securityforeveryone.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://app.leadberry.com/trackers/lb-24093-24093-109603.js HTTP 302
• https://app.leadberry.com/404

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Show response securityforeveryone.com/blog/	19 KB 6 KB	352ms 293ms	Document text/html	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ec2271867571963cf679ec3f0c0cae46ce309fc627a87af20add39090d3ea0a Security Headers Name Value Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' Strict-Transport-Security max-age=31536000; includeSubdomains; preload X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 6f7b4bc8cad9910a-FRA content-encoding br content-security-policy default-src 'self' http: https: data: blob: 'unsafe-inline' content-type text/html; charset=UTF-8 date Wed, 06 Apr 2022 14:43:29 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrz2vxwRpWxuaaKDfZIMTWkIJztY%2Fb496z2JyZeQ6FEuCqlhZTpzy9wq95tS%2F0ErXXTK9WR2ULWjYmBIx63LXfWvIeWMGE6VgfHr%2BMyNdTWAtOdSX8UO8TKZF5pPMjKINqzpUdBKeCxZG3IU4NottSHss2sOFw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubdomains; preload vary Accept-Encoding x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	54ms 20ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://securityforeveryone.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-15d84" vary Accept-Encoding x-hw 1649256209.dop245.am5.t,1649256209.cds261.am5.hn,1649256209.cds312.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	themify-icons.css static.securityforeveryone.com/web/public/vendors/themify-icon/	14 KB 3 KB	62ms 47ms	Stylesheet text/css	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.securityforeveryone.com/web/public/vendors/themify-icon/themify-icons.css Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fb43420b3fcce56526607078d2c677765821daf1f7b5ee82345b8429be58567 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=17540 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 27 Jun 2021 20:15:32 GMT server cloudflare etag W/"60d8dc64-4484" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pKbtnIvho1%2F0M5bscx3AfnwDWg0V6XMsWt5YpA9VejGZTJ2oBg%2BeniXyGAHJ00IUtzzT0TAlfTKYPDWDTJ46sGChzWIrlrA3WB9SfCr9CL%2FTo3whxcNo9SrwdlvsGGubqKjiNmhHkAX4ksouTPRQttXKfxZqeM1Kpmm11kU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-ray 6f7b4bcacd6b910a-FRA cf-bgj minify
GET H2	200	style.css static.securityforeveryone.com/web/public/css/	419 KB 66 KB	83ms 68ms	Stylesheet text/css	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.securityforeveryone.com/web/public/css/style.css Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9acb2a86c4ae8991aa2a6b44689b008c02a9a916d5db8ba0165a76779bfcfde0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-polished origSize=526613 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 13:04:04 GMT server cloudflare etag W/"6194fdc4-80915" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qtnjHK7avPSE1bcBe6O6XHwTwptFPDAl3mQinCPfhPjNM6qTgRMJyc58NzpofNix3WzUx%2BHjeR10HobWV4N8GSKlfYD3CNVhQjFwuOZOOnCI1%2B4EjAqePpBV1iLWcOHMgG%2F33GbXZtgjjUdPjz6rFkm1tsv4bytkfKPAUM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-ray 6f7b4bcacd6e910a-FRA cf-bgj minify
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	189ms 67ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900&display=swap Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6444f45546fb21dc7be0aace64bdd7c89119cacdcdcd6178ec96d3a37f7c6f21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 06 Apr 2022 14:32:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 06 Apr 2022 14:43:29 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 06 Apr 2022 14:43:29 GMT
GET H3	200	logo2.png static.securityforeveryone.com/web/public/img/	3 KB 3 KB	24ms 24ms	Image image/png	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.securityforeveryone.com/web/public/img/logo2.png Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 833761a05853700854212f666b4e84bf614cbbbcd17afc0fca587df3085c4dd4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4175 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2609 last-modified Sun, 27 Jun 2021 20:15:32 GMT server cloudflare etag "60d8dc64-a31" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5X8osEE%2Ba5kcqxPY8fuKSqO8I5aD%2BHLZN16fDUU0jRYFV8f9%2BFByhDRVCU8Y3C%2FaNLOojageTPZ8hKmrzLqSWcu1wfcoVpwV%2BE5Pr6Fj6L80T0ttsoqZgfkDw4TPT57xKjMNxJnWX%2F34wgykWVuXNZEr0Y1UFEjNVVZNlLc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 accept-ranges bytes cf-ray 6f7b4bcbe9139107-FRA
