c9957804bb0b0584fc987defeaea0ec0fd2621a2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
cf-cache-status: HIT
age: 11789
status: 200
content-length: 45120
last-modified: Tue, 05 Nov 2019 02:26:09 GMT
server: cloudflare
etag: "5dc0ddc1-b040"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d0c6c285964-VIE

GET
H2 200 playlist4.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 423 KB
424 KB 48ms
47ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist4.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3031a323138ccd97f18644323b806c07bd4bf525cb3ca4b0178060935b8fc950

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
cf-cache-status: HIT
age: 11788
status: 200
content-length: 433340
last-modified: Tue, 05 Nov 2019 02:26:09 GMT
server: cloudflare
etag: "5dc0ddc1-69cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d0cdcba5964-VIE

GET
H2 200 playlist5.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 529 KB
530 KB 20ms
19ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist5.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b80c88b6568cb1eb5c5435bdb5d2b637d15a84b91ff341dae0a2d0442440b8e0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
cf-cache-status: HIT
age: 172862
status: 200
content-length: 542004
last-modified: Tue, 05 Nov 2019 02:26:10 GMT
server: cloudflare
etag: "5dc0ddc2-84534"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d0d3d085964-VIE

GET
H2 200 playlist6.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 603 KB
604 KB 43ms
43ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist6.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59f0b9466a3332a0b6a46d9506488831104738d3d88ad9446482fd7aa191fcd0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:39 GMT
cf-cache-status: HIT
age: 11787
status: 200
content-length: 617956
last-modified: Tue, 05 Nov 2019 02:26:10 GMT
server: cloudflare
etag: "5dc0ddc2-96de4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d0d7d385964-VIE

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 53AF 0
0 17ms
17ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPsFvdtrvXdbZB9GM7_UPhNCqgASE48TIWq27-JrNCoDS5MKPDhABIJHi5B9glQKgAdn3t_gDyAECqQK_GPufyOSDPuACAKgDAaoEmwJP0BKyZaDWWz-LwGaGGopoWEqpTW4PEN5B7WDaEa22PvKbqhzEeKxVOvUaynt0TxbFJs1AcD6x4LmOcCAI4sow_FPsl97MRrYZUK4HzMsqHxORUh6ZuTaQLmrn-kYQYt1CA3Rs5rr1jPibEU6gb4nslVjXMMseU7C2Arf6nbQzcE6LQwkDh1JdeJzUaaoN_93d-swkmJWPDw12qKqGxFEqenE3B41lBHkaonSEWc9h9znjlgI8y3oB7RLRrwMUuzCZjzFv7mCkD6EMIIR5J4BLPtQlT06dvahpoiIdb3VmJb3QQ1OtWaoMgpKFMJBxj1bB_ntXHGRnqO_BcbJuyWjjsfdTOvMr1U1X06hspEe6YZUSHf8y_iGc-VbzwATr-ZjgwgLgBAGgBgKAB4-IyAeoB47OG6gH1ckbqAeT2BuoB7oGqAfZyxuoB8_MG6gH8tkbqAemvhuoB-zVG9gHAfIHBBD1jwTSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0ODY3NzA3NDU1OTk3NDmACgPICwHYEwM&sigh=DdBDKTwWzhg&vt=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 53AF 42 B
110 B 49ms
48ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvaVCDfEIxeiyjpSpaZGDsQz2SeL-NZ1851IU53m-iki0lt43kVOd_Ep7lTQvQ7Tdrg11kVDq2mBsrMIruPjhIQYJRzwui1yj_K2z4Qu6vv_4__XS3ZpwPpRaQL-NNMtNG1_1GF8_R9DZ_vlFTC_m02&sai=AMfl-YReHUIsLgCyKp-oMrZ60PZEhi72v1dkkGVP21VN-2hJWbkV8vkBnskrKSevT7X3xLzRa_TwY8oKKYs-JGFN2ypSjLe8yZqLg8aF4uIW09QVHVVbaI8L68i_39s&sig=Cg0ArKJSzG3iC58-8ngOEAE&cid=CAASF-RoKzerAclyku-HzdTj-IBKC8Wvyqtb&id=ampim&o=1078,134&d=298,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=356&tls=1356&g=100&h=100&tt=1356&r=v&adk=1718964984&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
9 KB 303ms
303ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=339680412730990&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_300x250_4&sz=300x250&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000120190&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=1076&ady=3617&adk=2691975371&uci=8&ifi=11&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=52&icsg=5861153964794&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=337x290&msz=300x250&psts=CioI-bXvxhLoAbHzivKCBIICD7C4v8gBqLm_yAGK4veRUdECPsswazx9_JU&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

52465fc3ba7b8e24c9f1ce3da388939ecffaf0f9a1e5466c54c0ebfe6e199710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9220
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 50 B
889 B 37ms
13ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:42 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.50:80
AN-X-Request-Uuid: 73d49d83-4dbb-42be-86e8-4b4160106079
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 50
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adinplay-d.openx.net/w/1.0/ 173 B
357 B 26ms
26ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://adinplay-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.9&dddid=22742417-1629-465b-a953-bb2ba35cec29&nocache=1576000120196&schain=1.0%2C1!adinplay.com%2CJVT%2C1%2C%2C%2C&aus=300x600%2C160x600%2C120x600&divIds=javatips-net_300x600&auid=540543787&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash: dfab7bef6e43255dce9cbee20350e6d3ea0f55eea07295a8915379013ff19e55

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:40 GMT
via: 1.1 google
server: OXGW/16.167.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.javatips.net
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 86ms
86ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 8 KB
6 KB 126ms
102ms XHR
application/json 95.100.197.53
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=418798&v=7.2&r=%7B%22id%22%3A%2272912c2c61a42cb%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2273e4562230daf49%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22418798%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.197.53 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-197-53.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9bf4480ca4c2c861569c2de49b2312909b0bdeed2156cfad1c5ec6ce2ff501e9

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:40 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 5465
Expires: Tue, 10 Dec 2019 17:48:40 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 227ms
227ms XHR
text/plain 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3137690875935645&correlator=571834633070289&output=ldjh&impl=fif&adsid=NT&vrg=2019120201&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A553680904%2C8%3A134250504&sc=1&sfv=1-0-37&ecs=20191210&iu=%2F421469808%2Fjavatips.net_300x600&sz=300x600%7C160x600%7C120x600&scp=hb_format_ix%3Dbanner%26hb_source_ix%3Dclient%26hb_size_ix%3D300x600%26hb_pb_ix%3D0.07%26hb_adid_ix%3D74bb3bc58b64e2%26hb_bidder_ix%3Dix%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.07%26hb_adid%3D74bb3bc58b64e2%26hb_bidder%3Dix&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie=ID%3D7eea00dbd43a51fd%3AT%3D1576000117%3AS%3DALNI_MbrVFINOA0xIOB8k-chBSMzuPty2Q&cookie_enabled=1&bc=31&abxe=1&lmt=1575366638&dt=1576000120329&dlt=1576000116422&idt=641&frm=20&biw=1585&bih=1200&oid=3&adx=1076&ady=3915&adk=3799861217&uci=9&ifi=12&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&dssz=52&icsg=5861153964794&mso=2097152&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=337x640&msz=300x600&psts=CioI-bXvxhLoAbHzivKCBIICD7C4v8gBqLm_yAGK4veRUdECPsswazx9_JU&ga_vid=1851485985.1576000117&ga_sid=1576000117&ga_hid=670754053&fws=4&ohw=337

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c9f6f9b50eca56ad1bafe55496560e3d9f8d330257ac24e0c5865abf0692105b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1942
x-xss-protection: 0
google-lineitem-id: 4524332779
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138215078219
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.javatips.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011911070201440/ Frame 314B 200 KB
54 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16843
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 55611
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:07:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c4309c2c9fce1d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:07:57 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 314B 15 KB
6 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16820
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5592
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ac5c138bfec1b90"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 314B 151 KB
40 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16825
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 41358
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ed96f4a845755c74"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:15 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 314B 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16834
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1402
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "49ed1549bef9ee2d"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:06 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/011911070201440/v0/ Frame 314B 44 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:824::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011911070201440/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 16838
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14180
x-xss-protection: 0
server: sffe
date: Tue, 10 Dec 2019 13:08:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "15a9b640489a7720"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 09 Dec 2020 13:08:02 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 314B 2 KB
3 KB 7ms
5ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65698
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 314B 295 B
366 B 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71719
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
DATA 200
OK truncated
/ Frame 314B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00aebeb48562ae752e458509ecf80686961787006f0960a5e54c8fead223a895

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5840661728208125229
tpc.googlesyndication.com/simgad/ Frame 314B 63 KB
63 KB 9ms
2ms Image
image/jpeg 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5840661728208125229?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkk0dhlZUU7fZcdZeu3ovCBBCi9tg

