cxsecurity.com Open in urlscan Pro
149.56.132.246 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cxsecurity.com/issue/WLB-2020050071
Submission: On September 11 via api (September 11th 2020, 12:16:05 pm UTC) from FR

Summary HTTP 40 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 14 IPs in 5 countries across 13 domains to perform 40 HTTP transactions. The main IP is 149.56.132.246, located in Montreal, Canada and belongs to OVH, FR. The main domain is cxsecurity.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 19th 2020. Valid for: 3 months.

This is the only time cxsecurity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	149.56.132.246 149.56.132.246	16276 (OVH) (OVH)
6	2606:4700:303... 2606:4700:3034::681f:4ec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
40	14

3 149.56.132.246 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: 246.ip-149-56-132.net

cxsecurity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3034::681f:4ec2 (United States)

ASN13335 (CLOUDFLARENET, US)

cert.cx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

web.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	17 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	144 KB
6	google.com www.google.com adservice.google.com	2 KB
6	cert.cx cert.cx	574 KB
5	twitter.com platform.twitter.com syndication.twitter.com	31 KB
3	cxsecurity.com cxsecurity.com	8 KB
2	facebook.com 1 redirects web.facebook.com www.facebook.com	650 B
2	facebook.net connect.facebook.net	64 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.de adservice.google.de	890 B
1	gstatic.com www.gstatic.com	132 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
1	googleapis.com ajax.googleapis.com	58 KB
40	13

	Domain	Requested by
6	cert.cx	cxsecurity.com cert.cx
5	www.google.com	cxsecurity.com www.gstatic.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	platform.twitter.com	cxsecurity.com platform.twitter.com
4	pagead2.googlesyndication.com	cxsecurity.com pagead2.googlesyndication.com
3	cxsecurity.com	cxsecurity.com ajax.googleapis.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	connect.facebook.net	cxsecurity.com connect.facebook.net
2	stats.g.doubleclick.net	cxsecurity.com
1	syndication.twitter.com
1	www.facebook.com	connect.facebook.net
1	web.facebook.com	1 redirects
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.gstatic.com	www.google.com
1	cdnjs.cloudflare.com	cxsecurity.com
1	ajax.googleapis.com	cxsecurity.com
40	18

This site contains links to these domains. Also see Links.

Domain
cifrex.org
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
cxsecurity.com Let's Encrypt Authority X3	`2020-06-19` - `2020-09-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
platform.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-13` - `2021-08-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://cxsecurity.com/issue/WLB-2020050071
Frame ID: BD025122037B4B746778CB84D5F15CC5
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/zrt_lookup.html
Frame ID: 06EAD7DB407D5D73DF8507A550FC035F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=dark&size=normal&cb=gy6ky5v0p02
Frame ID: 50AB2433C112F10D38250C6B059CE02F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=dark&size=normal&cb=fw2oyosme008
Frame ID: 149BE9432BE328F4EFAD7A4D60D04504
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&w=798&fwrn=4&fwrnh=100&lmt=1599826547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599826546930&bpp=47&bdt=277&idt=257&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=759375286436&frm=20&pv=2&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=134228026&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQGjTw6Ei9&p=https%3A//cxsecurity.com&dtd=289
Frame ID: 49DFCB4BE48205D7808586CF321A193F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fcxsecurity.com
Frame ID: 35BDECD7FEEEFFF2CAD139ADA161D0EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=6599633238&adk=1033137904&adf=3594544816&w=1043&fwrn=4&fwrnh=100&lmt=1599826547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1043x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599826546977&bpp=3&bdt=324&idt=295&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280&correlator=759375286436&frm=20&pv=1&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=2281711674&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=279&ady=1844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sUX9jpUu5U&p=https%3A//cxsecurity.com&dtd=300
Frame ID: 32A5F43B8DF420018A2490BA7C4111FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&adk=1812271804&adf=3025194257&lmt=1599826547&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&ea=0&flash=0&pra=7&wgl=1&dt=1599826547144&bpp=1&bdt=491&idt=146&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280%2C1043x280&nras=1&correlator=759375286436&frm=20&pv=1&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=2281711674&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=214
Frame ID: 9E23DC4B376C48AEAB702438FD761196
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=lcl4m058rxcw
Frame ID: 8461387471CE42DDA11B2B320A6D5A6B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2d7d9a6d04538bf11c7b23641e75738c.en.html
Frame ID: A51B305402CACB4C09A7A8E2340A45F0
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=xz9nsiopns9m
Frame ID: 14598CCD5702D395BB02C847DEDA9D9F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff267c5884816c64%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50&_rdc=1&_rdr
Frame ID: 3489F5C41B98497ED88FFA83EBF8C5A9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5862D9C88FC450F96024AB6AEB8A83D1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