GET H3	200	openEMR-0-day-stored-xss-vulnerability.png static.securityforeveryone.com/web//public/img/documents/2022/openemr-0-day-stored-xss-vulnerability/	48 KB 48 KB	40ms 40ms	Image image/png	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.securityforeveryone.com/web//public/img/documents/2022/openemr-0-day-stored-xss-vulnerability/openEMR-0-day-stored-xss-vulnerability.png Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5569c156599382b5b228fca3c1052bbdc9443571b5db1931f1bf55e57c312f4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT cf-cache-status HIT last-modified Fri, 25 Mar 2022 12:34:19 GMT server cloudflare etag "623db6cb-bf64" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpAqda1ZEqm2D1G0oDUl7z0Rff2u1eq1dIZHLMIOOsx4gLihGTHr%2BRvPt6K%2BZ1PcKvB%2Ffei%2FiL1vwCpFBkcMBOUBfqKcI73ICCxjwRjIOZzV2Ujr701JM4J%2F9fi%2B8f%2BYUXDqgLWRiGcV7Gvl0P47We7fZxu1Fa3e0bs4diA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6f7b4bcbe9189107-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 48996
GET H3	200	head.png static.securityforeveryone.com/web/public/img/	1 KB 2 KB	25ms 24ms	Image image/png	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.securityforeveryone.com/web/public/img/head.png Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd21eb75a1c6dd75b6b4c65bc5d55fad753ccde7facf8d81cdb3983167236ddd Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4175 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1365 last-modified Sun, 27 Jun 2021 20:15:32 GMT server cloudflare etag "60d8dc64-555" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziyKis7U55LC4GmgESgf9IIMxp43jXNaYaR0JnW4aX0mWlElfB3UeWuqjYwLvgNhAF01wmE1AdZOKajbuRdCCxy%2F2SqI4N8IL6UbEItlV2R3S4pCPaDIfzfrY4k5JS6uM4hVPomJQkPkh4yyRX8tfWmlsoc9apOe0FnvWPc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 accept-ranges bytes cf-ray 6f7b4bcbe91a9107-FRA
GET H3	200	logo3.png static.securityforeveryone.com/web/public/img/	3 KB 3 KB	26ms 24ms	Image image/png	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.securityforeveryone.com/web/public/img/logo3.png Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e592b19930869573d4b004e842ce97e98762adb0fb0877bbeb4d9f470d9dae04 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4175 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2561 last-modified Sun, 27 Jun 2021 20:15:32 GMT server cloudflare etag "60d8dc64-a01" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hwysr5tmTdXqdn%2BuGGbEWsOzdSKv5lz70IOy%2FteWgYS3QWnSIu0kXJMtQI90nJtFauhhjxe85tszD93DW6xNwqzsl2McAk0J4z0eDCbJBUQSgyJKcolf6%2BKrD%2F8IBat0Nm2Q3WlgKZ4UO9dbd1m87O5z2XcXDiFlI0EQc8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 accept-ranges bytes cf-ray 6f7b4bcbe91e9107-FRA
GET H3	200	visa-logo.png static.securityforeveryone.com/web/public/img/icons/	934 B 1 KB	25ms 23ms	Image image/png	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.securityforeveryone.com/web/public/img/icons/visa-logo.png Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb70e4ce753d6874afa44b936d58cab505d5d61038f146b7526847811768f32b Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4175 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 934 last-modified Fri, 02 Jul 2021 07:25:48 GMT server cloudflare etag "60debf7c-3a6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RLxG9UQTeKrmBpJ7OCS6Spx4zLYPKwTy7IIq86tL8GaGFA9QtYre3kLjmQlj%2FLpMycJGtbVpXHusg7Tfi6fUPrrXZweyPc1L348d67p%2FRj5ZTnJd1D63V5e%2ButduCznwe5CBu5fqrcQkG5aqukSP2FrBuydrCMKw8UaKJs%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 accept-ranges bytes cf-ray 6f7b4bcbe9209107-FRA
GET H3	200	mastercard-logo.png static.securityforeveryone.com/web/public/img/icons/	1 KB 2 KB	23ms 22ms	Image image/png	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.securityforeveryone.com/web/public/img/icons/mastercard-logo.png Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b173e4ad4e507e7b496a952da36c483137432e665af83424ca07f45571a156e5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4175 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1495 last-modified Fri, 02 Jul 2021 07:25:48 GMT server cloudflare etag "60debf7c-5d7" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LZgdJYKWJJV9xMOKupED3P6j%2BWOlsYI%2B19mnxzN5AdDQ%2Fzr1AGmtxOtEBYSJQXw7Iy1ez4FPArWDujOPOXbXZegyOiwDowNW874n8CELAmRHe5NH2ZvH7PxEixcRu44MveDIIVNkc4oUGuzfUCH86b%2B0o6O9vfX3FbQMLlI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=432000 accept-ranges bytes cf-ray 6f7b4bcbe9229107-FRA
