urlscan.io logo urlscan.io
SecurityTrails logo

www.vidocsecurity.com Open in urlscan Pro
2a04:4e42:400::775  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Effective URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Submission: On March 25 via manual from UY — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 29 HTTP transactions. The main IP is 2a04:4e42:400::775, located in United States and belongs to FASTLY, US. The main domain is www.vidocsecurity.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on March 15th 2023. Valid for: 3 months.
This is the only time www.vidocsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a04:4e42::775 (United States)

ASN54113 (FASTLY, US)
www.vidocsecurity.com
13    2a04:4e42:400::775 (United States)

ASN54113 (FASTLY, US)
www.vidocsecurity.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700:90:0:f22e:fbec:5bed:a9b9 (United States)

ASN13335 (CLOUDFLARENET, US)
gitlab.com
1    52.216.132.181 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:223d:1800:b:f267:ab80:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.shuffle.dev
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:4e42:200::775 (United States)

ASN54113 (FASTLY, US)
vidocsecurity.ghost.io
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
14 vidocsecurity.com
www.vidocsecurity.com
387 KB
4 gstatic.com
fonts.gstatic.com
108 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
5 KB
2 gitlab.com
gitlab.com — Cisco Umbrella Rank: 18759
7 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2368
258 B
1 ghost.io
vidocsecurity.ghost.io
414 B
1 shuffle.dev
static.shuffle.dev
354 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
79 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 334
94 KB
29 11
Domain Requested by
14 www.vidocsecurity.com 1 redirects www.vidocsecurity.com
4 fonts.gstatic.com fonts.googleapis.com
3 cdnjs.cloudflare.com www.vidocsecurity.com
2 gitlab.com www.vidocsecurity.com
2 fonts.googleapis.com www.vidocsecurity.com
1 region1.google-analytics.com www.googletagmanager.com
1 vidocsecurity.ghost.io 1 redirects
1 static.shuffle.dev www.vidocsecurity.com
1 www.googletagmanager.com www.vidocsecurity.com
1 s3.amazonaws.com www.vidocsecurity.com
1 cdn.jsdelivr.net www.vidocsecurity.com
29 11
Subject Issuer Validity Valid
www.vidocsecurity.com
ZeroSSL RSA Domain Secure Site CA		 2023-03-15 -
2023-06-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
gitlab.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2023-05-30		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2022-12-06 -
2023-12-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
static.shuffle.dev
Amazon RSA 2048 M02		 2023-02-28 -
2024-01-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Frame ID: 6E2E1DA6E79E4C705BF45525CC739E95
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Hacking Swagger-UI - from XSS to account takeoversMobile menu

Page URL History Show full URLs

  1. http://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/ HTTP 301
    https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

29
Requests

97 %
HTTPS

92 %
IPv6

11
Domains

11
Subdomains

11
IPs

2
Countries

1179 kB
Transfer

1972 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/ HTTP 301
    https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://vidocsecurity.ghost.io/content/images/2022/05/image-20220114-163414.png HTTP 302
  • https://www.vidocsecurity.com/content/images/2022/05/image-20220114-163414.png

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Redirect Chain
  • http://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
  • https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
69 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
808b7fd8c23dabc7897814f876f8b4da088a608b6b0a3b1f2f904777109d3d66

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
95269
alt-svc
clear
cache-control
public, max-age=0
content-encoding
gzip
content-length
20959
content-type
text/html; charset=utf-8
date
Sat, 25 Mar 2023 23:59:31 GMT
etag
W/"114fb-zrQ6guvoOXvjDcNiWjLMGOOEoYc"
ghost-age
0
ghost-cache
MISS
ghost-fastly
true
server
openresty
status
200 OK
vary
Cookie, Accept-Encoding
via
1.1 varnish, 1.1 varnish
x-cache
HIT, HIT
x-cache-hits
6, 1
x-request-id
c755500a-2893-4edb-87c8-ff60e4b058de c755500a-2893-4edb-87c8-ff60e4b058de
x-served-by
cache-ams21057-AMS, cache-fra-eddf8230131-FRA
x-timer
S1679788771.000258,VS0,VE1

