urlscan.io logo urlscan.io
SecurityTrails logo

bounty-team.github.io Open in urlscan Pro
185.199.110.153  Public Scan

Go To Rescan Add Verdict Report
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Submission: On April 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 31 HTTP transactions. The main IP is 185.199.110.153, located in United States and belongs to FASTLY, US. The main domain is bounty-team.github.io.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on May 6th 2020. Valid for: 2 years.
This is the only time bounty-team.github.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 185.199.110.153 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a09:7:1000:f... 24013 (SB SB Pro...)
4 2a00:1450:400... 15169 (GOOGLE)
31 4
Domain Requested by
17 bounty-team.github.io bounty-team.github.io
9 i.loli.net bounty-team.github.io
4 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com bounty-team.github.io
31 4

This site contains links to these domains. Also see Links.

Domain
i.loli.net
Subject Issuer Validity Valid
www.github.com
DigiCert SHA2 High Assurance Server CA		 2020-05-06 -
2022-04-14		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.loli.net
AlphaSSL CA - SHA256 - G2		 2020-10-27 -
2021-11-28		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Frame ID: CE4C13A4D7A63D71063257C4149CF2E4
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/[^/]+\.github\.io\//i
  • headers server /^GitHub\.com$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

31
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1699 kB
Transfer

1897 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/ 		24 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
748fbd0f411ee066a3738e346fbca5f9044166df0486fef696fcda94bde56460
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:method
GET
:authority
bounty-team.github.io
:scheme
https
:path
/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
GitHub.com
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31556952
last-modified
Fri, 16 Apr 2021 08:51:23 GMT
access-control-allow-origin
*
etag
W/"6079500b-6120"
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
content-encoding
gzip
x-proxy-cache
MISS
x-github-request-id
3F6E:CE41:2D9215:2FBBC5:60798CF2
accept-ranges
bytes
date
Fri, 16 Apr 2021 13:14:25 GMT
via
1.1 varnish
age
0
x-served-by
cache-fra19179-FRA
x-cache
HIT
x-cache-hits
1
x-timer
S1618578866.878235,VS0,VE87
vary
Accept-Encoding
x-fastly-request-id
309d31182351d937c93ff4e7e52730ce0564957b
content-length
6091
jquery.fancybox.css
bounty-team.github.io/assets/lib/fancybox/source/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/fancybox/source/jquery.fancybox.css?v=2.1.5
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/fancybox/source/jquery.fancybox.css?v=2.1.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
e2caf6ef707d7463c424a6e6d5dd5d282535aaa0
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-131f"
age
0
x-cache
MISS
content-length
1434
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
FDAA:1331E:1924:39BA:60798CF2
x-timer
S1618578866.004673,VS0,VE87
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
css
fonts.googleapis.com/ 		4 KB
594 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85294902ee0519eec70df5ab51a6c3641e9ced2bf670e537910bb9b30af3f9d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 13:14:25 GMT
server
ESF
date
Fri, 16 Apr 2021 13:14:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Apr 2021 13:14:25 GMT
font-awesome.min.css
bounty-team.github.io/assets/lib/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/font-awesome/css/font-awesome.min.css?v=4.6.2
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/font-awesome/css/font-awesome.min.css?v=4.6.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
3ad6930a1082fdd514ef1f46188dbbb04d2f8351
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-7918"
age
0
x-cache
MISS
content-length
7102
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
9D9E:2A89:62CB68:65CEAF:60798CF2
x-timer
S1618578866.004786,VS0,VE87
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
main.css
bounty-team.github.io/assets/css/ 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/css/main.css?v=5.1.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
eb8c1a85e23b4d5d63ce5b8398cbec0f4074f8908c34a519ddb30f4f32d6bcc0
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/css/main.css?v=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
eef61becb323db4f7eeea65c52153586356a47c5
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"6079500b-9c0e"
age
0
x-cache
MISS
content-length
8590
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:23 GMT
server
GitHub.com
x-github-request-id
5496:2FA9:2B6E41:2D944B:60798CF2
x-timer
S1618578866.005013,VS0,VE87
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
4zsAGyPtZ3FvuoJ.jpg
i.loli.net/2021/04/16/ 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/4zsAGyPtZ3FvuoJ.jpg
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
26a115fccd96f07b85721a72b9ae19111cbc777c7a7fbcaf9a18a0ff22ff3a62
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
66681
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 02:54:02 GMT
server
nginx
etag
"6078fc4a-10479"
vary
Accept
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
Q2gWJoDEep1GvLl.png
i.loli.net/2021/04/16/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/Q2gWJoDEep1GvLl.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
6023142d3e267b951dc6ff4015444c5289fe9cac2682f75dae3f3f7aaa9bc14e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
233913
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 02:58:56 GMT
server
nginx
etag
"6078fd70-391b9"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
pGFbtshWMrOwkD4.png
i.loli.net/2021/04/16/ 		222 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/pGFbtshWMrOwkD4.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
2738c16d3636be482b6413a892dbbcae8f7aa95c9324cce7230ee75b9298ab0c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
227791
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 03:01:33 GMT
server
nginx
etag
"6078fe0d-379cf"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
QDnNwlmXkGCsfbh.png
i.loli.net/2021/04/16/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/QDnNwlmXkGCsfbh.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
c08322b04aae3e3778eab86e6d8dffb3e2663ad3eeb75dc6cd7a879f51d549d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
43866
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 03:10:57 GMT
server
nginx
etag
"60790041-ab5a"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
7cBHrOGqnuxp6vP.png
i.loli.net/2021/04/16/ 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/7cBHrOGqnuxp6vP.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
515d72aeef6b85b9b5cd8fe4e17c9c9b8f3b629c15c8258a71b64fa1485bcd99
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
244436
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 03:13:03 GMT
server
nginx
etag
"607900bf-3bad4"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
PWsikCrMuR7Qqtf.png
i.loli.net/2021/04/16/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/PWsikCrMuR7Qqtf.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
702a34908406dd8d19adb40a3b6d3f018a089d52fcccd9b281f63d856a067505
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
111612
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 03:14:57 GMT
server
nginx
etag
"60790131-1b3fc"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
NRTyms6qnYxJDGV.png
i.loli.net/2021/04/16/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/NRTyms6qnYxJDGV.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
cff529d7720ee0f33c0149176099fec19b826ce368d15c12dd0bce55229480d6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
11589
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 03:16:37 GMT
server
nginx
etag
"60790195-2d45"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
YefKUtEmcSPCAFo.png
i.loli.net/2021/04/16/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/YefKUtEmcSPCAFo.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
feed2250bfa70b6fdf452932a739a64f8dd36e972b701d9129ba43284dcaef58
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
223776
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 03:18:12 GMT
server
nginx
etag
"607901f4-36a20"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
AoHsbENrXtY7ZeV.png
i.loli.net/2021/04/16/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.loli.net/2021/04/16/AoHsbENrXtY7ZeV.png
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a09:7:1000:ffff:ffff:ffff:ffff:babe , Estonia, ASN24013 (SB SB Professional Services, SB),
Reverse DNS
Software
nginx /
Resource Hash
bcdd23b8f7b0b3ec971b11c548c0aa268abe18100271aa942049ac44fa0436d4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bounty-team.github.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cdn-server
cdn-fra
date
Fri, 16 Apr 2021 13:14:26 GMT
x-content-type-options
nosniff
x-cdn-cache
