urlscan.io logo urlscan.io
SecurityTrails logo

projects.webappsec.org Open in urlscan Pro
208.96.18.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://projects.webappsec.org/Cross-Site-Request-Forgery
Effective URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Submission: On January 05 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 5 domains to perform 16 HTTP transactions. The main IP is 208.96.18.237, located in United States and belongs to DATAPIPE-SEA, US. The main domain is projects.webappsec.org.
This is the only time projects.webappsec.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    208.96.18.237 (United States)

ASN22205 (DATAPIPE-SEA, US)
PTR: pbworks.com
projects.webappsec.org
8    208.96.18.238 (United States)

ASN22205 (DATAPIPE-SEA, US)
PTR: pbworks.com
vs1.pbworks.com
3    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
edge.quantserve.com
1    2600:9000:2127:7600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2600:9000:2127:fe00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
Apex Domain
Subdomains		 Transfer
8 pbworks.com
vs1.pbworks.com
330 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
17 KB
3 webappsec.org
projects.webappsec.org
11 KB
2 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1945
1 KB
2 quantserve.com
edge.quantserve.com — Cisco Umbrella Rank: 28645
pixel.quantserve.com — Cisco Umbrella Rank: 1736
10 KB
16 5
Domain Requested by
8 vs1.pbworks.com projects.webappsec.org
vs1.pbworks.com
3 www.google-analytics.com projects.webappsec.org
3 projects.webappsec.org 1 redirects vs1.pbworks.com
2 rules.quantcount.com 1 redirects projects.webappsec.org
1 pixel.quantserve.com projects.webappsec.org
1 edge.quantserve.com projects.webappsec.org
16 6
Subject Issuer Validity Valid
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Frame ID: CCAED56804E788B22044D71CC3054858
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Web Application Security Consortium / Cross Site Request Forgery

Page URL History Show full URLs

  1. http://projects.webappsec.org/Cross-Site-Request-Forgery HTTP 303
    http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

16
Requests

6 %
HTTPS

71 %
IPv6

5
Domains

6
Subdomains

7
IPs

2
Countries

369 kB
Transfer

1121 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://projects.webappsec.org/Cross-Site-Request-Forgery HTTP 303
    http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://www.google-analytics.com/ga.js HTTP 307
  • https://www.google-analytics.com/ga.js
Request Chain 5
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2031572803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980570&utmac=UA-6521420-1&utmcc=__utma%3D133238479.1883394581.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D133238479.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=689060692&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2031572803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980570&utmac=UA-6521420-1&utmcc=__utma%3D133238479.1883394581.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D133238479.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=689060692&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Request Chain 7
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1036214803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Web%20Application%20Security%20Consortium%20%2F%20Cross%20Site%20Request%20Forgery&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980576&utmac=UA-2694787-12&utmcc=__utma%3D1.1655747908.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D1.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmmt=1&utmu=DFAAAAAAAAAAAAAAAAAAAAgE~ HTTP 307
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1036214803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Web%20Application%20Security%20Consortium%20%2F%20Cross%20Site%20Request%20Forgery&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980576&utmac=UA-2694787-12&utmcc=__utma%3D1.1655747908.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D1.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmmt=1&utmu=DFAAAAAAAAAAAAAAAAAAAAgE~
Request Chain 41
  • http://rules.quantcount.com/rules-p-16CGFkiSpdTEU.js HTTP 301
  • https://rules.quantcount.com/rules-p-16CGFkiSpdTEU.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cross%20Site%20Request%20Forgery
projects.webappsec.org/w/page/13246919/
Redirect Chain
  • http://projects.webappsec.org/Cross-Site-Request-Forgery
  • http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
HTTP/1.1
Server
208.96.18.237 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
2b506ed11a0e2adcf2320dcea6187030c04c2bc91259e8183c9e82e11dfecd36
Security Headers
Name Value
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jan 2024 01:03:17 GMT
Expires
Thu, 04 Jan 2024 00:52:59 GMT
Server
nginx/1.15.12
Transfer-Encoding
chunked
X-Frame-Options
deny