Redirect headers

Accept-Ranges
bytes
Alt-Svc
clear
Connection
close
Content-Length
0
Date
Sat, 25 Mar 2023 23:59:30 GMT
Ghost-Fastly
true
Location
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Retry-After
0
Server
Varnish
Via
1.1 varnish
X-Cache
HIT
X-Cache-Hits
0
X-Served-By
cache-fra-eddf8230114-FRA
X-Timer
S1679788771.971301,VS0,VE0
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=PT+Serif:ital,wght@0,400;0,700;1,400&display=swap
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
faf34e1ed712a796a6c4c31623402245d16c7be043004e68a8e121f9a371f785
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 Mar 2023 23:38:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Mar 2023 23:59:31 GMT
css2
fonts.googleapis.com/ 		56 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
328d7abf4d72a439d4e34de7e8651cf330844023c9cbd3ff0c62f912d4082cde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 25 Mar 2023 23:59:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 25 Mar 2023 23:59:31 GMT
bootstrap.min.css
www.vidocsecurity.com/assets/css/bootstrap/ 		233 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/assets/css/bootstrap/bootstrap.min.css?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
30de483c11e04e0b998641268d79d8f85c2821f3279c03cd152c0bdb6ad4706a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
33113
ghost-fastly
true
x-request-id
b5781b39-ad23-403c-9fa3-5830236bab18, b5781b39-ad23-403c-9fa3-5830236bab18
x-served-by
cache-ams12741-AMS, cache-fra-eddf8230131-FRA
last-modified
Thu, 16 Feb 2023 12:13:45 GMT
server
openresty
x-timer
S1679788771.019292,VS0,VE1
etag
W/"3a424-1865a251827"
vary
Cookie, Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
7, 1
main.css
www.vidocsecurity.com/assets/styles/ 		44 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/assets/styles/main.css?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
3778cdc2a9b6e2270a92eef81dbf2d4cdfb9676a30df90828a6a7b2f52e54a37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
10480
ghost-fastly
true
x-request-id
d30acf59-7e83-4841-ba2d-8d84553a104c, d30acf59-7e83-4841-ba2d-8d84553a104c
x-served-by
cache-ams12759-AMS, cache-fra-eddf8230131-FRA
last-modified
Thu, 16 Feb 2023 12:13:44 GMT
server
openresty
x-timer
S1679788771.019266,VS0,VE1
etag
W/"b1dd-1865a2513c0"
vary
Cookie, Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
7, 1
custom.css
www.vidocsecurity.com/assets/styles/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/assets/styles/custom.css?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
b251a84117dfd2a9ba00521116d208d4d72398ae664420b68d362f02dd0277c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
1824
ghost-fastly
true
x-request-id
d1889522-d681-497a-8f6f-7fdf5ba4cfcf, d1889522-d681-497a-8f6f-7fdf5ba4cfcf
x-served-by
cache-ams12776-AMS, cache-fra-eddf8230131-FRA
last-modified
Thu, 16 Feb 2023 12:13:44 GMT
server
openresty
x-timer
S1679788771.019555,VS0,VE1
etag
W/"1497-1865a2513cf"
vary
Cookie, Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
7, 1
sodo-search.min.js
cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/ 		278 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/ghost/sodo-search@~1.1/umd/sodo-search.min.js
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de10e670fff37b0d4dda87228d77fffbf6a95d52b1c7b5b07bf78db8f82f0738
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Origin
https://www.vidocsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 23:59:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11998
x-jsd-version
1.1.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230139-FRA, cache-yyz4576-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"45786-t0fHZvCLfu76erNfK1qyBRpBWbw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPkwjWpXLxvSfaJKbtrO98iTRduZlvfpT8qha6f25BGuJf%2FRMxQeDXjzGx1Jyw3466iE%2BGAZ5L3HTtKxatpMUOfWAtoFItqkjIe0VPdYO7WslomlOYCp4yEM8b4ji%2BUv07oAMO2P0xp6jUZVR3g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=600, s-maxage=43200, stale-while-revalidate=600, stale-if-error=86400
timing-allow-origin
*
cf-ray
7adb1bab4f0c3a6a-FRA
cards.min.js
www.vidocsecurity.com/public/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/public/cards.min.js?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
1557
ghost-fastly
true
x-request-id
3508f367-1b36-4ce8-8c0f-a589d841818d, 3508f367-1b36-4ce8-8c0f-a589d841818d
x-served-by
cache-ams21026-AMS, cache-fra-eddf8230131-FRA
server
openresty
x-timer