HIT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
301060
x-xss-protection
1; mode=block
last-modified
Fri, 16 Apr 2021 03:20:45 GMT
server
nginx
etag
"6079028d-49804"
vary
Accept
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
avatar.gif
bounty-team.github.io/assets/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bounty-team.github.io/assets/images/avatar.gif
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
2d72c345b24c837e0eb8208e3f252e4601ddd0486676d67258034120df9d3441
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/images/avatar.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
dc86cfd32006fca422b38dad62dfcb00d771844a
strict-transport-security
max-age=31556952
via
1.1 varnish
etag
"60795004-b6e"
age
0
x-cache
MISS
content-length
2926
x-served-by
cache-fra19179-FRA
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
D126:A32C:2A6507:2C817E:60798CF2
x-timer
S1618578866.276675,VS0,VE84
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
index.js
bounty-team.github.io/assets/lib/jquery/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/jquery/index.js?v=2.1.3
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/jquery/index.js?v=2.1.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
8692fc313079aa661c261006097fa05a58e80694
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-14960"
age
0
x-cache
MISS
content-length
29774
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
B2AA:B6CF:B7B2E:CFCF2:60798CF2
x-timer
S1618578866.125805,VS0,VE87
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
fastclick.min.js
bounty-team.github.io/assets/lib/fastclick/lib/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/fastclick/lib/fastclick.min.js?v=1.0.6
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
b7a4abaaf4d098aa06822e4b3a5d00532fa5051b48bc427efbea4b02c7c08d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/fastclick/lib/fastclick.min.js?v=1.0.6
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
dec05fd894ee1dbbd3864888292bbd9fc224626b
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-1e77"
age
0
x-cache
MISS
content-length
2481
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
F348:A32B:CBBE8:E6285:60798CF2
x-timer
S1618578866.133718,VS0,VE88
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
jquery.lazyload.js
bounty-team.github.io/assets/lib/jquery_lazyload/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
404a5028c8a4aae3f0165e3997e57921de98294731c9d1dc0656808b9ed51963
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
1bd8497f7db9ce36dbef81327f7ee6956dd264f4
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-2362"
age
0
x-cache
MISS
content-length
2326
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
4B3A:2FAA:5DE8B3:60D58E:60798CF2
x-timer
S1618578866.133706,VS0,VE88
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
velocity.min.js
bounty-team.github.io/assets/lib/velocity/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/velocity/velocity.min.js?v=1.2.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
5ce92f10d0930e0b3dce3467b111db4228ec429e3944a01b6fcc2c311dd572c4
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/velocity/velocity.min.js?v=1.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
a09062e057e07eb361c91bbd0a45acf4a38ee9c0
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-8828"
age
0
x-cache
MISS
content-length
12447
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
B286:C08C:5E39BF:612CD1:60798CF2
x-timer
S1618578866.133707,VS0,VE86
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
velocity.ui.min.js
bounty-team.github.io/assets/lib/velocity/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/velocity/velocity.ui.min.js?v=1.2.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
c03012ba89bab46d98f7b14426e654f0658b3a92ea791e168323ade367025fd8
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/velocity/velocity.ui.min.js?v=1.2.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
5f4858cf5281bf62aca2dc59a8a120d89f9fef01
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-33c9"
age
0
x-cache
MISS
content-length
2948
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
5374:2FAA:5DE8B3:60D58F:60798CF2
x-timer
S1618578866.133692,VS0,VE84
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
jquery.fancybox.pack.js
bounty-team.github.io/assets/lib/fancybox/source/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/fancybox/source/jquery.fancybox.pack.js?v=2.1.5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
1e2c9c9ca6c6288af37ac41b3af885a409d47db8
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-5a5f"
age
0
x-cache
MISS
content-length
8651
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
F4A6:023A:609B1B:6394D0:60798CF2
x-timer
S1618578866.133664,VS0,VE87
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
utils.js
bounty-team.github.io/assets/js/src/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/js/src/utils.js?v=5.1.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
b27d376f534dbef3fa1db19935c250bc3b98725a93cfd4b03df015c6d81d6ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/js/src/utils.js?v=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
1da0a5694ee4f6c40b028c4f441291f7bd89e027
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-1ade"
age
0
x-cache
MISS
content-length
2610
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
5496:2FA9:2B6E45:2D9450:60798CF2
x-timer
S1618578866.254218,VS0,VE83
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
motion.js
bounty-team.github.io/assets/js/src/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/js/src/motion.js?v=5.1.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
b952505349513c0fc437f506b8002760498538b2224bbf64fc4a0e0dbf4278af
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/js/src/motion.js?v=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
87365c3bcc35ec9c1810f4abe54b3a7b5d4d0873
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-1e91"
age
0
x-cache
MISS
content-length
2187
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
565E:0C43:2BD935:2DFB66:60798CF2
x-timer
S1618578866.254360,VS0,VE87
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
scrollspy.js
bounty-team.github.io/assets/js/src/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/js/src/scrollspy.js?v=5.1.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
f3746feed6b605ddf0ebe85ab4de0edb1c88651db6c199c31a4b4399b7566f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/js/src/scrollspy.js?v=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
c3492bbbb90dcd9234b760d50b0a5ecf17b80d7f
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-1351"
age
0
x-cache
MISS
content-length
1622
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
2D44:13322:B561F:B96A1:60798CF2
x-timer
S1618578866.254357,VS0,VE88
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
0
post-details.js
bounty-team.github.io/assets/js/src/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/js/src/post-details.js?v=5.1.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
19a8aeda4faad239eafb3a860f11a70a2f47e089d194551a68ca7cdf490e09f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/js/src/post-details.js?v=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
0317efe85535c549743d73a512bb726b903e9a61
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-110f"
age
0
x-cache
MISS
content-length
1465
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
2700:0C44:5DEA8F:60DB59:60798CF2
x-timer
S1618578866.254341,VS0,VE89
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
bootstrap.js
bounty-team.github.io/assets/js/src/ 		1 KB
789 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/js/src/bootstrap.js?v=5.1.1
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
ec9e032e1abc34d6008fd22130241b2caef7e600db3513ecb9c547652be10764
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/js/src/bootstrap.js?v=5.1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bounty-team.github.io/vulnerability%20analysis/2021/04/16/CVE-2021-21220/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
306bfe988743e82b0c70803f9739940218475a46
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"60795004-4dd"
age
0
x-cache
MISS
content-length
561
x-served-by
cache-fra19179-FRA
access-control-allow-origin
*
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
A76C:12500:5E4CAC:613FF7:60798CF2
x-timer
S1618578866.254443,VS0,VE87
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Fri, 16 Apr 2021 13:21:14 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bounty-team.github.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
126684
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
fontawesome-webfont.woff2
bounty-team.github.io/assets/lib/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bounty-team.github.io/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: bounty-team.github.io
URL: https://bounty-team.github.io/assets/lib/font-awesome/css/font-awesome.min.css?v=4.6.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