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe91df802e093ac34cf11e35243094720b0f3a0ed900a25e711f76475eba133e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 05:55:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 15:45:32 GMT
server: sffe
age: 1770819
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 64710
x-xss-protection: 0
expires: Thu, 19 Nov 2020 05:55:01 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 314B 0
0 20ms
11ms Image
text/html 2a00:1450:4001:825::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcP3Bnec5GKREBihzu3fkTimsBZc0glA8F4BPK1ScnI6zfxzG1faV9r-TZ90x3xGJKatYgL9_spPomoLI-6fNG8yVHug
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 314B 0
0 82ms
74ms Image
text/html 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CoO65eNrvXcuRDpDe7gPy46zABbvY49NYsY2sz8cJpNfxgcwBEAEgkeLkH2CVgoqCmAegAZbM9uEDyAECqQJl_-yXYpWyPuACAKgDAcgDCKoEkwJP0EbcNeCBVXrVU1KLiKKwYquy6f1Evr_PRoV5dTZyVKupToucn7SK3653k1b1wWrLVoiKckhph1vMV3L_AY3pGGZpYBJzPHNeu4zpYm0p2tliOgsW3e8Sk84Qsr2v4aCWgFbaLPybACp1ZpfZ2wzfzzc6c1fFsH06QBXZLqOji1E9o7mqQVrSHfbcaDco6rbKkTEc7_dKcP5FYQRD1IJw2hN0xGZSRJ1HqNcmePMBiq2nBeC7qMYWsRb08__HKJUEqhVb-4ZTq5DtxB3COuLbhSa1_0l-njLlIeAYLiZ2MG0UYusLUUsl8fY2xdIMkWQzxCP2K3l0659hu76Q-j5gFcG1IJD9K6FSuUC4KXfg4OGHhcAE45eiwZYC4AQBkgUECAQYAZIFBAgFGASgBgKAB9KziR6oB47OG6gH1ckbqAeT2BuoB7oGqAfZyxuoB8_MG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCZrwHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0ODY3NzA3NDU1OTk3NDmACgPICwHYEwo&sigh=VlhOSTPJJlQ&tpd=AGWhJmu_7LBN5PCs2tMlBY-R7_ckH-RcGjM9J4CT0S7JCPp2Uw
Requested by: Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8238 0
0 73ms
73ms Fetch
image/gif 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKVd1xSABTLW7R-8rofJFMApDTP8O1rmRoUzkhp4NUwj5KleKear9sNlvFGCg4XAucIexUC-UgSgsgOk1DI-rOJ5ePfjg9UskZ-r_05humFrJknbmd3jPB70wzFs3jKI6BW8jwejpznn9Xu7mO767EQ8FDpGgJthlHxv2VHYsRt5BsypcXRt3Rm2g2-owNPAj97aEERnsD_mrbgHsuXr-PZ5xDnqb78avp6PLt0qw_tRHCDn_V1HC5dWIsGa3zspMsxqnlR1veCwcRsoGZ7vr8nQ&sig=Cg0ArKJSzDmybErCX6fvEAE&urlfix=1&adurl=

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 Dec 2019 17:48:40 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK Cookie set ifnotify
a3226.casalemedia.com/ Frame C201 0
0 92ms
14ms Document
text/html 185.80.38.195
Index Exchange Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://a3226.casalemedia.com/ifnotify?gdprconsent=1&c=15D8F52&r=51C9D0B2&t=5DEFDA78&u=WGUtYWRMbFFKc01BQUNvRE9QOEFBQUJS&m=ef68f10b8c32f784eac56c60a40e642a&wp=B&aid=8A8FCE064D2951DE&tid=1516E&s=663EE&cp=0.11&n=www.javatips.net&pr=xx&epr=72912c2c61a42cb
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.80.38.195 , Netherlands, ASN27381 (CASALE-MEDIA - Index Exchange Inc., CA),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Host: a3226.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: CMID=Xe-adLlQJsMAACoDOP8AAABR; CMPS=3226; CMDD=AAZjoAE*; CMPRO=1218; CMRUM3=515defda762760wDT39pExpabYZ6anxGG_pc02oKjYMaOoxGUki6gS&bf5defda7605a0&045defda7627607499174216521742892&835defda76276018072662398439604415&585defda762760Xe-adgAAAK7cVzvh&275defda760b40&2d5defda762760CAESEFvggwAhPi11nkSSAHcuBKM&af5defda7627603951705356771464452; CMST=Xe-adF3v2ngB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Date: Tue, 10 Dec 2019 17:48:40 GMT
Server: Apache
Pragma: no-cache
Cache-Control: no-cache
Expires: 0
Set-Cookie: CMST=Xe-adF3v2ngB;domain=casalemedia.com;path=/;expires=Wed, 11 Dec 2019 17:48:40 GMT CMDD=AAZjoAE*;domain=casalemedia.com;path=/;expires=Wed, 11 Dec 2019 17:48:40 GMT CMRUM3=835defda76276018072662398439604415&275defda780b40&035defda7805a0&395defda7805a0&6f5defda7805a0&335defda7805a0&515defda762760wDT39pExpabYZ6anxGG_pc02oKjYMaOoxGUki6gS&045defda7627607499174216521742892&bf5defda7605a0&585defda762760Xe-adgAAAK7cVzvh&2d5defda762760CAESEFvggwAhPi11nkSSAHcuBKM&495defda7805a00&9d5defda7805a0&af5defda7627603951705356771464452&415defda7805a0;domain=casalemedia.com;path=/;expires=Wed, 09 Dec 2020 17:48:40 GMT
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 49E6 0
0 71ms
71ms Document
text/html 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKijpQIQ3IDPAhiz9f9kMAE&v=APEucNWySxjsiHRuUoN6xU90-63zgbfC8ig32AGatsxUFPnyvXiTtwDb5X9LJSmW5hJ-TmrXzA6HA1nWOZejMN3FXKz7BBLWQw

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CKijpQIQ3IDPAhiz9f9kMAE&v=APEucNWySxjsiHRuUoN6xU90-63zgbfC8ig32AGatsxUFPnyvXiTtwDb5X9LJSmW5hJ-TmrXzA6HA1nWOZejMN3FXKz7BBLWQw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkc7zgkOo3KhHjO27ImIp9m57Z-guB5oW3n-lSFrNLXmv9AK7vxPLz6mrbp; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 10 Dec 2019 17:48:40 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8238 37 KB
17 KB 71ms
71ms Script
text/javascript 2a00:1450:4001:818::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCT7qgAUF5F3LRS6R1oWE21YNh7_bvlcCm17PO46Ck5ITH63UV-wZR1oBChgBT710rMBWX-qNLijRNBlfL4L5rvQ4Vfg&cry=1&dbm_d=AKAmf-DpbHCUb-qYxiI_S1dJ7tUn_LDAT5qgSlBeBP6sAjAcIyvZcsYg_rAsGyvx9GlN1NNtyvcKKLRzos6PEL5NwJGmCauwDZ7KpHCYmWssBWV8HoeESc1pv3Z5CInv4m9r9dMgMfrtiYsC0O-rijqCPyM5VNm2xTVCbJrYsDzZOVFPedk_8i_Vyxva111-A6QIQkS7aAzsPVpR4dsP6vA2_3BWfq80byDzPiIztEKt6mDaV1q57xVZO9eIqnCNZEK6ZwmEWG0nLCAECHKg6VepIRDP3C_AVhcdynlgylwkzN5uZUlUwh7Y3G8E7GQYBI_kxAFNyWLh4GOhgihUFHVItWm9goZm0WQE2PHrCdXaIjHKuBIUklsdTbwLHK2oICxGCHCZpwNKgwPhub1Sx6vu8FiXHoM3wi1C2Mu-Cv7LHGnV3XgOcw1mVrHDtdw9ZRhMNn4khUYcjgKYWxJ1UpC_w9irB2-9PAxPVtjJgVdsfgD3X9EEKqW9ZrEMuWBVgW1Y5H4sAZc8L1VuUmqLIBnjvTVvR4OZNZJvJUPxr6Od2Py6j59f4FybcevF8wBnYsQHasSeQ3i8vnrrd3S4GeWMD5Qd_pJljP4rxPQFrrNSvSL22Qv-QGUetvVUe17p7rX9Fz-hOUKRkxc3eVJHAQCKOwCarw0agadd71eD-iwMkTt4ECdBVker0VXPKcNScGSGdeMMph3phO2FF4izIpWj2bfOA1NXF_BTc_Jxwo4Zmi4cj_VP6ex3C9rxRMRDYbXiL-ANz8zqMMF9xdS6ktrGjDMa1vRViZv9Ft4jeMJj6LMSqHULtJXHNDqKIoBaPuSiHggSjLyouSpoz-TgvHI3VlzctbDbEH3kFCouWbqS3YoXasC_Y0ccOIGCMCqWqdDe_evyBty0Y4XcSHwLyVHPUv9aJCfsXM4aWBVEtXsdqfC6WI3wijghL7F2tPxplnyJzeThFtmLRXq_Mmeo1nXCsiuRO5l7zWSjflqhzhkqJ4cBaiBx6lanruJhzZ0uw55Tg9n0r-t4863htDpwHjLYiN9Lrkw3fUn77IS0VxvZBnZFwiVI9A4JcJYEEOKQGI9-ZtnkrMR2F5bzGTYa9uYcoGgGBwvvMBGpCyNMk1ZqumYb-IglwDj7Bwhs7OyGr9Ory4oWRtqa56fQaKNwI-SiH7eKrGlh_2QlJMWgVe2ocmXPGTvikgihUrfKoOkAeA6pZEKh-M9mW5bJpeMkWBbG8hW79yG4kkFCVy5ihi-bTD_JVW3cbY9vTRAIg7EF9DBZQc-tsUIJgqqbMx4RY6770zacPotfVbzbVWNVhMpquMelWCU229t0cfn8Y22lCs_hh5UVLQx9s7coY2wurq0uw6brSq91NeyMl_oOZqSHVfXpsBzKBoR-gKLcQ2DCkhAXjutaRo2snULDeaO0qr-7euHuFN9fEY2hQlRcLfOw0aS4QwYpxOSGVR-tfoHWYWIZtBrMZ4HKSkx23ifECBDOryujBZvcEkhGcCbmkRe4fZo29Ys3mXgYrzpiUXSZM6Q-WublCv-6Jp2h39VWFpOShP71w6oAh73KSZmV54zLmo0KNtgtfymuNmiAMLrVm2JdxtpwqnH4f90CdxyLIgmodMXFK8pznc-MeHzmPxzDZ2k4e2-JlRJlWRSLwUK4dJuLSwWnHLitpAwTuWlnSVT_RukFRfmmYIeW2JSCBNpxoy6ofm6U08RXnxTZRvycrLx7n2qa17OswbHwwHHVQB1NLC10uvjyXuSi9ZWONYl9205c06iMIlsXQ4aUDvl8XG7FL5hMEA6CsDEx_F253CTF_kzCutnZYfJWPQ4fjZD7aSr--U2yb5q9Vu4FaHiVSeKuN2ICHiyyPmJU9wdQUB_CLJHQGUoIoEyJ8OWnMDBJMb1xpQsWKfcVse27FKWg4C8j-yN94L19JnwdsrmI1XZyEByG79OFSYuA-iIsjjMx1OUt9UJqT1fcS8BHyItWl1cw2w47SOwii8vWpds10bUqPwTRX9y8DxuUVa2UGpUFtDFTc1Nlg3XfgqmRFWpOynz_nFES5dJkHCbZ4LTGv9Sy9M5SPBXlOaxvWt30GLr6hUVKp_t2b-PL2Ey8zliwMwy-grjpgACFzieHUvux5flmKwibr11zAHaaIzukIvk-dOvTOEjiKdXn9volO7PmGZzWUcxY9463WnokB4nSnPQ0eroADBbo2mqRR6uaBek4frvES3NR8lbFwFmTdsW4hwa852f_2otASzPPPhUWPnYA17rUBBmvRm6Rtl8IIsB6fCVSlatkjXnRKpYpv2iYaDTa5i4-oQpsuIqjKjzCmXCvO_bGQkkFm_0igCLoLnsuGIbs-rl1pC-qvQ6jM9rpEwXlnBBGFYba3ofCkZitupvVgtqQIKNme7nagNOqNvJLpjIMY2EYBqyMJEZvFiq3NiUabHgw2UO2OGa6Y3jH9SNOo-SbawQMQosm2X18U3QolRAcE3rfKW2cYNKaXDVPNOWmJaCcv32nUrXWMSVvj9fFtf13DF-fC4qbSNg0T2T1OhkIyH3vQEhqYpUiA6szq4WVrQ4xtXSZhg2vnWy4LQKMgNaQ_oPBL5u287KpGcAN5V9E2bq8GMScIu3a4fx2_6n_3xZfGsGn52r-Dl602EsdA7rM3qMeq4vo_g5Jx9d5C06o6bNrGaRilfCPcwV7iMZY7SlVGU8sL63hMNlakoxLVyKMF1qRu0amURWtlLmS2gp1lvs_vhTqpqiIrrU-BMKs8EE8JwRW-kaaMdnZsXiTRSnVg-B7ULiu5JfFjhxQ-0ne6cm_CZNSUSVuUTYzbP9zuYunF_arckrFYgXWBAIXZGeKYkV2OQ&pr=13:Xe_aeAAAAACiZAu6E14E2vzZMB0_cfBxOzjU_g&cid=CAASPeRot0nTgLiLMLfCfosV4eIYaoWgfrQQzLqqrzXDSGveXoMxzyhdIu7jy-hi_OcKgfBioLWJUp-aexMtR3s