40
Requests

100 %
HTTPS

80 %
IPv6

13
Domains

18
Subdomains

14
IPs

5
Countries

1061 kB
Transfer

2136 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://cifrex.org/
Title: cIFrex

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cxsec
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/cxsecurity
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://web.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff267c5884816c64%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50 HTTP 302
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff267c5884816c64%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50&_rdc=1&_rdr

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set WLB-2020050071 Show response
cxsecurity.com/issue/ 17 KB
5 KB 761ms
491ms Document
text/html 149.56.132.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cxsecurity.com/issue/WLB-2020050071
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.132.246 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-149-56-132.net
Software: Apache /
Resource Hash: b235219b6e2e5b518a89d83d36bc74e0add43d8951356d23dd5e62e876117f9e

Request headers

Host: cxsecurity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 12:15:46 GMT
Server: Apache
Set-Cookie: cxlang=en; expires=Sat, 11-Sep-2021 12:15:46 GMT; Max-Age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: https://cert.cx
Content-Length: 5195
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H2 200 m-jq.js Show response
cert.cx/cxstatic/js/ 128 KB
40 KB 48ms
22ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/js/m-jq.js?T
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3711126bd3b4b00e10bee8c1b9059f8e42604916f1db51fcc1f0d193335d8a8c

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 4673
cf-polished: origSize=131091
status: 200
cf-request-id: 051eb0e7fb0000dfad081d1200000001
last-modified: Sun, 26 Nov 2017 14:47:32 GMT
server: cloudflare
etag: W/"20013-55ee3dd9a0900-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://cxsecurity.com
cache-control: max-age=691200
cf-ray: 5d1150ecc817dfad-FRA
cf-bgj: minify

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.6.4/ 163 KB
58 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.6.4/angular.min.js

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 356964
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58814
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Sep 2021 09:06:22 GMT

GET
H2 200 m.js Show response
cert.cx/cxstatic/js/ 64 KB
17 KB 46ms
20ms Script
application/javascript 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/js/m.js?V
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca17ac3996c50c96ebcc1beb008e613330636c60509021288c8d673dc6f66c00

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 4673
cf-polished: origSize=65718
status: 200
cf-request-id: 051eb0e7fb0000dfad081d2200000001
last-modified: Sun, 26 Nov 2017 14:47:36 GMT
server: cloudflare
etag: W/"100b6-55ee3ddd71200-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://cxsecurity.com
cache-control: max-age=691200
cf-ray: 5d1150ecc81adfad-FRA
cf-bgj: minify

GET
H2 200 b.css
cert.cx/cxstatic/css/ 117 KB
18 KB 44ms
19ms Stylesheet
text/css 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/css/b.css?G
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a96d85055e7314b1c3287615f2670d5d7e994682ac22249d9b65856786aea959

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 2732
cf-polished: origSize=120147
status: 200
cf-request-id: 051eb0e7fa0000dfad081d0200000001
last-modified: Fri, 30 Mar 2018 06:43:50 GMT
server: cloudflare
etag: W/"1d553-5689b9013f580-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://cxsecurity.com
cache-control: max-age=691200
cf-ray: 5d1150ecc814dfad-FRA
cf-bgj: minify

GET
H2 200 cxseci.png
cert.cx/cxstatic/images/12018/ 8 KB
8 KB 27ms
19ms Image
image/png 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cert.cx/cxstatic/images/12018/cxseci.png
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2df1d036c1b10f1a28b59c5eaf728987a894fb6474141f0a3aa2bf16dc0cad0b

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
cf-cache-status: HIT
age: 2731
status: 200
content-length: 8033
cf-request-id: 051eb0e8410000dfad081d3200000001
last-modified: Sat, 06 Jan 2018 21:29:59 GMT
server: cloudflare
etag: "1f61-56222445e63c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: https://cxsecurity.com
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5d1150ed3943dfad-FRA