:path
/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
origin
https://bounty-team.github.io
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
bounty-team.github.io
referer
https://bounty-team.github.io/assets/lib/font-awesome/css/font-awesome.min.css?v=4.6.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://bounty-team.github.io
Referer
https://bounty-team.github.io/assets/lib/font-awesome/css/font-awesome.min.css?v=4.6.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
f23520c6176179f2f7b2d39c63466296109a30a1
strict-transport-security
max-age=31556952
via
1.1 varnish
etag
"60795004-12d68"
age
0
x-cache
MISS
content-length
77160
x-served-by
cache-fra19179-FRA
last-modified
Fri, 16 Apr 2021 08:51:16 GMT
server
GitHub.com
x-github-request-id
63BC:C08A:BCC7F:D70EE:60798DB2
x-timer
S1618578866.143411,VS0,VE86
date
Fri, 16 Apr 2021 13:14:26 GMT
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
expires
Fri, 16 Apr 2021 13:24:26 GMT
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
x-cache-hits
0
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v17/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bounty-team.github.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:34 GMT
server
sffe
age
443448
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24428
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v17/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bounty-team.github.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:06 GMT
server
sffe
age
126684
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24440
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:03:02 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300italic,400,400italic,700,700italic&subset=latin,latin-ext
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bounty-team.github.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 00:07:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
133588
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Fri, 15 Apr 2022 00:07:58 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| NexT object| CONFIG function| $ function| jQuery function| FastClick