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ecb94e00e0626f7a6dc7f47db822e8d720dc354d3a96a0ecda2e3d4871f40d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8238 42 B
109 B 69ms
69ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ASsumCoxnx6LWAPVmXypRCDBjoRmIS5K9FWvCmciTx3p6-fzK3HSqLVO1UUMQ1PhNM5tYyCGlVvvOGFZmENqMGOQKHGBSlvxhPHsfvgztkkvzKclk

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8238 77 KB
29 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019120201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29272
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:40 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C4C6 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ1D-8kHri2jTrymkqHrOjKDpHGEBwskwev7Dfeo0eqQ7zTGJNC9jTCx2-Gm562Qeg2UWOkMUjm33AXv_hv738TQGvEX4V4gAWhCGlBR8&sig=Cg0ArKJSzNN_-4X2YTYFEAE&id=ampim&o=0,251&d=300,250&ss=1600,1200&bs=300,250&mcvt=1044&mtos=0,0,1044,1044,1044&tos=0,0,1044,0,0&tfs=252&tls=1296&g=99.33333396911621&h=99.33333396911621&tt=1296&r=v&adk=2935765741&avms=ampa

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20191205/r20110914/ Frame 8238 30 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20191205/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CCT7qgAUF5F3LRS6R1oWE21YNh7_bvlcCm17PO46Ck5ITH63UV-wZR1oBChgBT710rMBWX-qNLijRNBlfL4L5rvQ4Vfg&cry=1&dbm_d=AKAmf-DpbHCUb-qYxiI_S1dJ7tUn_LDAT5qgSlBeBP6sAjAcIyvZcsYg_rAsGyvx9GlN1NNtyvcKKLRzos6PEL5NwJGmCauwDZ7KpHCYmWssBWV8HoeESc1pv3Z5CInv4m9r9dMgMfrtiYsC0O-rijqCPyM5VNm2xTVCbJrYsDzZOVFPedk_8i_Vyxva111-A6QIQkS7aAzsPVpR4dsP6vA2_3BWfq80byDzPiIztEKt6mDaV1q57xVZO9eIqnCNZEK6ZwmEWG0nLCAECHKg6VepIRDP3C_AVhcdynlgylwkzN5uZUlUwh7Y3G8E7GQYBI_kxAFNyWLh4GOhgihUFHVItWm9goZm0WQE2PHrCdXaIjHKuBIUklsdTbwLHK2oICxGCHCZpwNKgwPhub1Sx6vu8FiXHoM3wi1C2Mu-Cv7LHGnV3XgOcw1mVrHDtdw9ZRhMNn4khUYcjgKYWxJ1UpC_w9irB2-9PAxPVtjJgVdsfgD3X9EEKqW9ZrEMuWBVgW1Y5H4sAZc8L1VuUmqLIBnjvTVvR4OZNZJvJUPxr6Od2Py6j59f4FybcevF8wBnYsQHasSeQ3i8vnrrd3S4GeWMD5Qd_pJljP4rxPQFrrNSvSL22Qv-QGUetvVUe17p7rX9Fz-hOUKRkxc3eVJHAQCKOwCarw0agadd71eD-iwMkTt4ECdBVker0VXPKcNScGSGdeMMph3phO2FF4izIpWj2bfOA1NXF_BTc_Jxwo4Zmi4cj_VP6ex3C9rxRMRDYbXiL-ANz8zqMMF9xdS6ktrGjDMa1vRViZv9Ft4jeMJj6LMSqHULtJXHNDqKIoBaPuSiHggSjLyouSpoz-TgvHI3VlzctbDbEH3kFCouWbqS3YoXasC_Y0ccOIGCMCqWqdDe_evyBty0Y4XcSHwLyVHPUv9aJCfsXM4aWBVEtXsdqfC6WI3wijghL7F2tPxplnyJzeThFtmLRXq_Mmeo1nXCsiuRO5l7zWSjflqhzhkqJ4cBaiBx6lanruJhzZ0uw55Tg9n0r-t4863htDpwHjLYiN9Lrkw3fUn77IS0VxvZBnZFwiVI9A4JcJYEEOKQGI9-ZtnkrMR2F5bzGTYa9uYcoGgGBwvvMBGpCyNMk1ZqumYb-IglwDj7Bwhs7OyGr9Ory4oWRtqa56fQaKNwI-SiH7eKrGlh_2QlJMWgVe2ocmXPGTvikgihUrfKoOkAeA6pZEKh-M9mW5bJpeMkWBbG8hW79yG4kkFCVy5ihi-bTD_JVW3cbY9vTRAIg7EF9DBZQc-tsUIJgqqbMx4RY6770zacPotfVbzbVWNVhMpquMelWCU229t0cfn8Y22lCs_hh5UVLQx9s7coY2wurq0uw6brSq91NeyMl_oOZqSHVfXpsBzKBoR-gKLcQ2DCkhAXjutaRo2snULDeaO0qr-7euHuFN9fEY2hQlRcLfOw0aS4QwYpxOSGVR-tfoHWYWIZtBrMZ4HKSkx23ifECBDOryujBZvcEkhGcCbmkRe4fZo29Ys3mXgYrzpiUXSZM6Q-WublCv-6Jp2h39VWFpOShP71w6oAh73KSZmV54zLmo0KNtgtfymuNmiAMLrVm2JdxtpwqnH4f90CdxyLIgmodMXFK8pznc-MeHzmPxzDZ2k4e2-JlRJlWRSLwUK4dJuLSwWnHLitpAwTuWlnSVT_RukFRfmmYIeW2JSCBNpxoy6ofm6U08RXnxTZRvycrLx7n2qa17OswbHwwHHVQB1NLC10uvjyXuSi9ZWONYl9205c06iMIlsXQ4aUDvl8XG7FL5hMEA6CsDEx_F253CTF_kzCutnZYfJWPQ4fjZD7aSr--U2yb5q9Vu4FaHiVSeKuN2ICHiyyPmJU9wdQUB_CLJHQGUoIoEyJ8OWnMDBJMb1xpQsWKfcVse27FKWg4C8j-yN94L19JnwdsrmI1XZyEByG79OFSYuA-iIsjjMx1OUt9UJqT1fcS8BHyItWl1cw2w47SOwii8vWpds10bUqPwTRX9y8DxuUVa2UGpUFtDFTc1Nlg3XfgqmRFWpOynz_nFES5dJkHCbZ4LTGv9Sy9M5SPBXlOaxvWt30GLr6hUVKp_t2b-PL2Ey8zliwMwy-grjpgACFzieHUvux5flmKwibr11zAHaaIzukIvk-dOvTOEjiKdXn9volO7PmGZzWUcxY9463WnokB4nSnPQ0eroADBbo2mqRR6uaBek4frvES3NR8lbFwFmTdsW4hwa852f_2otASzPPPhUWPnYA17rUBBmvRm6Rtl8IIsB6fCVSlatkjXnRKpYpv2iYaDTa5i4-oQpsuIqjKjzCmXCvO_bGQkkFm_0igCLoLnsuGIbs-rl1pC-qvQ6jM9rpEwXlnBBGFYba3ofCkZitupvVgtqQIKNme7nagNOqNvJLpjIMY2EYBqyMJEZvFiq3NiUabHgw2UO2OGa6Y3jH9SNOo-SbawQMQosm2X18U3QolRAcE3rfKW2cYNKaXDVPNOWmJaCcv32nUrXWMSVvj9fFtf13DF-fC4qbSNg0T2T1OhkIyH3vQEhqYpUiA6szq4WVrQ4xtXSZhg2vnWy4LQKMgNaQ_oPBL5u287KpGcAN5V9E2bq8GMScIu3a4fx2_6n_3xZfGsGn52r-Dl602EsdA7rM3qMeq4vo_g5Jx9d5C06o6bNrGaRilfCPcwV7iMZY7SlVGU8sL63hMNlakoxLVyKMF1qRu0amURWtlLmS2gp1lvs_vhTqpqiIrrU-BMKs8EE8JwRW-kaaMdnZsXiTRSnVg-B7ULiu5JfFjhxQ-0ne6cm_CZNSUSVuUTYzbP9zuYunF_arckrFYgXWBAIXZGeKYkV2OQ&pr=13:Xe_aeAAAAACiZAu6E14E2vzZMB0_cfBxOzjU_g&cid=CAASPeRot0nTgLiLMLfCfosV4eIYaoWgfrQQzLqqrzXDSGveXoMxzyhdIu7jy-hi_OcKgfBioLWJUp-aexMtR3s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