Redirect headers

Cache-Control
post-check=0, pre-check=0 no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Fri, 05 Jan 2024 01:03:16 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified
Fri, 05 Jan 2024 00:52:58 GMT
Location
http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Pragma
no-cache
Server
nginx/1.15.12
Transfer-Encoding
chunked
packed-m-prod-v07998121.css
vs1.pbworks.com/shared/statics/ 		352 KB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
8dfcd64655e971c05aa09497a0384a3c9dee5305f6c1373f6725d16e1694f30a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
W/"593ebac2-57e1e"
Transfer-Encoding
chunked
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
libraries-v78145716.js
vs1.pbworks.com/shared/statics/ 		273 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vs1.pbworks.com/shared/statics/libraries-v78145716.js
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
62bda0dfb6fc1f2dbf226efc61027b2a3cf4499a4f14b5d570c729828ffc325e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
W/"593ebac2-4427e"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
packed-v65464171.js
vs1.pbworks.com/shared/statics/ 		168 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vs1.pbworks.com/shared/statics/packed-v65464171.js
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
f8382a3f3ac74acd72acf9f67d272ce01f18a69e0f50410b21f6a7f908ccc759

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
W/"593ebac2-2a12b"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
extras-v46757463.js
vs1.pbworks.com/shared/statics/ 		191 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://vs1.pbworks.com/shared/statics/extras-v46757463.js
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
4159909f3dc25dbecf41f7d7f38c0f427e1718c4496529d2a12ff532651a467e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
W/"593ebac2-2faab"
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ga.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/ga.js
  • https://www.google-analytics.com/ga.js
45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
H2
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 05 Jan 2024 00:47:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
353
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Fri, 05 Jan 2024 02:47:07 GMT

Redirect headers

Location
https://www.google-analytics.com/ga.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
__utm.gif
www.google-analytics.com/r/
Redirect Chain
  • http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2031572803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmh...
  • https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2031572803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2031572803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980570&utmac=UA-6521420-1&utmcc=__utma%3D133238479.1883394581.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D133238479.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=689060692&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
H2
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 00:53:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2031572803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980570&utmac=UA-6521420-1&utmcc=__utma%3D133238479.1883394581.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D133238479.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=689060692&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
quant.js
edge.quantserve.com/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://edge.quantserve.com/quant.js
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
HTTP/1.1
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:53:00 GMT
Content-Encoding
gzip
Etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
private, max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Expires
Fri, 12 Jan 2024 00:53:00 GMT
__utm.gif
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1036214803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
  • https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1036214803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt...
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1036214803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Web%20Application%20Security%20Consortium%20%2F%20Cross%20Site%20Request%20Forgery&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980576&utmac=UA-2694787-12&utmcc=__utma%3D1.1655747908.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D1.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmmt=1&utmu=DFAAAAAAAAAAAAAAAAAAAAgE~
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
H2
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 04 Jan 2024 04:17:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74101
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=1&utmn=1036214803&utmhn=projects.webappsec.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=The%20Web%20Application%20Security%20Consortium%20%2F%20Cross%20Site%20Request%20Forgery&utmhid=1911023517&utmr=-&utmp=%2Fw%2Fpage%2F13246919%2FCross%252520Site%252520Request%252520Forgery&utmht=1704415980576&utmac=UA-2694787-12&utmcc=__utma%3D1.1655747908.1704415981.1704415981.1704415981.1%3B%2B__utmz%3D1.1704415981.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmmt=1&utmu=DFAAAAAAAAAAAAAAAAAAAAgE~
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
79962fb3cbeb35c61e2cc8fbb33c20e4f7d8bc6ea8972ee575a67a551dd94a55