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/	59 KB 17 KB	63ms 24ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://securityforeveryone.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 863 age 374992 cdn-cachedat 03/10/2022 17:25:25 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:09 GMT server cloudflare cdn-requestpullcode 200 etag W/"61f338f870fcd0ff46362ef109d28533" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 5830446339987fdd6fc000dc89570ba9 cf-ray 6f7b4bcc2a68905b-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	main.js Show response static.securityforeveryone.com/web/public/js/	3 KB 1 KB	22ms 21ms	Script application/javascript	2a06:98c1:3121::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.securityforeveryone.com/web/public/js/main.js Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 92dd8c7b2abc0ab9231062092a2a788e5bfa57f303a3f3569535eaa3f7043b53 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4414 cf-polished origSize=3854 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 13:03:02 GMT server cloudflare etag W/"6194fd86-f0e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbSBA1RUC7EaFYs7Z78lk51RA2MFMX%2Br9PCVOBTwrsXznRPewVfVOyFd2cpblpj1ai5fKPfBhvDseGVNzUKpgDdR0HWasaEUJBUQI8t%2F6g2LfmzTTwCsXOTDTPeKdheG6nXUtg%2B%2FvaRh1O28L3UcJNeeNqyprGSt9tPmHLw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=432000 cf-ray 6f7b4bcb5e35910a-FRA cf-bgj minify
GET H2	200	api.js Show response www.google.com/recaptcha/	884 B 1000 B	196ms 70ms	Script text/javascript	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js?render=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash a8fb07807b141debc23e5049aae4ba3009d7b4bce5d4891d6e5a7cc7b6782a51 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 587 x-xss-protection 1; mode=block expires Wed, 06 Apr 2022 14:43:29 GMT
GET H3	200	bootstrap.min.css static.securityforeveryone.com/web/public/css/	139 KB 22 KB	37ms 36ms	Stylesheet text/css	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.securityforeveryone.com/web/public/css/bootstrap.min.css Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9c5e44788e5c247ba85b11e1dbd3d59e69940167a5bdce5167e8a5ef49e2e0d Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br cf-cache-status HIT last-modified Wed, 17 Nov 2021 13:04:04 GMT server cloudflare age 4175 etag W/"6194fdc4-22adf" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB9tyGE3MIssIaMs3dxFs6V%2BPfacP5%2Fgg9tkw4ipK7MkRlyAM2c7dzcoXO2A3MI1EipYO2Sy5WpP8ONbSD1hzNQId2fzhJ%2B1KarnGQpUfuuj1dDdHEXpAfLybFFyB0R8gQMtch6gmySnPi2aZZP5ukhvGUqxt4wqoay4lM4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f7b4bcbe9239107-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	bootstrap-select.min.css static.securityforeveryone.com/web/public/vendors/bootstrap-selector/css/	10 KB 2 KB	37ms 36ms	Stylesheet text/css	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.securityforeveryone.com/web/public/vendors/bootstrap-selector/css/bootstrap-select.min.css Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f10c5f18c1a08c7ac7b91e3510be995476218667bc3f3bbf7cfc9773131e28a Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br cf-cache-status HIT last-modified Sun, 27 Jun 2021 20:15:32 GMT server cloudflare age 4175 etag W/"60d8dc64-2650" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpC38I1LOgMrlLrCp%2FhNSyaJQMzUZUuicRf4arZ59VgNSMvpWHJJXisYekbmAt%2B4R197v8ty42mhWpLl317p5paIWY8zQpcbYy8bskaHU2VV0ylLtcoab7nOwhRKGeAqZcD26wF7bYytLj2qw36qyf9BH7xwa%2FAZWw7MTy8%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f7b4bcbe9249107-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	responsive.css static.securityforeveryone.com/web/public/css/	85 KB 18 KB	65ms 64ms	Stylesheet text/css	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.securityforeveryone.com/web/public/css/responsive.css Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 447132ea45500f3884319c8b5c11d18c0681819aaa2251aea2db144792fd63e3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4175 cf-polished origSize=126076 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 17 Nov 2021 13:04:04 GMT server cloudflare etag W/"6194fdc4-1ec7c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BI7rvKoUx2ZQygzANQsqGV%2FhImC26TYFLVpW69EGfGx%2BWx1rJ%2FsTuSYqOg1ycice3xiIMIR1Xfm50QDuAvQ1Z%2FsXFT0qN%2BNaA8V9dYWAknxFV%2FJlaTCND9a%2BHGUHi7Gey8dQd5V9OfTPR9E5btyuhzU0NJ8DuMNtJlOmN7E%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=432000 cf-ray 6f7b4bcbe9259107-FRA cf-bgj minify