1272e5f7549394dcf2d56e834973b5c5e53e6bfcdc5c6b51a74007bb03928583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 05 Dec 2019 20:14:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 423231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 11636
x-xss-protection: 0
server: cafe
etag: 5614959280024973079
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Dec 2019 20:14:49 GMT

GET
H2 200 lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8238 80 KB
29 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:817::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c791eb0960646b32b8790c8e0acb2c35125f8aaf243dcd16558d0fafb9599777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1575654529893506"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 29515
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:40 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8238 0
49 B 67ms
67ms Other
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvbxvvzEKnuxWYYYMZzsorNBDh6ALByAWFDHp1CPJ9KiNBtGxKgeYwSSVo9JIYbqEaabvmlDPaqL0bp4kXX5G5jkPbfkwSUdPAwnxEawuzbx7fYCd1wQaGk3tRhlnFI6UiSo-uCbCwfPCIia5ry8ruV2lLOQN-xI9Fj46N5XqrQEC1Gg4vvxPJer2x9b4LvxLM4zXxPAhO5HJOkCu-Wo8gKlpbVGf4dVEhErJSq_i0ux0NTRoZSITGuaYP-ZizTjjLDP3o-jUs0A2kfJ1yTp6k39zDgZz6lwHYe6GIM2EM9mJkKbSyZ6n959U6uhgk5zarK8B1AZO-dPT1OE64LySE5XXJfa2o17fT2GkUP7fkkhRnHsJTVqfXKHnnD_qNLFSpv73LZVSm8eGfU-tU4PcUrcczIHyzcg7gUOJ0JftelF3JZWk7cbDz0EaTDJp2Yj1WuKTxIZPFwxpW1zxOwczT5OKytz3zT5aI9r4An5eqJRAS0eq0TeJ_cllHYiggfCav5Dkmxyy63aLxpAymU9pIWmIxzpoD36CBVagu37hB2KUq4nWjZXekqVkR1pPwdLQN9Ypkkbx6T-aj7A62HscVpvbYPLq6LEqqflBcJcxH_AsM30rF-4wTkLLQ37AS2IVK8orGqI0sIwyqdul01etuETHwb8n4uJBQIx-Z2byaZutNtuAtdfxYUgnf4ZdFqqdE3qJx6KSBBSDA2bhXj4Zww2n4lWyhssCpORbONPFMbVyqlWYqDkX79a07WfRSDuSPn7NTRpeZmmnF8FjZJpf3wKX8RMmp8-_XTQP-YeughnueUuAu5DTA8jGmxFRUqQQElGux0ffkuq2JW6wpgpt05de6--57X6o3GufZB6ueTUB0pbQH0PteP39HKDFtBnNpIfjmJoo6JnWRKwqE4eRlgfA5qkJNXXQtYTYw7LJi2WHEA3i2hEdvgYnYu9f_0k0MkwStUiUO-J8OSj93QZP2Uk09uhCeywhqlC4L2yuKfcZAi-Ix-2C3Ds7fM5DM55iwvpyL9_AYyprXoqooDRtteYPX7ukQZ9Uund9R37CqJPWU&sai=AMfl-YQrf60Y4MOUP3aF6ODFvmdoZ4gRmA175wkR0p8sEmGu-EnCnG8_qh-jyU5Z5CSZe9YDyxI4z5Zh1TVoMuqYZhiLt-xlgYrHRCbUB5UXPVEYdX_ljagFCeFL8viKgFGcbJGP9y-RugAwVj9p-IndhrNVvP-b2wxYrj2K9iImokQAbz--bMEe4W06_QWr7kRNvqYgyAQV1M8LJiYpH9T0mD8yKpACzyXiI-F6M8ShOA&sig=Cg0ArKJSzNqzeaBJTEwAEAE&pr=13:Xe_aeAAAAACiZAu6E14E2vzZMB0_cfBxOzjU_g&urlfix=1&omid=0&rm=1&ctpt=0&cstd=0&cisv=r20191205&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
date: Tue, 10 Dec 2019 17:48:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8238 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 14:58:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 May 2018 20:45:00 GMT
server: sffe
age: 10213
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
expires: Wed, 09 Dec 2020 14:58:27 GMT

GET
H2 200 13082874602436886268
s0.2mdn.net/simgad/ Frame 8238 60 KB
60 KB 5ms
5ms Image
image/jpeg 2a00:1450:4001:809::2006
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13082874602436886268

Requested by

Host: www.javatips.net
URL: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2a30ea463b33523f65904fbeaa8fb94e1d5644d1702121656759515deba27c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 08 Dec 2019 23:36:33 GMT
x-content-type-options: nosniff
age: 151927
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 61430
x-xss-protection: 0
last-modified: Thu, 28 Nov 2019 14:18:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Dec 2020 23:36:33 GMT

GET
DATA 200
OK truncated
/ Frame 8238 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 526578e97ebb3248bd566cdb55db1b05b3a3316c61c776a5ac6df74e03ab87f3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8238 0
57 B 19ms
19ms Other
image/gif 172.217.16.162
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.162 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 10 Dec 2019 17:48:40 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 06F5 0
0 6ms
5ms Document
text/html 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 8395
date: Tue, 10 Dec 2019 14:58:29 GMT
expires: Wed, 09 Dec 2020 14:58:29 GMT
last-modified: Wed, 09 May 2018 20:45:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10211
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 5840661728208125229
tpc.googlesyndication.com/simgad/ Frame 314B 63 KB
63 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5840661728208125229?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkk0dhlZUU7fZcdZeu3ovCBBCi9tg

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe91df802e093ac34cf11e35243094720b0f3a0ed900a25e711f76475eba133e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 20 Nov 2019 05:55:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Jun 2019 15:45:32 GMT
server: sffe
age: 1770819
content-type: image/jpeg
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 64710
x-xss-protection: 0
expires: Thu, 19 Nov 2020 05:55:01 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 314B 2 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 23:33:42 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 65698
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Tue, 10 Dec 2019 23:33:42 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 314B 295 B
362 B 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 09 Dec 2019 21:53:21 GMT
x-content-type-options: nosniff
content-type: image/png
server: cafe
age: 71719
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Tue, 10 Dec 2019 21:53:21 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 149 B
1 KB 191ms
146ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2221051c4cc7802f%22%3A%223ee14f1317275caf9f20%7C%7Cf%3D0.5%22%7D&ref=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&s=7b58ea0b-36d9-44b2-9030-b1149cef059c&pv=47852528-4593-46bc-b323-19fc71aa9098&vp=desktop&lib_name=prebid&lib_v=2.44.0-pre&us=5&ius=1&hfa=PRE-139a70b1-4a4d-475a-8d1e-eb8c408b4337&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freegames66.com%22%2C%22sid%22%3A%221417%22%2C%22hp%22%3A1%7D%5D%7D&