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 796 B
944 B 42ms
15ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f6fb957f06371f6789f231eada0c2805d181bddab6118c694631c6304da53db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 487
x-xss-protection: 1; mode=block
expires: Fri, 11 Sep 2020 12:15:46 GMT

GET
H2 200 angular-sanitize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/angular-sanitize/1.6.6/ 6 KB
3 KB 39ms
17ms Script
application/javascript 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/angular-sanitize/1.6.6/angular-sanitize.min.js

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdf24f810daad6c8133158e57d1fadc664f11090b5952f39deb4800a990df236

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1525676
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3025
cf-request-id: 051eb0e82a00001756ea9f2200000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:51 GMT
server: cloudflare
etag: "5eb03d23-19c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5d1150ed1d811756-FRA
expires: Wed, 01 Sep 2021 12:15:46 GMT

GET
H/1.1 200
OK show.js Show response
cxsecurity.com/js/ 5 KB
2 KB 144ms
143ms Script
application/javascript 149.56.132.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cxsecurity.com/js/show.js
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.132.246 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-149-56-132.net
Software: Apache /
Resource Hash: 128dd16963271415d32ab36c861133e3b44dcc8a702edae2b0ad2da8cbb75374

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Sep 2020 12:15:46 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Nov 2017 14:47:38 GMT
Server: Apache
ETag: "14bb-55ee3ddf59680-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: https://cert.cx
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1606

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 126 KB
45 KB 50ms
22ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

852ea6c576063fa47182bc91f6334fd0c46542ca8545e64bb0f8275ab982d36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44914
x-xss-protection: 0
server: cafe
etag: 15576440867277982315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Sep 2020 12:15:46 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 49ms
14ms Script
text/javascript 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 3989
date: Fri, 11 Sep 2020 11:09:17 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Fri, 11 Sep 2020 13:09:17 GMT

GET
H2 200 bg13.jpg
cert.cx/cxstatic/images/w/ 472 KB
473 KB 16ms
14ms Image
image/jpeg 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cert.cx/cxstatic/images/w/bg13.jpg?2
Requested by: Host: cert.cx
URL: https://cert.cx/cxstatic/css/b.css?G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23bfdf0c8d7d30a10f284f4a1ae80f9daf5e96948bf3f0b59e55951f0724e59b

Request headers

Referer: https://cert.cx/cxstatic/css/b.css?G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
cf-cache-status: HIT
age: 4670
status: 200
content-length: 483480
cf-request-id: 051eb0e8410000dfad081d4200000001
last-modified: Sun, 26 Nov 2017 14:58:07 GMT
server: cloudflare
etag: "76098-55ee403735dc0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: https://cxsecurity.com
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5d1150ed3944dfad-FRA

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ 336 KB
132 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=CaptchaCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 15:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Sep 2020 04:06:55 GMT
server: sffe
age: 246625
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134800
x-xss-protection: 0
expires: Wed, 08 Sep 2021 15:45:21 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
197 B 18ms
15ms Image
image/gif 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1118254800&utmhn=cxsecurity.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Create-Project%20Manager%201.07%20Cross%20Site%20Scripting%20%2F%20HTML%20Injection%20-%20CXSecurity.com&utmhid=1845810423&utmr=-&utmp=%2Fissue%2FWLB-2020050071&utmht=1599826546813&utmac=UA-39628967-1&utmcc=__utma%3D178048631.842149346.1599826547.1599826547.1599826547.1%3B%2B__utmz%3D178048631.1599826547.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1143034412&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Sep 2020 12:15:46 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 136ms
42ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:47 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 28881
x-served-by: cache-bwi5143-BWI, cache-fra19180-FRA
last-modified: Tue, 01 Sep 2020 20:40:54 GMT
etag: "a58136137a93f33c1d165df7d4d973f8+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
tw-cdn: FT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/ 228 KB
86 KB 49ms
33ms Script
text/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f223afe73e8e54bef06ee5fb36c0f8c7bcd4c835717d137d8915996b3309c8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87668
x-xss-protection: 0
server: cafe
etag: 5831147292718782217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Sep 2020 12:15:46 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/ Frame 06EA 0
0 6ms
6ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200901/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200901/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 11 Sep 2020 09:18:18 GMT
expires: Fri, 25 Sep 2020 09:18:18 GMT
content-type: text/html; charset=UTF-8
etag: 9704104221650600920
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4744
x-xss-protection: 0
age: 10648
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js