GET H2	200	gtm.js Show response www.googletagmanager.com/	192 KB 67 KB	259ms 76ms	Script application/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NCGXJJ9 Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d434d59b914f157638a37f18a02264721dcf7d3d072bea85ed15fdc7e9e10789 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 67880 x-xss-protection 0 last-modified Wed, 06 Apr 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Wed, 06 Apr 2022 14:43:29 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v19/	8 KB 8 KB	235ms 59ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 19:32:58 GMT x-content-type-options nosniff age 587431 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7748 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:15:31 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 30 Mar 2023 19:32:58 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v19/	8 KB 8 KB	291ms 115ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 19:31:44 GMT x-content-type-options nosniff age 587505 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7884 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:17:03 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 30 Mar 2023 19:31:44 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v19/	8 KB 8 KB	251ms 75ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 19:31:44 GMT x-content-type-options nosniff age 587505 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7816 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:11:40 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 30 Mar 2023 19:31:44 GMT
GET H2	200	pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v19/	8 KB 8 KB	276ms 126ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 19:30:32 GMT x-content-type-options nosniff age 587577 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7840 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:11:22 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 30 Mar 2023 19:30:32 GMT
GET H2	200	pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v19/	8 KB 8 KB	213ms 67ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 30 Mar 2022 19:33:39 GMT x-content-type-options nosniff age 587390 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8000 x-xss-protection 0 last-modified Wed, 26 Jan 2022 19:11:19 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 30 Mar 2023 19:33:39 GMT
GET H3	200	themify.woff static.securityforeveryone.com/web/public/vendors/themify-icon/fonts/	55 KB 34 KB	67ms 42ms	Font application/font-woff	2a06:98c1:3120::7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.securityforeveryone.com/web/public/vendors/themify-icon/fonts/themify.woff?-fvbane Requested by Host: static.securityforeveryone.com URL: https://static.securityforeveryone.com/web/public/vendors/themify-icon/themify-icons.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0db5c5a1475eb7a3e5028983ea1e642d1b2c00faff6a250a37502b0f3832a4a7 Request headers Referer https://static.securityforeveryone.com/web/public/vendors/themify-icon/themify-icons.css Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 209 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Sun, 27 Jun 2021 20:15:32 GMT server cloudflare etag W/"60d8dc64-db2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFAKp7gTpv6LPiJ7rfYie%2BJzr1OSndtZyPq5eh1An2JHB7FHuHEs8oPeqmAbuJlw3FjRoSYTLP70Vd1SAwxs4SZFJKK%2BWMLAJtVfzO3K59%2FYOjAIDDtnMATYyQrROI2a5T2lnJPluiPhmFOHvK2hnM8vGxeHHkpCvy8zihg%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff access-control-allow-origin https://securityforeveryone.com cache-control max-age=432000 cf-ray 6f7b4bcc486b5c7a-FRA
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/	362 KB 144 KB	183ms 59ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js?render=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://securityforeveryone.com/ Origin https://securityforeveryone.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:31:27 GMT content-encoding gzip x-content-type-options nosniff age 722 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 146406 x-xss-protection 0 last-modified Mon, 28 Mar 2022 04:22:14 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 06 Apr 2023 14:31:27 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	180ms 57ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCGXJJ9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 4119 date Wed, 06 Apr 2022 13:34:50 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 06 Apr 2022 15:34:50 GMT
GET H2	200	hotjar-2274418.js Show response static.hotjar.com/c/	6 KB 3 KB	54ms 36ms	Script application/javascript	143.204.98.29 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2274418.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCGXJJ9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.29 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-29.fra50.r.cloudfront.net Software / Resource Hash f60799b60496afe1a6c43d4f39fd7bc0060c70a24035fc3e3564bd3bbd57c3c2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop FRA50-C1 etag W/dd5948fbe0e16597571ff16ccc1b84c9 vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin x-amz-cf-id NjdM7lL9DOfAs8MXZk_duK5O_bloiucLDhTHPKN-4rYLqgzCT7HNwQ== via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