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

24902bc35164d491352743f6cd2aabcb2bc46c13f98d6033d693a4379f3427c9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:41 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 152
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK / Show response
hb.adtelligent.com/auction/ 388 B
595 B 305ms
87ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adtelligent.com/auction/?domain=www.javatips.net&callbackId=430d5c32506518&aid=466719&ad_type=video&sizes=640x480&
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: adtelligent6.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 8683ba0b7649fa2ee53f0a8ce19a3d757e3ebe571f8eb8d0bb5144e073a4cef0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.javatips.net
Date: Tue, 10 Dec 2019 17:48:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 328
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
832 B 42ms
18ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4efddfb513df9750b0478ac3b284e8aa50546827d3b86ec29b832ef948c85906

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:43 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.139:80
AN-X-Request-Uuid: cf9e65c7-dcb4-480d-98f1-52b6e69a6344
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 21ms
20ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:40 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 141 B
362 B 94ms
79ms XHR
application/json 52.57.64.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.64.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-64-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9a5aedd9cd3d1385001c45ce6af1ab6c302b4b54538305d115f7067dedb3e18a

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:41 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://www.javatips.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 147
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 50ms
28ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8a4fb0f73d673fd957f85fda52f29735226018e02a550a392dd7bff7dfcd064d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:43 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.108:80
AN-X-Request-Uuid: 34985e7d-5b62-48cd-8cc0-03f8bc968ec4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4CFE 73 KB
27 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-15

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f788c98359e5c65293b2996342350612363e7527bd62abe6235a913c3a9121af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:41 GMT
content-encoding: br
last-modified: Tue, 10 Dec 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27668
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:41 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 4588 73 KB
27 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-10

Requested by

Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b6e5195f034b17afae7fe1441e6f7e532cf0386b37957af21cd6d79afe49b28

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:41 GMT
content-encoding: br
last-modified: Tue, 10 Dec 2019 15:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27668
x-xss-protection: 0
expires: Tue, 10 Dec 2019 17:48:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 4CFE 43 KB
17 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4504
date: Tue, 10 Dec 2019 16:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 10 Dec 2019 18:33:37 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 4CFE 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=913712291&t=pageview&_s=1&dl=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ul=en-us&de=UTF-8&dt=Nobid_VideoDiscover_javatips.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=javatips.net&cm=Nobid_VideoDiscover&cc=Default&_u=IEBAAUAB~&jid=41175049&gjid=1665254574&cid=1402000207.1576000121&tid=UA-128776493-15&_gid=878234643.1576000121&_r=1&gtm=2ouav9&z=1028385507

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 67ms
43ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

6faac9f6ed6102364166b63adf0dafebe30e77ad72dacf1640920808a1a7a953

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:43 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.117:80
AN-X-Request-Uuid: ae68e880-18a0-4ab8-80e4-a75dd203810d
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK / Show response
hb.adtelligent.com/auction/ 389 B
597 B 194ms
117ms XHR
application/json 62.149.23.112
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.adtelligent.com/auction/?domain=www.javatips.net&callbackId=16f82dad4f5e19f&aid=466719&ad_type=video&sizes=410x231&
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 62.149.23.112 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: adtelligent6.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 07055117804cfb7c491f9940d44970310778324121af9126bc1e0984a8d0a98c

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.javatips.net
Date: Tue, 10 Dec 2019 17:48:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Content-Length: 330
Content-Type: application/json; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 18ms
18ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 10 Dec 2019 17:48:41 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.javatips.net

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 141 B
363 B 91ms
91ms XHR
application/json 52.57.64.247
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.64.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-57-64-247.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 872b145f1cd0b43411d41077bf08f0e04ad580c11dc8da9ef263ee602190b464

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 Dec 2019 17:48:41 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://www.javatips.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 148
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 150 B
1 KB 78ms
54ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22225dc7e60f33ffd%22%3A%2227181c1c10ecd8b7d372%7C%7Cf%3D0.5%22%7D&ref=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&s=367be755-838e-456c-a42f-9a438c3e5b6d&pv=47852528-4593-46bc-b323-19fc71aa9098&vp=desktop&lib_name=prebid&lib_v=2.44.0-pre&us=5&ius=1&hfa=PRE-139a70b1-4a4d-475a-8d1e-eb8c408b4337&gdpr=false&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22freegames66.com%22%2C%22sid%22%3A%221417%22%2C%22hp%22%3A1%7D%5D%7D&

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

3435fad4fa22b3456e6b179e79ba3c58651b3620f6742e87dd5d87ab633041ba

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:41 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 178
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 143 B
1 KB 42ms
20ms XHR
application/json 185.33.220.145
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

e9d322925f28f3f092d9688b5e14241061307b4a89d076118ff5c70a32bf50d0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:43 GMT
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: 73818758-6fb6-4dd4-82db-b27b8a8ae7e8
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.javatips.net
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vi-logo.svg
assets.bilsyndication.com/media/icon/ 11 KB
3 KB 28ms
28ms Image
image/svg+xml 2606:4700:10::6814:ec10
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.bilsyndication.com/media/icon/vi-logo.svg
Requested by: Host: biltag.bilsyndication.com
URL: https://biltag.bilsyndication.com/jsv1/1575971444/?d=1417&n=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:ec10 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Dec 2019 17:48:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
age: 1160179
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
status: 200
cache-control: max-age=16070400
cf-ray: 54310d19ad6dcbcc-VIE
alt-svc: h3-23=":443"; ma=86400

GET
H2 200 collect
www.google-analytics.com/ Frame 4CFE 35 B
108 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=913712291&t=pageview&_s=2&dl=https%3A%2F%2Fwww.javatips.net%2Fblog%2Fanti-cross-site-scripting-xss-for-java-web-application&ul=en-us&de=UTF-8&dt=Nobid_Outstream_javatips.net_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=javatips.net&cm=Nobid_Outstream&cc=Default&_u=KEBAAUAB~&jid=&gjid=&cid=1402000207.1576000121&tid=UA-128776493-15&_gid=878234643.1576000121&gtm=2ouav9&z=680595697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Nov 2019 11:54:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1662830
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 playlist7.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 167 KB
167 KB 23ms
23ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist7.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 382067d2af8b0731ff370062da8f907a5c523faba78d5edaa77d25f77797d9ff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:43 GMT
cf-cache-status: HIT
age: 1038991
status: 200
content-length: 170516
last-modified: Tue, 05 Nov 2019 02:26:10 GMT
server: cloudflare
etag: "5dc0ddc2-29a14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d213d2e5964-VIE

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4CE1 0
0 53ms
13ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame CD31 0
0 41ms
12ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 97F9 0
0 46ms
14ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9C46 0
0 57ms
13ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 405B 0
0 47ms
12ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame CB1E
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1

0
0

17ms
16ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|mOgikimWiygu; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=5afc3d3e-84cb-0b7d-31cd-53988c674417|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
date: Tue, 10 Dec 2019 17:48:43 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 1679
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1

0
0

21ms
21ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|mOgikimWiygu; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
date: Tue, 10 Dec 2019 17:48:43 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0BA3 0
0 50ms
16ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 2F3F 0
0 18ms
15ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|mOgikimWiygu; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame BA7C 0
0 13ms
12ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 92C8 0
0 19ms
19ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; pd=v2|1576000123|mOgikimWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|kimWfcgqiysLgemOgun0oagi; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 468
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0534 0
0 39ms
38ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 76EC 0
0 17ms
16ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; pd=v2|1576000123|kimWfcgqiysLgemOgun0oagi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|rskimWfcsHgqmuiynIsLomgemOgunsn0oagi; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 605
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame B1F7 0
0 16ms
16ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; pd=v2|1576000123|kimWfcgqiysLgemOgun0oagi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|rskimWfcsHgqmuiynIsLomgemOgunsn0oagi; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 605
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame CEBD 0
0 17ms
16ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 40CB 0
0 13ms
12ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 8778 0
0 28ms
27ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E4D1 0
0 24ms
24ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 94E7 0
0 65ms
65ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7E72 0
0 64ms
64ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; pd=v2|1576000123|rskimWfcsHgqmuiynIsLomgemOgunsn0oagi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|rsj8gmkimWfcvmsHtlqGgqmuiynIsLiSomgemOgunsn0oagi; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 525
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 036D 0
0 70ms
17ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; pd=v2|1576000123|rskimWfcsHgqmuiynIsLomgemOgunsn0oagi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|rsj8gmkimWfcvmsHtlqGgqmuiynIsLiSomgemOgunsn0oagi; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 525
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 947F 0
0 25ms
17ms Document
text/html 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.167.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=6e284d01-da78-4466-a0be-10c82bd3e67f&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
accept-encoding: gzip, deflate, br
cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; pd=v2|1576000123|rskimWfcsHgqmuiynIsLomgemOgunsn0oagi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