S1679788771.063875,VS0,VE1
etag
W/"431228c753b74a6958600d170f921e6d"
vary
Cookie, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
6, 1
cards.min.css
www.vidocsecurity.com/public/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/public/cards.min.css?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
3d09feaf4c42d05e167fb12401e81a477dd6764a0511850d3b08332f600b780b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
4142
ghost-fastly
true
x-request-id
e1fdfef8-d2fd-4737-aa36-51f80a2f735b, e1fdfef8-d2fd-4737-aa36-51f80a2f735b
x-served-by
cache-ams12775-AMS, cache-fra-eddf8230131-FRA
server
openresty
x-timer
S1679788771.019634,VS0,VE1
etag
W/"1c15849627c00dc14da8cdcef5344afa"
vary
Cookie, Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
7, 1
tocbot.css
cdnjs.cloudflare.com/ajax/libs/tocbot/4.10.0/ 		565 B
915 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.10.0/tocbot.css
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8002275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
228
last-modified
Mon, 04 May 2020 16:17:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fff-235"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cY%2BHTrEiB0o73S3JrVWUtYZnZgQKTzzkxXW9IxoLzUM4dmEU2g7EQ%2FEazH%2B4ATnLNzguyFxj1gxmOd%2BYgyQuoCw2Q1cTTqA%2BWwwDZtdMdcW7mZir2zBxZm2QoNF8OIb8CpUrPl6K3dvelTrM76fzLRSM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7adb1bab2f162bee-FRA
expires
Thu, 14 Mar 2024 23:59:31 GMT
vidoc-logo-icon.png
www.vidocsecurity.com/assets/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vidocsecurity.com/assets/images/vidoc-logo-icon.png?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
045846fee66aac1155a98f62292c4adf2393bf7ef4ab4779c008d6c7044e86c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
9546
ghost-fastly
true
x-request-id
d6865a37-a966-4bb3-aeb0-f211fb0d94b9, d6865a37-a966-4bb3-aeb0-f211fb0d94b9
x-served-by
cache-ams12774-AMS, cache-fra-eddf8230131-FRA
last-modified
Thu, 16 Feb 2023 12:13:45 GMT
server
openresty
x-timer
S1679788771.063522,VS0,VE1
etag
W/"254a-1865a251639"
vary
Cookie
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
7, 1
dawid.png
www.vidocsecurity.com/content/images/size/w100/2022/05/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vidocsecurity.com/content/images/size/w100/2022/05/dawid.png
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
a85545eade1b1c1f9c87deaaa1063357f29257bff21fddf54968e42fbe9e7e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
via
1.1 varnish, 1.1 varnish
age
1524335
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
20435
ghost-fastly
true
x-request-id
14163271e7683d6a587ea9147774aa19, 14163271e7683d6a587ea9147774aa19
x-served-by
cache-ams21064-AMS, cache-fra-eddf8230131-FRA
last-modified
Wed, 11 May 2022 19:22:50 GMT
server
openresty
x-timer
S1679788771.063536,VS0,VE1
etag
W/"4fd3-180b492f0ed"
vary
Cookie
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
134, 1
cover-2.png
www.vidocsecurity.com/content/images/size/w2000/2022/05/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vidocsecurity.com/content/images/size/w2000/2022/05/cover-2.png
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
954c4c02354e1ce8a4d61cb9b7deb16f0add38b31bbceec1e40f7ed755e60f11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
via
1.1 varnish, 1.1 varnish
age
396481
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
115666
ghost-fastly
true
x-request-id
1413e55a-b701-4885-bf59-720ee67ebd7b, 1413e55a-b701-4885-bf59-720ee67ebd7b
x-served-by
cache-ams12758-AMS, cache-fra-eddf8230131-FRA
last-modified
Mon, 16 May 2022 16:29:53 GMT
server
openresty
x-timer
S1679788771.063533,VS0,VE2
etag
W/"1c3d2-180cdb4641c"
vary
Cookie
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
24, 1
favicon-yellow-018213ceb87b472388095d0264be5b4319ef47471dacea03c83ecc233ced2fd5.png
gitlab.com/assets/ 		373 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gitlab.com/assets/favicon-yellow-018213ceb87b472388095d0264be5b4319ef47471dacea03c83ecc233ced2fd5.png
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:90:0:f22e:fbec:5bed:a9b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018213ceb87b472388095d0264be5b4319ef47471dacea03c83ecc233ced2fd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 23:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
gitlab-sv
asset-bucket
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1651117205
age
28639863
x-guploader-uploadid