Requested by

Host: cxsecurity.com
URL: https://cxsecurity.com/issue/WLB-2020050071

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1daec2cdd3d2a2adc6ef5403e896e80a9ae9437b72bb8ff034598a091b62344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Lf1XypgMnnDPMK82E4C9MA==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "ed15a7208ee91710128cd9c5fc5139b6"
x-fb-debug: SDS+5YBUZbpv3XP5QnANs/1838RfmSdwEffVPKzxrqueBZSpEh4onjIbzFqVyO5sMZh11U5Z9ZK0qVcUh9A1TQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: 42c1387add4baf51b6bf6b941042baf2
x-frame-options: DENY
date: Fri, 11 Sep 2020 12:15:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Sep 2020 12:20:12 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
cert.cx/cxstatic/fonts/ 18 KB
18 KB 28ms
12ms Font
application/octet-stream 2606:4700:3034::681f:4ec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cert.cx/cxstatic/fonts/glyphicons-halflings-regular.woff2?A
Requested by: Host: cert.cx
URL: https://cert.cx/cxstatic/css/b.css?G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::681f:4ec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://cxsecurity.com
Referer: https://cert.cx/cxstatic/css/b.css?G
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:47 GMT
cf-cache-status: HIT
last-modified: Sun, 26 Nov 2017 14:47:05 GMT
server: cloudflare
age: 117
status: 200
etag: "466c-55ee3dbfe0c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: https://cxsecurity.com
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 5d1150eece6f9710-FRA
content-length: 18028
cf-request-id: 051eb0e93d00009710f6162200000001

GET
H/1.1 200
OK 1 Show response
cxsecurity.com/comments/WLB-2020050071/1/ 2 B
226 B 160ms
159ms XHR
application/json 149.56.132.246
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cxsecurity.com/comments/WLB-2020050071/1/1
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.6.4/angular.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.56.132.246 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: 246.ip-149-56-132.net
Software: Apache /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/plain, */*
Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://cert.cx
Date: Fri, 11 Sep 2020 12:15:47 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 2
Content-Type: application/json

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 50AB 0
0 52ms
37ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=dark&size=normal&cb=gy6ky5v0p02

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GslNxMO6pi38HI3GykKOZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=dark&size=normal&cb=gy6ky5v0p02
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 12:15:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-GslNxMO6pi38HI3GykKOZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11659
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 anchor
www.google.com/recaptcha/api2/ Frame 149B 0
0 48ms
36ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Ip77IIDgE7qg1v4Oop8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&co=aHR0cHM6Ly9jeHNlY3VyaXR5LmNvbTo0NDM.&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&theme=dark&size=normal&cb=fw2oyosme008
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 12:15:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-5Ip77IIDgE7qg1v4Oop8Iw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10763
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 40ms
14ms Script
application/javascript 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cxsecurity.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 12:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 48ms
23ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cxsecurity.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 12:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 49DF 0
0 272ms
272ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&w=798&fwrn=4&fwrnh=100&lmt=1599826547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599826546930&bpp=47&bdt=277&idt=257&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=759375286436&frm=20&pv=2&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=134228026&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQGjTw6Ei9&p=https%3A//cxsecurity.com&dtd=289

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=9692700437&adk=3005825735&adf=3607514210&w=798&fwrn=4&fwrnh=100&lmt=1599826547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=798x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599826546930&bpp=47&bdt=277&idt=257&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=759375286436&frm=20&pv=2&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=134228026&dssz=22&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=401&ady=232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=NQGjTw6Ei9&p=https%3A//cxsecurity.com&dtd=289
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Sep 2020 12:15:47 GMT
server: cafe
content-length: 20276
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Sep-2020 12:30:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Sep 2020 12:15:47 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 74ms
43ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c691b5621b3c3681307bad87d60e39a508e4dd531d3e58d18d60800831ee94da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1599669618812000"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27492
x-xss-protection: 0
expires: Fri, 11 Sep 2020 12:15:47 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ 201 KB
62 KB 35ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js?hash=b2f8e55f6f0f9ae28ee41f88e4fd81a4&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8766d048a8b838ae2bbc55e73148604e557e7b76bcd87b36a4fde97309a5028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://cxsecurity.com
Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yRVjgQTaHTBDA/hQAL3bBg==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62372
etag: "b1a13a60bc6d0c9188e865b8141ebfaa"
x-fb-debug: j7PiZMm5TacJM49qVyE6mnV7sLHmZjQ7EWf+ENupyl00YUobUv51i9UBSd40GursOE37uQ0pJChRy2IdKP4m+g==
x-fb-trip-id: 664085054
x-fb-content-md5: ab869475fb50e4c058354dfd5d9fa8a9
x-frame-options: DENY
date: Fri, 11 Sep 2020 12:15:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 11 Sep 2021 11:22:37 GMT