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
toolbar-standalone-userbar-left-v91813047.png
vs1.pbworks.com/shared/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vs1.pbworks.com/shared/images/toolbar-standalone-userbar-left-v91813047.png
Requested by
Host: vs1.pbworks.com
URL: http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
ed5f8e9513e44fc6d1cb1477b8a56aa2e1f6e79334b4b8ae4cf0f62327d921a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:34 GMT
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
"593ebac2-f45"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3909
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43c2238f133babbb5891e7c8f2bce586a2a1a488188904b146ecef3953d1ba60

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e1d31dfff56037a52d8e57a288189cdbf056c76dce1ffbb7f6144ea899fc250

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		807 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bac41bd9ce40d95fa3864f384a02571be59253bb2b719e28e7284e60143b3eb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fe6093a58d25c9b3e6315b7fc606aac20291f6fcce3649ad4808cf04897bb09

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		688 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0acea9b259285ef60a9a21bc1fcd82edbe3173239e0c338b5a12781aa28d3576

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
information-v80330827.png
vs1.pbworks.com/shared/icons/ 		778 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vs1.pbworks.com/shared/icons/information-v80330827.png
Requested by
Host: vs1.pbworks.com
URL: http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
ff9c48d8c2d063932c7aadd5e15ddfdc76b7111bf0715f3a192bba26df2c531c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:34 GMT
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
"593ebac2-30a"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
778
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a65371c8e1772cec9dc91218331021ec8b4fe8e3f1e6f84b3c2ff54fa176b54b

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fda4d5b4de3da8600cd54cf6fc411203541ced43e59f729409cc723ff358e081

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9b7be3b57ebc87aaf67a2a70939c891d336bfd3df394354cbbedcb37a28c981

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		166 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3b1f4b99d1b99df67b8ae7b44180aa4d001955c3a7cdbb169a625658b5d5f73

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adfe2d03eed7f84a573b5ab7d4998774e71482cdf4c1e66ce75e573fd995bd08

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		793 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f614cc202e93affcc71106cffae62fb97c850debd366c3ea85f084490f69997

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		420 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dff0e94e8323819fcbc91b70efaa062497bce46a05538421163ffbc6b1ccb7bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0664ff2ef35d021d075f7b3feed071089dc87662be9db3ee8fb5d709235658c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		413 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c51e796b8b2242e5778f50a254622e9a90b1a1437b832fce78fb23f382cbc48

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		113 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2811686c469ea3d30ee7240a9b67349855312222ade8d0ce4d8873b8f10627d

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		731 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a0b4e23faf1f6fdecceeb8fec7d289293e33e2f85bc115d855d69877bcb2d3a

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b8f3c21b9b578a9e56d4253cccbffaf73ad7227d6ac40a930e3a3e1cc28e124

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e20bf633722dcae97387aad21ffa30f816880583833d5a003f1048b155ad027

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73f931cdde0725c0906edf409c5a61872f4a68a0719209a9a8ff8b8ce13aa5a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe6dd9b24703160afae9b860874441f414f4872c5b659f1273ff05ff02179ae2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6cca0b98332528f96f76884a658b2654a28d322cece97b399b3f80b3abad488

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
414f7b7b9864b665e8e3b4b51140a616e2381657f31ecb0e495bae52e18120d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24c96be04ef420e3b8fb37afe388a09caa22d143c9e55477c93be186250406a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b241876ac8ef982f6f5e275a501b0548ab1e6b021bf0d33078105c852d027809

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6888983b12cec76df9c126ae4c76d641786206db9fb22455cc0722c6e08c65c

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		671 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf96b7874c9cdbf142608372c3802369a1584123d621c7488662ecbd16bc19fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
tick-v72244320.png
vs1.pbworks.com/shared/icons/ 		537 B
890 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vs1.pbworks.com/shared/icons/tick-v72244320.png
Requested by
Host: vs1.pbworks.com
URL: http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
644faffc659fb1e6778cf5290022fbcde177952c66881848e6380ed91211e878