ADPycduB2OqgUio5jNI66oEf82OYkZL1f4UU6lnPcYZYKSCxn0UnrjfPC4pPhpPw71BHSpIoZKpG1Uh2hvHgsW9SCJLTpQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
gitlab-lb
fe-24-lb-gprd
x-goog-stored-content-encoding
identity
content-length
373
last-modified
Thu, 28 Apr 2022 05:53:12 GMT
server
cloudflare
etag
"3da805995fa39824673434c2b522eb07"
vary
Accept-Encoding
x-goog-generation
1651125192307487
content-type
image/png
x-goog-hash
crc32c=nrERSw==, md5=PagFmV+jmCRnNDTCtSLrBw==
cache-control
public,max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0kV5A1DBQYJ99%2FVl0OtPLWgN3RE5dSa%2FSDG%2BJEbNtZZaZApHFe%2FGJjE0Cjykms1wfcA4OrTJ0ROO8DMJTOeS9km48EuUnlL4dwkAKTAH62f9ctqnd%2BqqVsa%2FlqgAqCDmYMLmJPOrPo%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
373
accept-ranges
bytes
cf-ray
7adb1bab6edf036e-FRA
expires
Fri, 28 Apr 2023 12:28:28 GMT
project_avatar.png
gitlab.com/uploads/-/system/project/avatar/278964/ 		4 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gitlab.com/uploads/-/system/project/avatar/278964/project_avatar.png
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:90:0:f22e:fbec:5bed:a9b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d9d061ef19ab5e9145057d6ecfb723d6f031ffb713eefc18edc9f12c1e777fe
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; child-src https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com https://www.googletagmanager.com/ns.html https://*.zuora.com/apps/PublicHostedPageLite.do https://gitlab.com/admin/ https://gitlab.com/assets/ https://gitlab.com/-/speedscope/index.html https://gitlab.com/-/sandbox/ https://gitlab.com/assets/ blob: data:; connect-src 'self' https://gitlab.com wss://gitlab.com https://sentry.gitlab.net https://new-sentry.gitlab.net https://customers.gitlab.com https://snowplow.trx.gitlab.net https://sourcegraph.com snowplow.trx.gitlab.net; default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-cloudresourcemanager.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://*.codesandbox.io https://customers.gitlab.com https://*.zuora.com/apps/PublicHostedPageLite.do; img-src * data: blob:; manifest-src 'self'; media-src 'self' data: http: https:; object-src 'none'; report-uri https://sentry.gitlab.net/api/105/security/?sentry_key=a42ea3adc19140d9a6424906e12fba86; script-src 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/ https://apis.google.com https://*.zuora.com/apps/PublicHostedPageLite.do 'nonce-3Z/qnpxAfDFYQzslmTSdcw=='; style-src 'self' 'unsafe-inline'; worker-src https://gitlab.com blob: data:; form-action 'self' https: http: https:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy
base-uri 'self'; child-src https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://content-cloudresourcemanager.googleapis.com https://www.googletagmanager.com/ns.html https://*.zuora.com/apps/PublicHostedPageLite.do https://gitlab.com/admin/ https://gitlab.com/assets/ https://gitlab.com/-/speedscope/index.html https://gitlab.com/-/sandbox/ https://gitlab.com/assets/ blob: data:; connect-src 'self' https://gitlab.com wss://gitlab.com https://sentry.gitlab.net https://new-sentry.gitlab.net https://customers.gitlab.com https://snowplow.trx.gitlab.net https://sourcegraph.com snowplow.trx.gitlab.net; default-src 'self'; font-src 'self'; frame-ancestors 'self'; frame-src 'self' https://www.google.com/recaptcha/ https://www.recaptcha.net/ https://content.googleapis.com https://content-cloudresourcemanager.googleapis.com https://content-compute.googleapis.com https://content-cloudbilling.googleapis.com https://*.codesandbox.io https://customers.gitlab.com https://*.zuora.com/apps/PublicHostedPageLite.do; img-src * data: blob:; manifest-src 'self'; media-src 'self' data: http: https:; object-src 'none'; report-uri https://sentry.gitlab.net/api/105/security/?sentry_key=a42ea3adc19140d9a6424906e12fba86; script-src 'strict-dynamic' 'self' 'unsafe-inline' 'unsafe-eval' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.recaptcha.net/ https://apis.google.com https://*.zuora.com/apps/PublicHostedPageLite.do 'nonce-3Z/qnpxAfDFYQzslmTSdcw=='; style-src 'self' 'unsafe-inline'; worker-src https://gitlab.com blob: data:; form-action 'self' https: http: https:
x-permitted-cross-domain-policies
none
x-guploader-uploadid
ADPycdt0hJFFrnINR1PGrMqPJuYxJrY1aNKL1atnRHQwmhJM1w3Vo-A8AzfQEQAE7_brF3gtux-UTMR0L26spG2ltd7v0HMuT4K0
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="project_avatar.png"; filename*=UTF-8''project_avatar.png