GET
H2 200 widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 35BD 0
0 42ms
41ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fcxsecurity.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fcxsecurity.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
last-modified: Tue, 01 Sep 2020 17:58:17 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "9fa476ae827f556d5b037fe43632370d+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 11 Sep 2020 12:15:47 GMT
x-served-by: cache-bwi5137-BWI, cache-fra19180-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 5825

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 32A5 0
0 285ms
272ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=6599633238&adk=1033137904&adf=3594544816&w=1043&fwrn=4&fwrnh=100&lmt=1599826547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1043x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599826546977&bpp=3&bdt=324&idt=295&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280&correlator=759375286436&frm=20&pv=1&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=2281711674&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=279&ady=1844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sUX9jpUu5U&p=https%3A//cxsecurity.com&dtd=300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5074670963595353&output=html&h=280&slotname=6599633238&adk=1033137904&adf=3594544816&w=1043&fwrn=4&fwrnh=100&lmt=1599826547&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1043x280&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1599826546977&bpp=3&bdt=324&idt=295&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280&correlator=759375286436&frm=20&pv=1&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=2281711674&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=279&ady=1844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7Cn&abl=XS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=sUX9jpUu5U&p=https%3A//cxsecurity.com&dtd=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Sep 2020 12:15:47 GMT
server: cafe
content-length: 24100
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Sep-2020 12:30:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Sep 2020 12:15:47 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9E23 0
0 21ms
20ms Document
text/html 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5074670963595353&output=html&adk=1812271804&adf=3025194257&lmt=1599826547&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&ea=0&flash=0&pra=7&wgl=1&dt=1599826547144&bpp=1&bdt=491&idt=146&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280%2C1043x280&nras=1&correlator=759375286436&frm=20&pv=1&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=2281711674&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5074670963595353&output=html&adk=1812271804&adf=3025194257&lmt=1599826547&plat=1%3A32776%2C2%3A16809992%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&ea=0&flash=0&pra=7&wgl=1&dt=1599826547144&bpp=1&bdt=491&idt=146&shv=r20200901&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=798x280%2C1043x280&nras=1&correlator=759375286436&frm=20&pv=1&ga_vid=842149346.1599826547&ga_sid=1599826547&ga_hid=1845810423&ga_fc=1&iag=0&icsg=2281711674&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067034&oid=3&pvsid=3968307554206431&pem=286&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&dtd=214
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Sep 2020 12:15:47 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 11-Sep-2020 12:30:47 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Sep 2020 12:15:47 GMT
cache-control: private

GET
H2 200 button.e24f3bcdec527b80b9c80e88b62047c3.js Show response
platform.twitter.com/js/ 7 KB
2 KB 46ms
44ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.e24f3bcdec527b80b9c80e88b62047c3.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: da3e524928bcca821af2551eb6f9e9ae2449ceb48642cce4f2dae23383098537

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:47 GMT
content-encoding: gzip
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 2295
x-served-by: cache-bwi5128-BWI, cache-fra19180-FRA
last-modified: Tue, 01 Sep 2020 17:58:08 GMT
etag: "2288bbd5e30b6dba457d3d615de9e136+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
tw-cdn: FT

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 8461 0
0 31ms
30ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=lcl4m058rxcw

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4LY3ord8ywy5rEGJZbsSmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=lcl4m058rxcw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 12:15:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-4LY3ord8ywy5rEGJZbsSmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1174
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tweet_button.2d7d9a6d04538bf11c7b23641e75738c.en.html
platform.twitter.com/widgets/ Frame A51B 0
0 54ms
53ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2d7d9a6d04538bf11c7b23641e75738c.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: platform.twitter.com
:scheme: https
:path: /widgets/tweet_button.2d7d9a6d04538bf11c7b23641e75738c.en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
last-modified: Tue, 01 Sep 2020 17:58:14 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "287ee8422006a852a093d257a3e63161+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 11 Sep 2020 12:15:47 GMT
x-served-by: cache-bwi5126-BWI, cache-fra19180-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 12279