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:34 GMT
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
"593ebac2-219"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
537
Expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		507 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f85c76e558c737f0afef480c76ab45e1741ea75a0e5497172748c5814e0f0c8f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		83 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70093f4796faf1014bacae256867c3a8338808c62b97870ab3244d1cca784c3e

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/gif
/
projects.webappsec.org/api_v2/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://projects.webappsec.org/api_v2/?count=7&pagetime=1693479820&filetime=1693479820&permtime=1693479820&foldertime=1693479820&commenttime=1693479820&_bt=1599696004&op=GetChanges
Requested by
Host: vs1.pbworks.com
URL: http://vs1.pbworks.com/shared/statics/libraries-v78145716.js
Protocol
HTTP/1.1
Server
208.96.18.237 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
e49f50c008d43979d8a624f7d10d3cf8d47ede4cd1aad6800741fd14035521ff

Request headers

Accept
text/javascript, text/html, application/xml, text/xml, */*
X-Prototype-Version
1.7
Referer
http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 01:03:18 GMT
Content-Encoding
gzip
Server
nginx/1.15.12
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding,Cookie
Content-Type
application/json
Cache-Control
private, max-age=1209600
Connection
keep-alive
Expires
Thu, 01 Jan 2037 00:00:00 GMT
rules-p-16CGFkiSpdTEU.js
rules.quantcount.com/
Redirect Chain
  • http://rules.quantcount.com/rules-p-16CGFkiSpdTEU.js
  • https://rules.quantcount.com/rules-p-16CGFkiSpdTEU.js
160 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-16CGFkiSpdTEU.js
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
H2
Server
2600:9000:2127:fe00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49bb975b3f1a6162f14cb4d92110688ee61c1355c92e51500c2c7565e912b115

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Fri, 05 Jan 2024 00:53:01 GMT
via
1.1 db66f1cc00a415c34c42ad011b26850c.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
109
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:29:14 GMT
server
AmazonS3
etag
"92927af9e26f6bfc149b94fdabdd4088"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Wd9V3gE9nckia-jhsyh9agw1o4KjLny8hFx0MlptTqHaTHMHkRX9Aw==