referrer-policy
strict-origin-when-cross-origin
etag
"315eeda2a92541ff13dc969876f59ad5"
x-frame-options
SAMEORIGIN
x-goog-generation
1651071945639769
content-type
image/png
vary
Accept-Encoding
cache-control
max-age=300, private, must-revalidate
date
Sat, 25 Mar 2023 23:59:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
gitlab-sv
web-gke-us-east1-c
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
gitlab-lb
fe-28-lb-gprd
content-length
3827
x-xss-protection
1; mode=block
x-request-id
01GWDKD21A8YXYRQCHKSCWKGXR
x-ua-compatible
IE=edge
x-runtime
0.039389
last-modified
Wed, 27 Apr 2022 15:05:45 GMT
server
cloudflare
x-download-options
noopen
x-goog-hash
crc32c=1eSvfw==, md5=MV7toqklQf8T3JaYdvWa1Q==
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n1YFvLQX0dElpXtJpd%2BTscWPyS7q3uxdDFqOFEvFK35nqmvAcS4WAqmHh0SeVwD8w%2B7Gf%2FHqz6Po2d0Ud3hEiTYffSNJkc8ZZmG9GyE0MIlG1CDCGiflWyzf1qb9gN8XFT91IiDDSY%3D"}],"group":"cf-nel","max_age":604800}
permissions-policy
interest-cohort=()
x-goog-stored-content-length
3827
accept-ranges
bytes
cf-ray
7adb1bab6ee1036e-FRA
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.132.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date
Sat, 25 Mar 2023 23:59:32 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
FFTR4YX28K4FB5FM
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
a6iP6VYh8ZDuq7n6RVep5sRj2qWdo+rocIz2Ad1WAM2Xb+TRqb1OeGhjG/milBg6YS6t208h6Vw=
tocbot.min.js
cdnjs.cloudflare.com/ajax/libs/tocbot/4.10.0/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tocbot/4.10.0/tocbot.min.js
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5539fd6b0fe0af801ca76456a5bf4b16bd4429d5d8242f5a81845e023d1fec93
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8005967
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3017
last-modified
Mon, 04 May 2020 16:17:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fff-29ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=on76CA9wQ3wHdeVONlNxnB21k3TWogacMpfDZATX8TmQ3XJR7L1EadlXa8hYtlyUnaI8obsnJTUoZvj4dFSZD8OS4lxRGqpjw2l2WYNaXytc%2Fsp8u1g9YgLjhdGKQOE0afTTMPcRjbMARL5GvsPdGZyO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7adb1bab2f182bee-FRA
expires
Thu, 14 Mar 2024 23:59:31 GMT
js
www.googletagmanager.com/gtag/ 		229 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EHFCDRT6YV
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
657c8efacfbe571ac253b8e55725be2a6ad1e850128072e2c854827954af7352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80711
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 25 Mar 2023 23:59:31 GMT
bootstrap.bundle.min.js
www.vidocsecurity.com/assets/js/bootstrap/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/assets/js/bootstrap/bootstrap.bundle.min.js?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
23410
ghost-fastly
true
x-request-id
fa5544ef-78bf-444a-a912-1a2873b254f5, fa5544ef-78bf-444a-a912-1a2873b254f5
x-served-by
cache-ams12757-AMS, cache-fra-eddf8230131-FRA
last-modified
Thu, 16 Feb 2023 12:13:45 GMT
server
openresty
x-timer
S1679788771.063230,VS0,VE1
etag
W/"13a49-1865a2515c5"
vary
Cookie, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
7, 1
post.js
www.vidocsecurity.com/assets/scripts/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/assets/scripts/post.js?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
cd246a9889b147d890e5e5f5202ef8a157bd37d7e00d2897d95ad54403671a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95374
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
7955
ghost-fastly
true
x-request-id
387395d9-1059-41f8-87d7-ff4698dd56ed, 387395d9-1059-41f8-87d7-ff4698dd56ed
x-served-by
cache-ams21057-AMS, cache-fra-eddf8230131-FRA
last-modified
Thu, 16 Feb 2023 12:13:44 GMT
server
openresty
x-timer
S1679788771.063845,VS0,VE1
etag
W/"5628-1865a25141c"
vary
Cookie, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
7, 1
web-background-vidocPNG.png
static.shuffle.dev/uploads/files/16/160d67705fb9d5d891044fc34fe46ed7ee14f4df/ 		353 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.shuffle.dev/uploads/files/16/160d67705fb9d5d891044fc34fe46ed7ee14f4df/web-background-vidocPNG.png
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/assets/styles/custom.css?v=07d3bedc1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:1800:b:f267:ab80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d274c80723865698d91d74aed1a0360b50431512c993e791244c90ca9485a06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