GET H2	200	uwt.js Show response static.ads-twitter.com/	14 KB 6 KB	50ms 7ms	Script application/javascript	199.232.136.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCGXJJ9 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding gzip last-modified Tue, 29 Mar 2022 00:09:12 GMT etag "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip" vary Accept-Encoding,Host x-tw-cdn FT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache x-cache HIT, HIT accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 5410 x-served-by cache-iad-kiad7000170-IAD, cache-hhn11566-HHN
GET H2	200	pixel.js Show response www.redditstatic.com/ads/	23 KB 8 KB	35ms 7ms	Script application/javascript	2a04:4e42:600::396 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.redditstatic.com/ads/pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCGXJJ9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US), Reverse DNS Software snooserv / Resource Hash dc832faf8ca21fb791b9abb9a3ba334ef3e31914317791dd53510b8a24d0621d Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT via 1.1 varnish, 1.1 varnish last-modified Mon, 14 Feb 2022 14:11:16 GMT server snooserv etag "9dd34b4324742bd3f713adf7f070d3b4" vary Accept-Encoding,Origin content-type application/javascript cache-control public, max-age=60 accept-ranges bytes content-encoding gzip content-length 7531
GET H/1.1	200 OK	8a2e4765938c5363a3e8d743d.js Show response chimpstatic.com/mcjs-connected/js/users/65382d8806ac95e9d79395063/	2 KB 1 KB	404ms 376ms	Script application/javascript	96.16.131.108 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://chimpstatic.com/mcjs-connected/js/users/65382d8806ac95e9d79395063/8a2e4765938c5363a3e8d743d.js Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 96.16.131.108 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-131-108.deploy.static.akamaitechnologies.com Software AmazonS3 / Resource Hash 9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers X-EdgeConnect-Origin-MEX-Latency 100, 98 Date Wed, 06 Apr 2022 14:43:30 GMT Content-Encoding gzip x-amz-request-id 4E17784E92B8F1ED X-EdgeConnect-MidMile-RTT 0, 0 Connection keep-alive Content-Length 653 x-amz-id-2 rHFW0Wr7U8JSoZEf54E6TFe/mRl7oPUmKOqnkdY1lTLkrsWb+N1FXnTCVLsn/uIoXbl9wbldVXs= Last-Modified Wed, 02 Dec 2020 07:50:00 GMT Server AmazonS3 ETag "4b60d3ea13c42468679685c32a1680ac" Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=1800 Accept-Ranges bytes Expires Wed, 06 Apr 2022 15:13:30 GMT
GET H/1.1	200 OK	track.js Show response serve.albacross.com/	10 KB 5 KB	40ms 8ms	Script application/javascript	143.204.98.119 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://serve.albacross.com/track.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCGXJJ9 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 143.204.98.119 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-119.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 38fbe56978cc73ba5a5f8c85b360f71aca125c2cd850a3cd6c3683385e388702 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 06 Apr 2022 14:42:46 GMT Content-Encoding gzip Connection keep-alive Last-Modified Thu, 08 Apr 2021 13:13:21 GMT Server AmazonS3 Age 43 ETag W/"b769e9b4f23be6c9bab7c715fdf2526a" Vary Accept-Encoding X-Cache Hit from cloudfront Content-Type application/javascript Via 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront) Cache-Control max-age=120 Transfer-Encoding chunked X-Amz-Cf-Pop FRA50-C1 X-Amz-Cf-Id lSMW3ytf8miGvjYvGoQg1uw6tCThYF5iNnWwmzjCAho6nIMnT9DhrA==
GET		/ api.ipify.org/	0 0
GET H2	404	404 app.leadberry.com/ Redirect Chain https://app.leadberry.com/trackers/lb-24093-24093-109603.js https://app.leadberry.com/404	0 0	58ms 57ms	Script text/html	2606:4700:20::ac43:481e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.leadberry.com/404 Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Server 2606:4700:20::ac43:481e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Redirect headers date Wed, 06 Apr 2022 14:43:29 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5AEnRj4Sq9MgunblN7Aad1FmEzD6qw%2B0x%2FLu%2BfYoMxKvYwFqhLXPb1QflAr%2B6uNNklVDb2blwDuaVzTp4KuMSDqKPzNK5zA4Qc%2F0vFE6a98bcC4%2B9J84SnRIpwpUxn%2BXomnrzhgzF7Gy2g7RNBQ0"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 location /404 cf-ray 6f7b4bce9c199016-FRA