Redirect headers

Date
Fri, 05 Jan 2024 00:53:00 GMT
Via
1.1 168125097acf734cd7750e139a974b38.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
PRG50-C1
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://rules.quantcount.com/rules-p-16CGFkiSpdTEU.js
Connection
keep-alive
Content-Length
167
X-Amz-Cf-Id
YRaL9o8LH0rWyPyaXSnxIr6IC1xZHdkqaBju5q8C3LrhsskDgbTnTw==
page_white_edit-v50671815.png
vs1.pbworks.com/shared/icons/ 		614 B
967 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://vs1.pbworks.com/shared/icons/page_white_edit-v50671815.png
Requested by
Host: vs1.pbworks.com
URL: http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
Protocol
HTTP/1.1
Server
208.96.18.238 , United States, ASN22205 (DATAPIPE-SEA, US),
Reverse DNS
pbworks.com
Software
nginx/1.15.12 /
Resource Hash
11b37c4274815ebe5b77e23c27e913c0018b8446d22c9a30f23520b129ae2d1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://vs1.pbworks.com/shared/statics/packed-m-prod-v07998121.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Fri, 05 Jan 2024 00:50:34 GMT
Last-Modified
Mon, 12 Jun 2017 16:01:06 GMT
Server
nginx/1.15.12
ETag
"593ebac2-266"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
614
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pixel;r=1221908093;rf=0;a=p-16CGFkiSpdTEU;url=http%3A%2F%2Fprojects.webappsec.org%2Fw%2Fpage%2F13246919%2FCross%2520Site%2520Request%2520Forgery;uht=2;fpan=1;fpa=P0-477015893-1704415980723;pbc=;ns=...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1221908093;rf=0;a=p-16CGFkiSpdTEU;url=http%3A%2F%2Fprojects.webappsec.org%2Fw%2Fpage%2F13246919%2FCross%2520Site%2520Request%2520Forgery;uht=2;fpan=1;fpa=P0-477015893-1704415980723;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=webappsec.org;dst=1;et=1704415981060;tzo=0;ogl=;ses=115ad3a3-2fb9-422c-a13c-aeed815c0abd;mdl=
Requested by
Host: projects.webappsec.org
URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
http://projects.webappsec.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 05 Jan 2024 00:53:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| PBinfo object| c object| PBcacheability object| Prototype object| Abstract object| Try object| Class function| PeriodicalExecuter function| Template object| $break object| Enumerable function| $A function| $w function| $H function| Hash function| $R function| ObjectRange object| Ajax function| $ object| Form object| Field function| $F object| Toggle object| Insertion object| $continue object| Position function| PBdebugging object| pbd object| Cookie function| UIException function| Tooltip object| UserPrefs function| InputText object| Droppables object| Draggables function| Draggable function| SortableObserver object| Sortable function| $$ undefined| Sizzle function| Selector object| PBconst function| PBMenu object| Util function| FCKeditor_OnComplete function| MiniTabSwitcher object| PBwiki function| PBHistory function| PBButton object| PBEffect object| Page function| FolderSelector function| PostCommand function| insert_sig function| insert_file_into_editor function| insert_newlink_into_editor function| insert_newimage_into_editor function| insert_image_into_editor function| tagCloudToggle boolean| g_pb_Enable_focus_changes function| insert_pagelink_into_editor function| insert_get_selection function| load_real_thumbnail function| load_all_files function| load_all_pages function| CheckFocusForNbsp object| Messaging boolean| stIsIE boolean| _timer function| dean_addEvent function| removeEvent function| handleEvent function| fixEvent function| forEach object| FormPost function| RadioButtonSelector object| CommentValidator object| plupload object| sorttable function| SearchHilite function| SendALink object| Effect object| Autocompleter object| Control object| YAHOO object| Locale object| MicroDateSelects function| MicroDateSelect object| PBAdmin string| gaJsHost object| _gat object| _gaq object| pageTracker object| gaGlobal object| _qevents object| preOps object| editBubble function| quantserve function| __qc object| ezt object| _qoptions

8 Cookies

Domain/Path Name / Value
.projects.webappsec.org/ Name: pbj
Value: 611ccc84d6e0ffbc72e18ea1af16001704415979
.projects.webappsec.org/ Name: __utma
Value: 133238479.1883394581.1704415981.1704415981.1704415981.1
.projects.webappsec.org/ Name: __utmc
Value: 133238479
.projects.webappsec.org/ Name: __utmz
Value: 133238479.1704415981.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.projects.webappsec.org/ Name: __utmt
Value: 1
.projects.webappsec.org/ Name: __utmb
Value: 133238479.1.10.1704415981
.quantserve.com/ Name: mc
Value: 659752ed-44a2d-596e4-49e60
.webappsec.org/ Name: __qca
Value: P0-477015893-1704415980723

4 Console Messages

Source Level URL
Text
javascript warning URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery(Line 23)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery(Line 23)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery(Line 420)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://projects.webappsec.org/w/page/13246919/Cross%20Site%20Request%20Forgery(Line 420)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