status: 200
vary: Accept
set-cookie: i=a3bb9a34-7e1b-04f7-3af9-6650b92892c5|1576000123; Version=1; Expires=Wed, 09-Dec-2020 17:48:43 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1576000123|rsj8gmkimWfcvmsHtlqGgqmuiynIsLiSomgemOgunsn0oagi; Version=1; Expires=Wed, 25-Dec-2019 17:48:43 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.167.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 10 Dec 2019 17:48:43 GMT
content-type: text/html
content-length: 525
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame E637 0
0 22ms
13ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7231 0
0 17ms
13ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 08E5 0
0 16ms
14ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=5933929651362904511; icu=ChgIt8BfEAoYAiACKAIw-7S_7wU4AkACSAIQ-7S_7wUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:43 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame FCBA 0
0 13ms
13ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 485C 0
0 15ms
12ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46725
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set uc.html
sync.go.sonobi.com/ Frame 8C32 0
0 70ms
30ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Date: Tue, 10 Dec 2019 17:48:44 GMT
Content-Type: text/html
Content-Length: 786
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Set-Cookie: __uqc=1; expires=Tue, 10 Dec 2019 19:48:43 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=3dcf1af8-3d8f-4b8b-9565-8da6f9140eb2; expires=Thu, 09 Jan 2020 17:48:43 GMT; domain=.go.sonobi.com; secure; SameSite=None HAPLB5S=s57129|Xe/af; path=/; domain=.go.sonobi.com
Server: sonobi-go

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame BD70 0
0 39ms
13ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:44 GMT
Date: Tue, 10 Dec 2019 17:48:44 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame B686 0
0 13ms
13ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46724
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 98DE 0
0 39ms
15ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:44 GMT
Date: Tue, 10 Dec 2019 17:48:44 GMT
Connection: keep-alive

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame EB91 0
0 57ms
7ms Document
text/html 23.37.55.184
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.55.184 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a23-37-55-184.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 09 Dec 2019 19:59:07 GMT
Content-Encoding: gzip
Content-Length: 7450
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=52982
Expires: Wed, 11 Dec 2019 08:31:46 GMT
Date: Tue, 10 Dec 2019 17:48:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame C6A1 0
0 36ms
12ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:44 GMT
Date: Tue, 10 Dec 2019 17:48:44 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0F32 0
0 38ms
13ms Document
text/html 95.100.196.237
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.237 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-237.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
Vary: Accept-Encoding
ETag: W/"573e714d-3e3"
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Dec 2020 17:48:44 GMT
Date: Tue, 10 Dec 2019 17:48:44 GMT
Connection: keep-alive

GET csync
sync.admin.ads.152media.com/ Frame D088 0
0

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 9D1B 0
0 12ms
12ms Document
text/html 95.100.196.250
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.100.196.250 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a95-100-196-250.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Last-Modified: Tue, 12 Nov 2019 06:59:02 GMT
ETag: "13006b6-97cd-59720c88c16d1"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14515
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=46724
Expires: Wed, 11 Dec 2019 06:47:28 GMT
Date: Tue, 10 Dec 2019 17:48:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 2597 0
0 471ms
45ms Document
text/plain 77.245.58.151
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=81350&r={uid}
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.58.151 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS: grantsadvisoronline.com
Software: nginx /
Resource Hash

Request headers

Host: sync.adkernel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx
Date: Tue, 10 Dec 2019 17:48:44 GMT
Content-Length: 0
Connection: close

GET
H/1.1 200
OK user-sync
sync.adkernel.com/ Frame 5C5C 0
0 463ms
47ms Document
text/plain 77.245.58.151
Webair Internet D...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=81350&r={uid}
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.58.151 , Netherlands, ASN36057 (WEBAIR-INTERNET-MTL - Webair Internet Development Company Inc., US),
Reverse DNS: grantsadvisoronline.com
Software: nginx /
Resource Hash

Request headers

Host: sync.adkernel.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Server: nginx
Date: Tue, 10 Dec 2019 17:48:44 GMT
Content-Length: 0
Connection: close

GET
H/1.1 200
OK Cookie set uc.html
sync.go.sonobi.com/ Frame FD33 0
0 53ms
27ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Response headers

Date: Tue, 10 Dec 2019 17:48:44 GMT
Content-Type: text/html
Content-Length: 784
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Set-Cookie: __uqc=1; expires=Tue, 10 Dec 2019 19:48:44 GMT; domain=.go.sonobi.com; secure; SameSite=None __uis=a310d0ea-b067-46cd-acdf-1d6660a28a8b; expires=Thu, 09 Jan 2020 17:48:44 GMT; domain=.go.sonobi.com; secure; SameSite=None HAPLB5S=s57129|Xe/af; path=/; domain=.go.sonobi.com
Server: sonobi-go

GET
H/1.1

200
OK

csync
sync.adtelligent.com/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285868%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D285868%2526extuid%253D%2524UID
https://sync.adtelligent.com/csync?t=a&ep=285868&extuid=2730550440915030665

86 B
485 B

595ms
370ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=285868&extuid=2730550440915030665
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS: 0-72.adtelligent3-tmp.cc.colocall.com
Software: Adtelligent 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 10 Dec 2019 17:48:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: Adtelligent 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 10 Dec 2019 17:48:46 GMT
AN-X-Request-Uuid: f9036194-f2fd-4121-ac2d-57def2f59f59
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://sync.adtelligent.com/csync?t=a&ep=285868&extuid=2730550440915030665
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 144.76.109.30; 144.76.109.30; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.44:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 playlist8.jpg Show response
s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/ 1 MB
1 MB 60ms
28ms XHR
image/jpeg 2606:4700:3038::681f:ba3
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://s.vlistatic.com/diy-video/9_Easy_Crafts_Ideas_at_Home/playlist8.jpg
Requested by: Host: assets.bilsyndication.com
URL: https://assets.bilsyndication.com/plugins/hls.js/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::681f:ba3 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c12662a9fd17b0f6418c6edae0357b60349c63534ed4a4048a5aadc1eaa3d82

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
Origin: https://www.javatips.net

Response headers

date: Tue, 10 Dec 2019 17:48:44 GMT
cf-cache-status: HIT
age: 11789
status: 200
content-length: 1179888
last-modified: Tue, 05 Nov 2019 02:26:11 GMT
server: cloudflare
etag: "5dc0ddc3-1200f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 54310d2c08678c62-VIE

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: sync.admin.ads.152media.com
URL: https://sync.admin.ads.152media.com/csync?t=a&ep=292298&extuid=%%EXTERNAL_COOKIE_ID%%

Verdicts & Comments Add Verdict or Comment

294 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 15:08:16	Name: IDE Value: AHWqTUkc7zgkOo3KhHjO27ImIp9m57Z-guB5oW3n-lSFrNLXmv9AK7vxPLz6mrbp
www.javatips.net/	1970-01-19 05:46:40	Name: sf_ck_tst Value: test
www.javatips.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: B5A3B30FB81429A22507497B8D889314
.javatips.net/	1970-01-19 05:48:06	Name: _gid Value: GA1.2.1484984055.1576000117
.javatips.net/	1970-01-19 23:17:52	Name: __gads Value: ID=638064073d153a28:T=1576000117:S=ALNI_MYO7UXBj6OiOsAP4p9KL8EBEfZ1-Q
.javatips.net/	1970-01-19 05:46:40	Name: _gat_gtag_UA_22006649_1 Value: 1
.javatips.net/	1970-01-19 23:17:52	Name: _ga Value: GA1.2.1851485985.1576000117
.javatips.net/	1970-01-19 06:29:52	Name: __cfduid Value: dabfeea4a80116b89e71dd013f077ac751576000116

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: https://api.adinplay.com/libs/aiptag/pub/JVT/javatips.net/tag.min.js(Line 26) Message: %c %c %c AdinPlay 2.0 ✰ JVT ✰ %c %c ads by http://www.adinplay.com/ %c %c %c%c background: #9C0013; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF; background: #030307; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF;background: #DB0028; padding:5px 0; background: #9C0013; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0;
console-api	warning	URL: https://assets.bilsyndication.com/prebid/default/prebid-v2.44.0.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application
console-api	warning	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 19) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CPsFvdtrvXdbZB9GM7_UPhNCqgASE48TIWq27-JrNCoDS5MKPDhABIJHi5B9glQKgAdn3t_gDyAECqQK_GPufyOSDPuACAKgDAaoEmwJP0BKyZaDWWz-LwGaGGopoWEqpTW4PEN5B7WDaEa22PvKbqhzEeKxVOvUaynt0TxbFJs1AcD6x4LmOcCAI4sow_FPsl97MRrYZUK4HzMsqHxORUh6ZuTaQLmrn-kYQYt1CA3Rs5rr1jPibEU6gb4nslVjXMMseU7C2Arf6nbQzcE6LQwkDh1JdeJzUaaoN_93d-swkmJWPDw12qKqGxFEqenE3B41lBHkaonSEWc9h9znjlgI8y3oB7RLRrwMUuzCZjzFv7mCkD6EMIIR5J4BLPtQlT06dvahpoiIdb3VmJb3QQ1OtWaoMgpKFMJBxj1bB_ntXHGRnqO_BcbJuyWjjsfdTOvMr1U1X06hspEe6YZUSHf8y_iGc-VbzwATr-ZjgwgLgBAGgBgKAB4-IyAeoB47OG6gH1ckbqAeT2BuoB7oGqAfZyxuoB8_MG6gH8tkbqAemvhuoB-zVG9gHAfIHBBD1jwTSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTU0ODY3NzA3NDU1OTk3NDmACgPICwHYEwM&sigh=DdBDKTwWzhg&vt=1
console-api	info	URL: https://cdn.ampproject.org/rtv/011911070201440/amp4ads-v0.js(Line 411) Message: Powered by AMP ⚡ HTML – Version 1911070201440 https://www.javatips.net/blog/anti-cross-site-scripting-xss-for-java-web-application