GET H2	200	rp.gif alb.reddit.com/	42 B 157 B	130ms 104ms	Image image/gif	151.101.65.140 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://alb.reddit.com/rp.gif?ts=1649256209695&id=t2_d782ckwp&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&uuid=6064a52b-37eb-47ce-be75-6cfd257e8c03&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_da535582 Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.140 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Varnish / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:29 GMT via 1.1 varnish server Varnish content-type image/gif cross-origin-resource-policy cross-origin accept-ranges bytes content-length 42 retry-after 0
GET H2	200	modules.9beafb9ca96c2f868fe2.js Show response script.hotjar.com/	236 KB 62 KB	27ms 8ms	Script application/javascript	143.204.98.33 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2274418.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.33 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-33.fra50.r.cloudfront.net Software / Resource Hash 95f2a2d9bf981b3f923cc601270603e88c14767e7e29310eb2d8b6b1407457f1 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Tue, 05 Apr 2022 16:20:06 GMT content-encoding br x-content-type-options nosniff age 80603 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 63051 access-control-allow-origin * last-modified Tue, 05 Apr 2022 16:20:05 GMT etag "74214ff5f7e679f43ba048194d7bf23c" vary Accept-Encoding content-type application/javascript via 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id yn9eiFWSrWbRiJO5ezU1ftFPXjSx5uOkzPIJfBMBiJei032NvXDSBQ==
GET H2	200	adsct Show response analytics.twitter.com/i/	31 B 460 B	243ms 111ms	Script application/javascript	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Full URL https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o60nr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=24b55941-c9b9-4ea4-b070-64059ab25b13&tw_document_href=https%3A%2F%2Fsecurityforeveryone.com%2Fblog%2Fopenemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643&tpx_cb=twttr.conversion.loadPixels Requested by Host: static.ads-twitter.com URL: https://static.ads-twitter.com/uwt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-response-time 105 date Wed, 06 Apr 2022 14:43:29 GMT content-encoding gzip server tsa_o strict-transport-security max-age=631138519 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache, no-store, max-age=0 x-connection-hash 39ae7404cdc433cd9378fe40542d9c302251295c4246ffaaaf570bdf7887892e content-type application/javascript;charset=utf-8 content-length 57
GET H2	200	adsct t.co/i/	43 B 338 B	132ms 111ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o60nr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=24b55941-c9b9-4ea4-b070-64059ab25b13&tw_document_href=https%3A%2F%2Fsecurityforeveryone.com%2Fblog%2Fopenemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers x-response-time 105 date Wed, 06 Apr 2022 14:43:29 GMT server tsa_o strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash 74216e53087193c4527505db81fcbe1233ddabe5f54dcd0329fc968c9bdeeeb3 content-length 43
GET H3	200	anchor Show response www.google.com/recaptcha/api2/ Frame 3EC4	43 KB 22 KB	150ms 82ms	Document text/html	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d9d6e055418552d6c6b76bbd63ee9e7f9fd07b5a812ab6634ddf3d08979987a7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aVi3N49vFTjaIGalM20kRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip content-length 22849 content-security-policy script-src 'report-sample' 'nonce-aVi3N49vFTjaIGalM20kRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Wed, 06 Apr 2022 14:43:29 GMT expires Mon, 01 Jan 1990 00:00:00 GMT pragma no-cache report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	box-acca23410e696f2ca3087d947271c3d0.html Show response vars.hotjar.com/ Frame 7223	2 KB 1 KB	27ms 8ms	Document text/html	143.204.98.123 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2274418.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.123 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-123.fra50.r.cloudfront.net Software / Resource Hash e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers accept-ranges bytes age 5291483 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 04 Feb 2022 08:52:06 GMT etag "6f65fac4e8efe167ff5132c0c54c5729" last-modified Fri, 04 Feb 2022 08:51:39 GMT vary Accept-Encoding via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) x-amz-cf-id wtddhSBFN426b_bzso9fx_FXhlzUiLydJHTfJ7gcE-dalfgxzh-lKA== x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront x-robots-tag none