edge.quantserve.com
pixel.quantserve.com
projects.webappsec.org
rules.quantcount.com
vs1.pbworks.com
www.google-analytics.com
208.96.18.237
208.96.18.238
2600:9000:2127:7600:6:44e3:f8c0:93a1
2600:9000:2127:fe00:6:44e3:f8c0:93a1
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:803::200e
0a0b4e23faf1f6fdecceeb8fec7d289293e33e2f85bc115d855d69877bcb2d3a
0acea9b259285ef60a9a21bc1fcd82edbe3173239e0c338b5a12781aa28d3576
11b37c4274815ebe5b77e23c27e913c0018b8446d22c9a30f23520b129ae2d1f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b8f3c21b9b578a9e56d4253cccbffaf73ad7227d6ac40a930e3a3e1cc28e124
24c96be04ef420e3b8fb37afe388a09caa22d143c9e55477c93be186250406a3
2b506ed11a0e2adcf2320dcea6187030c04c2bc91259e8183c9e82e11dfecd36
2c51e796b8b2242e5778f50a254622e9a90b1a1437b832fce78fb23f382cbc48
414f7b7b9864b665e8e3b4b51140a616e2381657f31ecb0e495bae52e18120d2
4159909f3dc25dbecf41f7d7f38c0f427e1718c4496529d2a12ff532651a467e
43c2238f133babbb5891e7c8f2bce586a2a1a488188904b146ecef3953d1ba60
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
49bb975b3f1a6162f14cb4d92110688ee61c1355c92e51500c2c7565e912b115
5bac41bd9ce40d95fa3864f384a02571be59253bb2b719e28e7284e60143b3eb
5e20bf633722dcae97387aad21ffa30f816880583833d5a003f1048b155ad027
62bda0dfb6fc1f2dbf226efc61027b2a3cf4499a4f14b5d570c729828ffc325e
644faffc659fb1e6778cf5290022fbcde177952c66881848e6380ed91211e878
70093f4796faf1014bacae256867c3a8338808c62b97870ab3244d1cca784c3e
73f931cdde0725c0906edf409c5a61872f4a68a0719209a9a8ff8b8ce13aa5a8
79962fb3cbeb35c61e2cc8fbb33c20e4f7d8bc6ea8972ee575a67a551dd94a55
7e1d31dfff56037a52d8e57a288189cdbf056c76dce1ffbb7f6144ea899fc250
7f614cc202e93affcc71106cffae62fb97c850debd366c3ea85f084490f69997
7fe6093a58d25c9b3e6315b7fc606aac20291f6fcce3649ad4808cf04897bb09
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8dfcd64655e971c05aa09497a0384a3c9dee5305f6c1373f6725d16e1694f30a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2811686c469ea3d30ee7240a9b67349855312222ade8d0ce4d8873b8f10627d
a65371c8e1772cec9dc91218331021ec8b4fe8e3f1e6f84b3c2ff54fa176b54b
adfe2d03eed7f84a573b5ab7d4998774e71482cdf4c1e66ce75e573fd995bd08
b241876ac8ef982f6f5e275a501b0548ab1e6b021bf0d33078105c852d027809
b3b1f4b99d1b99df67b8ae7b44180aa4d001955c3a7cdbb169a625658b5d5f73
b9b7be3b57ebc87aaf67a2a70939c891d336bfd3df394354cbbedcb37a28c981
cf96b7874c9cdbf142608372c3802369a1584123d621c7488662ecbd16bc19fb
d0664ff2ef35d021d075f7b3feed071089dc87662be9db3ee8fb5d709235658c
d6cca0b98332528f96f76884a658b2654a28d322cece97b399b3f80b3abad488
dff0e94e8323819fcbc91b70efaa062497bce46a05538421163ffbc6b1ccb7bc
e49f50c008d43979d8a624f7d10d3cf8d47ede4cd1aad6800741fd14035521ff
ed5f8e9513e44fc6d1cb1477b8a56aa2e1f6e79334b4b8ae4cf0f62327d921a6
f6888983b12cec76df9c126ae4c76d641786206db9fb22455cc0722c6e08c65c
f8382a3f3ac74acd72acf9f67d272ce01f18a69e0f50410b21f6a7f908ccc759
f85c76e558c737f0afef480c76ab45e1741ea75a0e5497172748c5814e0f0c8f
fda4d5b4de3da8600cd54cf6fc411203541ced43e59f729409cc723ff358e081
fe6dd9b24703160afae9b860874441f414f4872c5b659f1273ff05ff02179ae2
ff9c48d8c2d063932c7aadd5e15ddfdc76b7111bf0715f3a192bba26df2c531c