GET
H3-Q050 200 bframe
www.google.com/recaptcha/api2/ Frame 1459 0
0 42ms
39ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=xz9nsiopns9m

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OzlddR+f/gj6nv2GabM+AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&k=6LfbQCQTAAAAANKENerevt305dDl_nywcNEn91q6&cb=xz9nsiopns9m
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 11 Sep 2020 12:15:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-OzlddR+f/gj6nv2GabM+AQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1173
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 40ms
26ms XHR
application/json 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200901&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

576aa86d7d23c5e3628cc9974f81b159c158bf0ddcf84ea7d3d684f130e48cec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Sep 2020 12:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0

GET
H2

200

like.php
www.facebook.com/v2.3/plugins/ Frame 3489
Redirect Chain

https://web.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecur...
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecuri...

0
0

92ms
52ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff267c5884816c64%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50&_rdc=1&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js?hash=b2f8e55f6f0f9ae28ee41f88e4fd81a4&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.3/plugins/like.php?action=like&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff267c5884816c64%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50&_rdc=1&_rdr
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
timing-allow-origin: *
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
facebook-api-version: v3.1
x-xss-protection: 0
content-type: text/html; charset="utf-8"
x-fb-debug: 21GQFuba24Np6bEt3Gt+8Q4gGWGzjwJRA8YRvAkhuMEiFgbmHZVMMYacRNL64smPda4Ba/6fo51x2tOpmBCxpg==
date: Fri, 11 Sep 2020 12:15:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

status: 302
location: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df22721d9a95c0d4%26domain%3Dcxsecurity.com%26origin%3Dhttps%253A%252F%252Fcxsecurity.com%252Ff267c5884816c64%26relation%3Dparent.parent&container_width=243&href=https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071&layout=button&locale=pl_PL&sdk=joey&share=false&show_faces=false&width=50&_rdc=1&_rdr
x-fb-zr-redirect: 02|1599912948|FzBEAiAToetQnT7ZotJemBkAV5Y_6tF4A9bxDHw-rqPvd1BDTwIgebwVZ8PJjoRWxQY8jNn6Moi59fGzEKK1ZAkLTSe-3go
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: OoaqwPR/9rutwlfWK5yxaOKbVaa75fJAZQSwE2VcTNmGkFAgkRHce8q+zq7qX/MPkMi9VIpE2nqA8mwjridLtA==
content-length: 0
date: Fri, 11 Sep 2020 12:15:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200901/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 11 Sep 2020 12:15:48 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
384 B 174ms
172ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fcxsecurity.com%2Fissue%2FWLB-2020050071%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1599826548294%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22219d021%3A1598982042171%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Sep 2020 12:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Fri, 11 Sep 2020 12:15:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 94aa797e509f72a7ab8f502cff9f7bd8
x-transaction: 000c6446009d98df
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5862 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cxsecurity.com/issue/WLB-2020050071
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cxsecurity.com/issue/WLB-2020050071