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	131ms 65ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=876745601&t=pageview&_s=1&dl=https%3A%2F%2Fsecurityforeveryone.com%2Fblog%2Fopenemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643&ul=en-us&de=UTF-8&dt=OpenEMR%200-day%20Stored%20XSS%20Vulnerability%20(CVE-2022-24643)%20%7C%20Security%20for%20Everyone&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1578003462&gjid=1833475853&cid=422238029.1649256210&tid=UA-165617504-1&_gid=1841207470.1649256210&_r=1&gtm=2wg3u0NCGXJJ9&z=1736291696 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://securityforeveryone.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 06 Apr 2022 14:43:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://securityforeveryone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	visit-data Show response in.hotjar.com/api/v2/client/sites/2274418/	147 B 323 B	97ms 34ms	XHR application/json	52.49.46.73 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://in.hotjar.com/api/v2/client/sites/2274418/visit-data?sv=7 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.49.46.73 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-49-46-73.eu-west-1.compute.amazonaws.com Software / Resource Hash f1328936bb058f2305664a8507a0be9b5cf477e10edef84ecfaabaf315e3e24c Request headers Referer https://securityforeveryone.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Wed, 06 Apr 2022 14:43:29 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
GET H3	200	styles__ltr.css www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 3EC4	51 KB 24 KB	119ms 55ms	Stylesheet text/css	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 10:26:55 GMT content-encoding gzip x-content-type-options nosniff age 15395 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24237 x-xss-protection 0 last-modified Mon, 28 Mar 2022 04:22:14 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 06 Apr 2023 10:26:55 GMT
GET H3	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/ Frame 3EC4	362 KB 143 KB	118ms 55ms	Script text/javascript	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dff2681d8f5f16b61b464b599d7c62f61efe496b54a77044145495bc8cad36d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:31:27 GMT content-encoding gzip x-content-type-options nosniff age 723 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 146406 x-xss-protection 0 last-modified Mon, 28 Mar 2022 04:22:14 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 06 Apr 2023 14:31:27 GMT
POST H2	200	content Show response ws18.hotjar.com/api/v2/sites/2274418/recordings/	66 B 259 B	169ms 38ms	XHR application/json	34.252.19.67 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ws18.hotjar.com/api/v2/sites/2274418/recordings/content Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.9beafb9ca96c2f868fe2.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.252.19.67 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-252-19-67.eu-west-1.compute.amazonaws.com Software / Resource Hash e0528ec66ff97e8d67769d25057458ba003470d01932ecfd8d1732d86ff9b835 Request headers Referer https://securityforeveryone.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain; charset=UTF-8 Response headers date Wed, 06 Apr 2022 14:43:30 GMT content-encoding br vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-max-age 86400 cache-control no-cache, no-store access-control-allow-credentials true
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 447 B	110ms 36ms	XHR text/plain	2a00:1450:400c:c0c::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-165617504-1&cid=422238029.1649256210&jid=1578003462&gjid=1833475853&_gid=1841207470.1649256210&_u=YEBAAEAAAAAAAC~&z=127144810 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://securityforeveryone.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Wed, 06 Apr 2022 14:43:30 GMT content-type text/plain access-control-allow-origin https://securityforeveryone.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	83ms 83ms	Image image/gif	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-165617504-1&cid=422238029.1649256210&jid=1578003462&_u=YEBAAEAAAAAAAC~&z=1781748993 Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Wed, 06 Apr 2022 14:43:30 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	205ms 81ms	Image image/gif	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-165617504-1&cid=422238029.1649256210&jid=1578003462&_u=YEBAAEAAAAAAAC~&z=1781748993 Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers pragma no-cache date Wed, 06 Apr 2022 14:43:30 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	logo_48.png www.gstatic.com/recaptcha/api2/ Frame 3EC4	2 KB 2 KB	55ms 55ms	Image image/png	2a00:1450:4001:801::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/recaptcha/api2/logo_48.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/styles__ltr.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Tue, 05 Apr 2022 18:59:48 GMT x-content-type-options nosniff age 71022 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2228 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type image/png cache-control public, max-age=604800 accept-ranges bytes expires Tue, 12 Apr 2022 18:59:48 GMT