x-amz-version-id
pj_a0jCqkNQGMD_G34jX8F6IpJwQ2RSF
date
Sat, 25 Mar 2023 09:29:51 GMT
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
last-modified
Sun, 03 Apr 2022 11:44:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P3
age
52181
etag
"4f3f149f301fa11e1384ee92ee9e522d"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
361815
x-amz-cf-id
L1bjDoSCRGpPiibOt9aHEMqiSHsdKUIROjV8TO3vxkfNWks_Wa_ldA==
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.vidocsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options
nosniff
age
400912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:39 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=PT+Serif:ital,wght@0,400;0,700;1,400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.vidocsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:40 GMT
x-content-type-options
nosniff
age
400911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37924
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:40 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.vidocsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:44 GMT
x-content-type-options
nosniff
age
400907
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25036
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:44 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.vidocsecurity.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 08:37:39 GMT
x-content-type-options
nosniff
age
400912
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Mar 2024 08:37:39 GMT
image-20220114-163414.png
www.vidocsecurity.com/content/images/2022/05/
Redirect Chain
  • https://vidocsecurity.ghost.io/content/images/2022/05/image-20220114-163414.png
  • https://www.vidocsecurity.com/content/images/2022/05/image-20220114-163414.png
131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vidocsecurity.com/content/images/2022/05/image-20220114-163414.png
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
Protocol
H2
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
6efd164ab2e99ae2af583f0a129d36e5aaa2ac98aa4a41ffee2e78c79198a391