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
a3226.casalemedia.com
acdn.adnxs.com
ad.doubleclick.net
ad.zanox.com
adinplay-d.openx.net
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
apex.go.sonobi.com
api.adinplay.com
apps.developermedia.com
as-sec.casalemedia.com
assets.bilsyndication.com
biltag.bilsyndication.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn1.developermedia.com
cdn4.buysellads.net
connect.facebook.net
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90006.redintelligence.net
hb.adtelligent.com
hbopenbid.pubmatic.com
ib.adnxs.com
imasdk.googleapis.com
logs.bilsyndication.com
m.servedby-buysellads.com
mathid.mathtag.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.mathtag.com
prebid-server.rubiconproject.com
s.vlistatic.com
s0.2mdn.net
s3.buysellads.com
securepubads.g.doubleclick.net
services.bilsyndication.com
srv.buysellads.com
staticxx.facebook.com
sync.adkernel.com
sync.admin.ads.152media.com
sync.adtelligent.com
sync.go.sonobi.com
tags.mathtag.com
tpc.googlesyndication.com
tps.doubleverify.com
vendorlist.consensu.org
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.javatips.net
hbopenbid.pubmatic.com
sync.admin.ads.152media.com
108.161.189.78
136.243.149.243
138.201.63.164
172.217.16.130
172.217.16.162
172.217.21.230
172.217.22.6
178.162.133.149
178.162.133.150
185.29.133.58
185.29.134.233
185.33.220.145
185.64.189.112
185.80.38.195
195.216.249.67
2.18.233.201
213.254.244.19
23.111.9.22
23.194.14.197
23.37.55.184
2600:9000:21f3:600:1:af78:4c0:93a1
2606:4700:10::6814:ec10
2606:4700:20::6819:210f
2606:4700:3038::681f:ba3
2606:4700:30::681c:1610
2606:4700::6811:4004
2a00:1450:4001:800::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:817::2002
2a00:1450:4001:818::2002
2a00:1450:4001:820::200a
2a00:1450:4001:821::2003
2a00:1450:4001:824::2001
2a00:1450:4001:825::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:3::621
34.95.120.147
52.57.64.247
62.149.0.72
62.149.23.112
68.183.0.10
76.74.234.208
77.245.58.151
85.10.231.199
94.31.29.32
95.100.196.237
95.100.196.250
95.100.197.53
00aebeb48562ae752e458509ecf80686961787006f0960a5e54c8fead223a895
0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
02b7dcb978d90b3e3ed1c4cc33a14870622e9340f8672e526e3edbfc25a97d20
04175446ad698dc72c64fddcb5daf60129b35837a74bb90cd885a314ad76882f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0604dadda621f21d36b7d1562b26061d419a4467ffaa3f9d710ef00370fa700b
07055117804cfb7c491f9940d44970310778324121af9126bc1e0984a8d0a98c
077fecb4da3f2ae0721875edad7995d12f610b550b9b45817a34975aa44fdc7b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0a53ee4b90f6e50755f3ee86e1a32831c31622578b55814848c47a10d2c25cbd
0d62946b49f357b8cc1f07015be1d56492da8ca2ab8f250769e7dc2ec4c0c7b2
0e0e845aea78522b80f312eef36d299ff3f54aff0235b382b54c6a756022a0f5
0f2756cf2cd474375aa3bbbec452aabc1c016c3379bc8198710b41a02fc8faec
0fd91b33be34a22c107036bd473a8d0f7ce874aecef8302e10323d4c1fbd93f7
1008ae8c93c140845bf5bfa6d0c6e0a048ff8906a4fa0081196fd99f1613f65a
1272e5f7549394dcf2d56e834973b5c5e53e6bfcdc5c6b51a74007bb03928583
1360a4fdf411646a2673df8eb65ce4cf744c6b7c640364f9b3ca73bcfcc508a7
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1916eda0640d093fbae757ed613268f5e16caa4d510f12eed506f8cdc2b24fbb
1ca0f8022395d1ac1e94f3ec7135e386ae64a5ee33b58213605ed8199ee40851
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e4d7c071d72d7b41076bd9157a12ee75bf9058003642be197e9e59d418aee8c
1fc74bf866c96b07e24357f9678db45eb8a9f840f7b8170b79ef4f87482a85dc
1ff5c8042a24f2d373e46c2a3e7f6ddcc7819cf5e5e7a79ac98106219ee39ca3
20cdda5f0e51f5dac5693ffe15fb394528dd838e9887a785de1d02e3bb2a418f
24902bc35164d491352743f6cd2aabcb2bc46c13f98d6033d693a4379f3427c9
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
25380a35584d7e4bf8f4ea97604c2dca0b304ed992fd06a1a55cecce1e9d2d62
28632d8b99d8b809f92685923b42c9df411aa0ed0c5c05efe7aac89ebe82a112
2a30ea463b33523f65904fbeaa8fb94e1d5644d1702121656759515deba27c86
2d30045d2cec1b11ecdaaa9808fff3aada2ae62bff6f7d6dfe97af24227c1476
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3e0bb27e6fb0c3314a7bd140cfadd1f9f9f775b547d5acc878ab5d33a29755
2ec2d32be674edaa0412f7efb69f7d316a52b3cb7445f68976b83415b81d6ca7
3011b91d4590dcebbe8b8387c12087ec08e8c235bfe767225c3f858838f3c571
3031a323138ccd97f18644323b806c07bd4bf525cb3ca4b0178060935b8fc950
3135160ee3b34e2d1e58bf80944a1ed2cef3f073528ea98f11916a397b4c6ac9
334ffbd70e7fa6c0ff2c9fbe7103e7ac09c9caec2689d4262c9126a0e24d7e94
3435fad4fa22b3456e6b179e79ba3c58651b3620f6742e87dd5d87ab633041ba
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37e71e562ae436879500b69e62579c41ae97364033a3ccadbf95516a24d2fecd
382067d2af8b0731ff370062da8f907a5c523faba78d5edaa77d25f77797d9ff
3a1ced149efa4f0f3d97221e4969ba6a4825773e7a2527294ab8449775676deb
3a4e001007388631acfd6009a9a584d5022e67d82d6ed942bf88ec152deceb16
3a88801b44e8808ce67107a3c9957804bb0b0584fc987defeaea0ec0fd2621a2
3a9d6131b94e25a36366e61eb13b147c12121c778cf1c583c0074a3bc37f5278
3b6e5195f034b17afae7fe1441e6f7e532cf0386b37957af21cd6d79afe49b28
3c10cb1ddf712f08a5082f5759b9496c250d195a9e6746e2ab0088b52775b21e
3dc8ede8ce99e76f1f50942b8d40a7dfbaa11a73afde3a0f485132969e037623
42835eddfccf126c4f65091c377c206334c2fb2838212d01965298cd4599b39f
42d6249cf9f7cbbd83a7d235229e1463511e75b0a712db611414e32826b5641e
44178919accac2fd92f71084d312c8ff266dd25b8b808f8e9b32fe2926aefb41
46cda9d688feb40ed03c8cea164fc77d056f7df50064663c13cf76a12443308b
49cafb9b46e8ba80da2e08acc553ad443eaad9be9154ef11e891d29f27da9e8d
4efddfb513df9750b0478ac3b284e8aa50546827d3b86ec29b832ef948c85906
4f2869013d4fa068216ba5975d985b6677b0e7d356c8738756da25a7daf4a458
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52465fc3ba7b8e24c9f1ce3da388939ecffaf0f9a1e5466c54c0ebfe6e199710
526578e97ebb3248bd566cdb55db1b05b3a3316c61c776a5ac6df74e03ab87f3
5404c9b01a8e91b2c523281402df411f80baba759a2d79548c86d7ddf0f045c8
59f0b9466a3332a0b6a46d9506488831104738d3d88ad9446482fd7aa191fcd0
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a92cba39df6d43be8c38ca9fd19620c9dd1576879a8598eeb8d0e52726da591
5c12662a9fd17b0f6418c6edae0357b60349c63534ed4a4048a5aadc1eaa3d82
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6284026b6e51c43710cf17741eebfa10b5fd253fbbf64682c95836aebd4787c6
62ae6d21f029f243f7c5b8a71c096e21d70f4d87c3cba15b77426dfcc1caafc5
63890326f558587b0840eb0a6e6377f1bf39264e015e568f4c2a03aefce3f929
647f43cd0cfdbafe354249e2c9831cc97c843fe0e44a726febdfb956bd1d25c5
66c79d88a8fc51f10536e446ebc6cfb5adbae95cbb338f3242210f21b6ba89ec