GET H3	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 3EC4	15 KB 15 KB	124ms 58ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Tue, 05 Apr 2022 11:18:05 GMT x-content-type-options nosniff age 98725 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 05 Apr 2023 11:18:05 GMT
GET H3	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 3EC4	15 KB 15 KB	142ms 78ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ Origin https://www.google.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Tue, 05 Apr 2022 18:59:48 GMT x-content-type-options nosniff age 71022 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15552 x-xss-protection 0 last-modified Mon, 16 Oct 2017 17:33:02 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 05 Apr 2023 18:59:48 GMT
GET H3	200	webworker.js www.google.com/recaptcha/api2/ Frame 3EC4	102 B 134 B	65ms 65ms	Other text/javascript	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 51540e98209e949f0a7f01c1332f6bf5dfe526adeaabe2705f42184d721f90b1 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:30 GMT content-encoding gzip x-content-type-options nosniff server GSE cross-origin-embedder-policy require-corp x-frame-options SAMEORIGIN report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 112 x-xss-protection 1; mode=block expires Wed, 06 Apr 2022 14:43:30 GMT
POST H3	200	reload Show response www.google.com/recaptcha/api2/ Frame 3EC4	31 KB 18 KB	120ms 119ms	XHR application/json	2a00:1450:4001:811::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/reload?k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx Requested by Host: www.gstatic.com URL: https://www.gstatic.com/recaptcha/releases/gZWLhEUEJFxEhoT5hpjn2xHK/recaptcha__de.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 445d7485eeec8eb0090c26ff382a586519750751fcbfa4b1fac8c6969ef8e2f6 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeBGegUAAAAAL7X2Sidq2QM9fwgBYeQZbLZZpyx&co=aHR0cHM6Ly9zZWN1cml0eWZvcmV2ZXJ5b25lLmNvbTo0NDM.&hl=de&v=gZWLhEUEJFxEhoT5hpjn2xHK&size=invisible&cb=d2u068n7mia6 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Content-Type application/x-protobuffer Response headers date Wed, 06 Apr 2022 14:43:30 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 cache-control private, max-age=0 content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18292 x-xss-protection 1; mode=block expires Wed, 06 Apr 2022 14:43:30 GMT
GET H2	200	e.gif new-collect.albacross.com/	37 B 103 B	232ms 28ms	Image image/gif	52.215.131.87 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://new-collect.albacross.com/e.gif?s=JSCollector%2C3.1.1&e0=pageview&ci0=6009e733-cd0f-4387-5e64-755bb492cddd&v0=4362e3da-972d-ae5f-1168-33f156583157&p0=a60fd871-d129-19ba-8e3e-5b5f5578d94d&u0=a60fd871-d129-19ba-8e3e-5b5f5578d94d&c0=89198531&t0=1649256209703&ur0=https%3A%2F%2Fsecurityforeveryone.com%2Fblog%2Fopenemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643&ti0=OpenEMR%200-day%20Stored%20XSS%20Vulnerability%20(CVE-2022-24643)%20%7C%20Security%20for%20Everyone&re0=1600&re0=1200&o0=landscape-primary&e1=pageview_ping&ci1=6009e733-cd0f-4387-5e64-755bb492cddd&v1=4362e3da-972d-ae5f-1168-33f156583157&p1=a60fd871-d129-19ba-8e3e-5b5f5578d94d&u1=e4f77fdf-d071-784a-0d10-13c75ebfa6ce&c1=89198531&t1=1649256209706&li1=1649256209698&e2=pageview_ping&ci2=6009e733-cd0f-4387-5e64-755bb492cddd&v2=4362e3da-972d-ae5f-1168-33f156583157&p2=a60fd871-d129-19ba-8e3e-5b5f5578d94d&u2=b72dbbf4-7908-082f-d96a-b85fcb91ce0d&c2=89198531&t2=1649256209707&li2=1649256209698 Requested by Host: securityforeveryone.com URL: https://securityforeveryone.com/blog/openemr-0-day-stored-cross-site-scripting-xss-vulnerability-cve-2022-24643 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.215.131.87 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-215-131-87.eu-west-1.compute.amazonaws.com Software / Resource Hash 49059d42ad3423fb9f04b2330cdce035e4d555aa9ea7a7ceae097de0c69be05d Request headers Accept-Language de-DE,de;q=0.9 Referer https://securityforeveryone.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers date Wed, 06 Apr 2022 14:43:32 GMT content-length 37 content-type image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

api.ipify.org

URL

https://api.ipify.org/?format=jsonp&callback=getIP