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
via
1.1 varnish, 1.1 varnish
age
2233732
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
134187
ghost-fastly
true
x-request-id
9ea0797d776891c21431b56794965266, 9ea0797d776891c21431b56794965266
x-served-by
cache-ams12754-AMS, cache-fra-eddf8230131-FRA
last-modified
Sat, 07 May 2022 11:01:43 GMT
server
openresty
x-timer
S1679788771.261160,VS0,VE2
etag
W/"20c2b-1809e2eb70e"
vary
Cookie
content-type
image/png
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
111, 1

Redirect headers

ghost-age
95267
date
Sat, 25 Mar 2023 23:59:31 GMT
via
1.1 varnish, 1.1 varnish
x-cache
MISS, MISS
alt-svc
clear
content-length
142
ghost-fastly
true
x-request-id
964e2dd6-839b-4919-abaa-d4fa463e76ab
x-served-by
cache-ams21064-AMS, cache-fra-eddf8230043-FRA
server
openresty
x-timer
S1679788771.241968,VS0,VE11
vary
Cookie
content-type
text/html
location
https://www.vidocsecurity.com/content/images/2022/05/image-20220114-163414.png
cache-control
no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
ghost-cache
HIT
accept-ranges
bytes
x-cache-hits
0, 0
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type
image/gif
prismjs.js
www.vidocsecurity.com/assets/scripts/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vidocsecurity.com/assets/scripts/prismjs.js?v=07d3bedc1c
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/assets/scripts/post.js?v=07d3bedc1c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
f62b6337a40024034634b5fdff47a019d603d4b4015af83759c3cf8baaccdd40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

ghost-age
0
date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
95269
x-cache
HIT, HIT
status
200 OK
alt-svc
clear
content-length
9651
ghost-fastly
true
x-request-id
54b813a5-e2e5-460a-b4e6-2bf5e1ccf471, 54b813a5-e2e5-460a-b4e6-2bf5e1ccf471
x-served-by
cache-ams21051-AMS, cache-fra-eddf8230131-FRA
last-modified
Thu, 16 Feb 2023 12:13:44 GMT
server
openresty
x-timer
S1679788772.940762,VS0,VE2
etag
W/"63e4-1865a25140d"
vary
Cookie, Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
ghost-cache
MISS
accept-ranges
bytes
x-cache-hits
4, 1
collect
region1.google-analytics.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EHFCDRT6YV&gtm=45je33m0&_p=1133875397&cid=1658341089.1679788772&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1679788771&sct=1&seg=0&dl=https%3A%2F%2Fwww.vidocsecurity.com%2Fblog%2Fhacking-swagger-ui-from-xss-to-account-takeovers%2F&dt=Hacking%20Swagger-UI%20-%20from%20XSS%20to%20account%20takeovers&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EHFCDRT6YV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 25 Mar 2023 23:59:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.vidocsecurity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prism-yaml.min.js
cdnjs.cloudflare.com/ajax/libs/prism/1.25.0/components/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prism/1.25.0/components/prism-yaml.min.js
Requested by
Host: www.vidocsecurity.com
URL: https://www.vidocsecurity.com/assets/scripts/prismjs.js?v=07d3bedc1c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0983ca0dc7cf9f091f0121107a57db4770f8d740dc041489500a51d89b8a8693
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.vidocsecurity.com/blog/hacking-swagger-ui-from-xss-to-account-takeovers/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 23:59:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7998848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
783
last-modified
Thu, 16 Sep 2021 16:38:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6143730b-30f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SU%2FgVNH5FzkVv29YHok4ZJAHa37eXiukkd%2FHM8biurjZDbX%2FuDOZU8HuUldP4I5O94%2FDwCV3gB862F%2BsxrdvR6lMYWLx4yb65yiQ4EoS4ynZZ3pYro7lZEkTpJUq0pHucQJ9PfArPFKzWpVcMUXkF1Pw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7adb1bb0cc1b2bee-FRA
expires
Thu, 14 Mar 2024 23:59:31 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless undefined| $ undefined| jQuery object| mc function| $mcj object| fnames object| ftypes string| siteUrl string| siteSearch string| prismJs string| prismJsComponents object| tocbot function| gtag object| dataLayer number| uidEvent object| bootstrap object| lazySizes object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| Prism