6979ca0c032a991062e094e3378d05e0d998877a89daf72408c4494a03143b64
6d8219343860deacf591add0184407f74235ee7f024b013845e543931b81f1f4
6faac9f6ed6102364166b63adf0dafebe30e77ad72dacf1640920808a1a7a953
6fcf4c3d6c3d6f1900858ac6c9e70024d329e65b3586a17e070b26aeb5c53bbe
719cc065a6de7c9959a8fa8fcc3b72d80c98fddea3dfcb95060d2070acd5c853
71dae7cc7766c98bdc4b766789af22fe0442d58aced342736f044ec12aaba058
71f5f2b52a5a4240f8c200f67f8f2b6ab2b9784cce4efb72635241c50f3ad04c
73e88dfcd0f3a535341fb641c5400fcf772ffe36c628241104f829d3cf48e29b
767571efbe1d6a1a72988ab8af44e51ef8d6db08071ce9e778de2cde60551b64
769eb9ed7fcfd60268502d88c88a988ece4bd6608c60969b301341c0a1d9d373
76c2aece5106b25681ac1f4b8716edca4c01e49b45c1327e885e931fdbcffd96
79c8357f91117e26aa1df7b22d958615d34c0049081c816cae85ab12d91301ec
7a52d4e3f541e459f9069f6f596242684704eeaca5a95f05285d16e2e609927d
7c908eb586a7f0bc72f73add79aae9e593b0d8c6c85d07bc4db9d95319fc1250
7cb2b5dd8e78acc08ecf4d14332f6b71c16f9c95e77320be78c7b0a8eefedb1b
7e7b17e13dd03d519f88050a16ef4f3b50a9bf25f889c949d4376436db40323c
7e94d40637bea29a6c14cb7c56539e071921692f283c1a0a318ae3f4887c4148
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81f54426670d7d98737ddc6a9a49855c99436008847b15abeef5e70cecf569e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
866a1264b956a58da8e640a6191453d62f20d8676f63f193d2786318f83f6422
8683ba0b7649fa2ee53f0a8ce19a3d757e3ebe571f8eb8d0bb5144e073a4cef0
86a2b0cd69afae8f700d7b2ab69f408f1db709d72567e5e994e0bf2efa18ed84
872b145f1cd0b43411d41077bf08f0e04ad580c11dc8da9ef263ee602190b464
881aa0420667d52d0ce9e71c4e9995970b759362477767d528c03df96db7c2d6
8a4fb0f73d673fd957f85fda52f29735226018e02a550a392dd7bff7dfcd064d
8b417aa4fcb67de2345e359f2526dc4c271e72b1179e6d4b8a55356fa86290e1
8b49eef1ad608db416865ce4695143b9c0cb14d5dea8ef2c508f12a1017980e3
8c04c0e2848c3baa5be9fd58c86ed9334af961035bbc40ef6a5c7ebb3784e001
94d096f8370c356670bfc69b6353f6c1a64d7ebec2eceae713d26420eccf3337
97f2202fe794a4270a67e2da5a5c79c6bc00650f64eb17218e3c1ca4fd63acc9
9a5aedd9cd3d1385001c45ce6af1ab6c302b4b54538305d115f7067dedb3e18a
9bd75d54c29dbec33cde03c84085f67fce4254aacdc86a624bdcba954dfe9f1c
9bf4480ca4c2c861569c2de49b2312909b0bdeed2156cfad1c5ec6ce2ff501e9
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d258f19aed8ee58beefed6082608e2e23e00ceac2546c216e6d82277fa2504d
a14f21fbad2d0b40ebd699e67795df284ffa4e6e46199d84c5ff3bdef7568327
a166b61cbc0b18984cc3afdb71b9c9ac769e64ed14f053d287536b3a38d43083
a24e89542d6ab5c228ffd7e8bdf52023f42ede7aea896c6b64e7db1f769dc4bf
a2af5ecf1a0479f45e4083755d5fbc5168370ac4b1366c8ce3a481169e1b0b40
a4281f34ac48896c9b2ebae2031c880e3ba5dd3a1630bacfc63e0881fb2a783a
a63f5ead8a36b3d6c18e56d32415052944f53b367b1cc2372327208448d3afd2
a78f3c394abdb5185b2a1235457e0e9a50b97625ef7c01a276a0aef6c5dd87fb
abc961527d48d1d2975bcbf7fcb1cb8db639e00287a85404f400c67546084111
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b08fefb255b40cd18b0f7db8ec21c6f0c79d16aa828d7ed9157da12a38538682
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b9caea392fe59a10d402aff241e8ef6f5762ef5aa9ebc2a100bfd62c8939ac
b6eb1c9dd87214b267f0a8f587fe71dc9f270a2873f612314d19f799960fc94f
b80c88b6568cb1eb5c5435bdb5d2b637d15a84b91ff341dae0a2d0442440b8e0
b912e2588eeb5a03050983bf8d3d68f411c6bc84703ff29af60ee2458d75f786
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
bbe233d01dde45fccb6b416ad3a98e94f674f5573b3c3a78cb18a4435425b82d
bd9ecaa7415ad3dc9c3ff5c4ebd9c2ce74610bdc8f58d737359b28c37a4dd756
c13c629b47bbc7ae44eb947749117335c6172004836e214708c75a7f8ad88247
c30b66d992ac513297cdb8afe00f7949d44d045bb6e0e1b5dda4f8715df25a6e
c4fbe596d715b3b1b1e0940ac7f03a3efca1131af6becd00395caeab690c0b64
c791eb0960646b32b8790c8e0acb2c35125f8aaf243dcd16558d0fafb9599777
c9f6f9b50eca56ad1bafe55496560e3d9f8d330257ac24e0c5865abf0692105b
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
d0244fbaf12a3852351a4bd2f65d59c422660920c429bf16085453a0ed0c8911
d078c8df212cea7d057c49661b697672afa1f9d907c9d3e8f90dc2e36240799e
d2046a09db7667733b48b3ffc77f65b5b7cf9def2359078117770c9ced03ee15
d3d0dd3c30e8e2528fd4168487507a5fcb821974172d8c8a5bee709f76a07269
daf14e2a9398947a01c1f3b3d7806eb96db8fd1d3cdd83d2bffd3a4e4f28575e
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd0b226974c146b35d395779e177f649e7253b8426071b7c0953fa9331795c4f
de05272ab91415a63d0f5185dee90f60e48bb38f99db3e4f18f81589f6a56e43
de1f4347c027d5cddba1e72df2e9d8e017f8a0efa851a1d388e0a9cbeeb42c9c
dee350e33e4cde5d8136f91ff39c7e6d44c296d54dabf7c28dbec21b5f72c744
dfab7bef6e43255dce9cbee20350e6d3ea0f55eea07295a8915379013ff19e55
e0032f2652978f88ff5ef88592410d501a9170f2917eba7ef9a7eb77fae12750
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e356e7e1d432bfb23c6eaf5c1b4a85b9c14ac4a10700ca215fc97fbd0d43f1ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f25f3f372548a6d8bfe0e4c06ca3bbf82f5da658908608736585c098308170
e43b4b0b9863a455cd365e568684a36eed8e112e18def64ef948bdd46606a0c4
e4ad56bd91f08203b208a3db86c463c7952fad443a239de6454c73b7ce669657
e6cc7e7fb2699349c61529d781f447651cb02dc1fd803dc6f45411644a42d813
e9d322925f28f3f092d9688b5e14241061307b4a89d076118ff5c70a32bf50d0
e9f28d47c2bc55f231b98f0b3adc3f2a85060bf7c733d6a5c7e44fb9580f6593
ec4a3852b933e4c11512819aedab69d806ed183eee759aae776f8bda037ec636
ecb94e00e0626f7a6dc7f47db822e8d720dc354d3a96a0ecda2e3d4871f40d30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe95cb2cc312e0132b0ce914c642ecee0534223df3f1d47579cdabe6cc070cd
f0904409f11a37a5fc0c136b8f023ca69fba5f22cb388018398cce65a13ca740
f640128096ba762ef0f7d37a1c8acd1458caf91973fd153426ef4ac5456c63fc
f6b7ba3cc9a8177d62950984426ff73450f229d389c449b0631392be2f5b5b61
f7466a39b89076e7eb078e3b9e7caa2b144f94f5934449fb5bb566ea51f2f122
f788c98359e5c65293b2996342350612363e7527bd62abe6235a913c3a9121af
f93d1d7d700f850328abfcc87e394dfb26fe1183249925434f8870fba994bc96
fac7e040c9b4361bc6f582798fa84bae6af18b4d166825fe2eb4011148e4f625
fe91df802e093ac34cf11e35243094720b0f3a0ed900a25e711f76475eba133e

www.javatips.net Open in urlscan Pro 2606:4700:30::681c:1610 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

315 Requests

99 %HTTPS

41 %IPv6

39 Domains

63 Subdomains

54 IPs

9 Countries

8671 kBTransfer

13680 kBSize

8 Cookies

10 Outgoing links

Redirected requests

315 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.javatips.net Open in urlscan Pro
2606:4700:30::681c:1610 Public Scan

Screenshot
Live screenshot

Full Image

315
Requests

99 %
HTTPS

41 %
IPv6

39
Domains

63
Subdomains

54
IPs

9
Countries

8671 kB
Transfer

13680 kB
Size

8
Cookies

315 HTTP transactions
10 data transactions