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 11 Sep 2020 11:15:57 GMT
expires: Sat, 11 Sep 2021 11:15:57 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3591
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
237 B 42ms
40ms Image
image/gif 2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200901&jk=3968307554206431&bg=!b2ylbHRYNzHB4tFvpcACAAABVFIAAABjCgF881uvhu2Ib-IVwyUJyDCQOX0qcp-A68jyJA38BDKNq3FJAqsS2warG2GyUdVmemvolOukFiRHrGopaJi5ZXaP8B0dEnduQtopbbrVjnyIA7WDGyxXBz3GwFRuqbUpol30WbVSTC1qyrHssUNSBzjBNXNlWofmvRvK4jnwnni-zFOyVaT5s3HBmJcdfITNUuYDW_KLwdqAtGdFERMm9exWJ3pAbM6L4Dyp3RBgM7cyq1leB6BTYYhXUAaQG_uJL05bN7wcOGN8hcV6wbKzYq-KZXOvC-seivHHLtOwJVHAMX5QbSUWFsXb1FJUub0YKCUTBmWtNbVgcJ5Lny-si4OLt3yCFQ_evfc5NvQhW0Z3pdrNr4fSgvBRaRkkBiRQvO8IyKkMZeib_HD0JaC0N1kjBSZiJ0J5Y8Rha9qR6xS2Q4QPjpwb_PNPf2YDh533B1GgA8rNiRglY368OD3dZ6ldfKhIMS9rDZlzR_pjpvM1IX9Ytlpb6lGC1tjn8DmZAacLmfuibILoWdhl9fNcLH6i54Fe9AA8x40mKeToEcOLU5B4uw-XU4OvAaU9Oi6e_d935w82xVsawbDNF2V4aWOqKOXlhdpGjcSpjBSgFLpQOqYR_fMmhw-Ozn11Q_CqaUiMIOjnZ8VpObITN0Iqa5qNUQQqdzj7ryCBvhIMyK-bskUY_VEUPkjQvQ-zrqQmDfqKH40AX8G_KnXJVSgK9hSYPaD6NiRi14KnxKR8vlIKfDgOooL4P9XjzSrtBtsDTDkGd7PCvq0Bz9CYcZo_1EbUU4vBTXOhMWOobDyMQ12uRUX6WZy2OfEl5AJB18xAAyy9iEb9fJcuUvZKS0aFv_3Z-CtXPtKuE81N5NBRCdPN2lDCm9KqIYfkt27511wiVGyLFqB6hkXVOu5vxe8XI9mNk0B8tQKZgHjOQjj2HVAvQ0hFlbBmj4VEmeBgivUxS71sORYJ8fPECiK9vKfbPOOJTuLcTQydCMf27WMWhI7fjX_oF2-Cl4rmtFuKoQCzyvSAsPQZC_fRxfy1JBFsGiRupwhJowhMSxn1LbYVKPmUrje4IQ1Ca4M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cxsecurity.com/issue/WLB-2020050071
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Sep 2020 12:15:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
cdnjs.cloudflare.com
cert.cx
connect.facebook.net
cxsecurity.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
web.facebook.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.244.42.72
149.56.132.246
151.101.12.157
2606:4700:3034::681f:4ec2
2606:4700::6811:4f6b
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:81e::200a
2a00:1450:4001:824::2002
2a00:1450:400c:c00::9b
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
128dd16963271415d32ab36c861133e3b44dcc8a702edae2b0ad2da8cbb75374
23bfdf0c8d7d30a10f284f4a1ae80f9daf5e96948bf3f0b59e55951f0724e59b
2df1d036c1b10f1a28b59c5eaf728987a894fb6474141f0a3aa2bf16dc0cad0b
3711126bd3b4b00e10bee8c1b9059f8e42604916f1db51fcc1f0d193335d8a8c
3f6fb957f06371f6789f231eada0c2805d181bddab6118c694631c6304da53db
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
576aa86d7d23c5e3628cc9974f81b159c158bf0ddcf84ea7d3d684f130e48cec
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
852ea6c576063fa47182bc91f6334fd0c46542ca8545e64bb0f8275ab982d36f
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
a96d85055e7314b1c3287615f2670d5d7e994682ac22249d9b65856786aea959
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1daec2cdd3d2a2adc6ef5403e896e80a9ae9437b72bb8ff034598a091b62344
b235219b6e2e5b518a89d83d36bc74e0add43d8951356d23dd5e62e876117f9e
c691b5621b3c3681307bad87d60e39a508e4dd531d3e58d18d60800831ee94da
ca17ac3996c50c96ebcc1beb008e613330636c60509021288c8d673dc6f66c00
cdf24f810daad6c8133158e57d1fadc664f11090b5952f39deb4800a990df236
da3e524928bcca821af2551eb6f9e9ae2449ceb48642cce4f2dae23383098537
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8766d048a8b838ae2bbc55e73148604e557e7b76bcd87b36a4fde97309a5028
f223afe73e8e54bef06ee5fb36c0f8c7bcd4c835717d137d8915996b3309c8d6
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

cxsecurity.com Open in urlscan Pro 149.56.132.246 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

80 %IPv6

13 Domains

18 Subdomains

14 IPs

5 Countries

1061 kBTransfer

2136 kBSize

0 Cookies

3 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cxsecurity.com Open in urlscan Pro
149.56.132.246 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

80 %
IPv6

13
Domains

18
Subdomains

14
IPs

5
Countries

1061 kB
Transfer

2136 kB
Size

0
Cookies

40 HTTP transactions
0 data transactions