3 Cookies

Domain/Path Name / Value
.gitlab.com/ Name: _cfuvid
Value: e5TTHu2XFhqOqjoWuGf5kyr4Pxq.WQI755jhHIEZZYo-1679788771513-0-604800000
.vidocsecurity.com/ Name: _ga_EHFCDRT6YV
Value: GS1.1.1679788771.1.0.1679788771.0.0.0
.vidocsecurity.com/ Name: _ga
Value: GA1.1.1658341089.1679788772

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
gitlab.com
region1.google-analytics.com
s3.amazonaws.com
static.shuffle.dev
vidocsecurity.ghost.io
www.googletagmanager.com
www.vidocsecurity.com
2001:4860:4802:34::36
2600:9000:223d:1800:b:f267:ab80:93a1
2606:4700:90:0:f22e:fbec:5bed:a9b9
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1450:4001:812::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a04:4e42:200::775
2a04:4e42:400::775
2a04:4e42::775
52.216.132.181
018213ceb87b472388095d0264be5b4319ef47471dacea03c83ecc233ced2fd5
045846fee66aac1155a98f62292c4adf2393bf7ef4ab4779c008d6c7044e86c5
0983ca0dc7cf9f091f0121107a57db4770f8d740dc041489500a51d89b8a8693
0d9d061ef19ab5e9145057d6ecfb723d6f031ffb713eefc18edc9f12c1e777fe
30de483c11e04e0b998641268d79d8f85c2821f3279c03cd152c0bdb6ad4706a
328d7abf4d72a439d4e34de7e8651cf330844023c9cbd3ff0c62f912d4082cde
3778cdc2a9b6e2270a92eef81dbf2d4cdfb9676a30df90828a6a7b2f52e54a37
3d09feaf4c42d05e167fb12401e81a477dd6764a0511850d3b08332f600b780b
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
5539fd6b0fe0af801ca76456a5bf4b16bd4429d5d8242f5a81845e023d1fec93
5d46d20f79bec4b5b6ed6fe6a7d90c9fe7c8f4053632806488c31255561623ea
657c8efacfbe571ac253b8e55725be2a6ad1e850128072e2c854827954af7352
6efd164ab2e99ae2af583f0a129d36e5aaa2ac98aa4a41ffee2e78c79198a391
7b9c762be52fed9737a319df953c29ad448a7713a31a4ba0f76ab15013512ee6
808b7fd8c23dabc7897814f876f8b4da088a608b6b0a3b1f2f904777109d3d66
8d274c80723865698d91d74aed1a0360b50431512c993e791244c90ca9485a06
954c4c02354e1ce8a4d61cb9b7deb16f0add38b31bbceec1e40f7ed755e60f11
a85545eade1b1c1f9c87deaaa1063357f29257bff21fddf54968e42fbe9e7e88
a85b2fe307777c8eb47f06a1eec399fcbddfe83d252fd202d3e1358051fcf27d
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b251a84117dfd2a9ba00521116d208d4d72398ae664420b68d362f02dd0277c7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
cd246a9889b147d890e5e5f5202ef8a157bd37d7e00d2897d95ad54403671a21
cffe139366b3882387dddbd10d59e7d9aa29345793fdbf51ddde809ca6a0bec2
de10e670fff37b0d4dda87228d77fffbf6a95d52b1c7b5b07bf78db8f82f0738
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f62b6337a40024034634b5fdff47a019d603d4b4015af83759c3cf8baaccdd40
faf34e1ed712a796a6c4c31623402245d16c7be043004e68a8e121f9a371f785