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bounty-team.github.io
fonts.googleapis.com
fonts.gstatic.com
i.loli.net
185.199.110.153
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2003
2a09:7:1000:ffff:ffff:ffff:ffff:babe
19a8aeda4faad239eafb3a860f11a70a2f47e089d194551a68ca7cdf490e09f9
26a115fccd96f07b85721a72b9ae19111cbc777c7a7fbcaf9a18a0ff22ff3a62
2738c16d3636be482b6413a892dbbcae8f7aa95c9324cce7230ee75b9298ab0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d72c345b24c837e0eb8208e3f252e4601ddd0486676d67258034120df9d3441
404a5028c8a4aae3f0165e3997e57921de98294731c9d1dc0656808b9ed51963
515d72aeef6b85b9b5cd8fe4e17c9c9b8f3b629c15c8258a71b64fa1485bcd99
5ce92f10d0930e0b3dce3467b111db4228ec429e3944a01b6fcc2c311dd572c4
6023142d3e267b951dc6ff4015444c5289fe9cac2682f75dae3f3f7aaa9bc14e
702a34908406dd8d19adb40a3b6d3f018a089d52fcccd9b281f63d856a067505
748fbd0f411ee066a3738e346fbca5f9044166df0486fef696fcda94bde56460
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85294902ee0519eec70df5ab51a6c3641e9ced2bf670e537910bb9b30af3f9d4
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
968a8e56e4adaf8c135199ebd7f6cc065424ca45974d4dfbeb5607e69fe72fcd
b27d376f534dbef3fa1db19935c250bc3b98725a93cfd4b03df015c6d81d6ef8
b7a4abaaf4d098aa06822e4b3a5d00532fa5051b48bc427efbea4b02c7c08d6b
b952505349513c0fc437f506b8002760498538b2224bbf64fc4a0e0dbf4278af
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcdd23b8f7b0b3ec971b11c548c0aa268abe18100271aa942049ac44fa0436d4
c03012ba89bab46d98f7b14426e654f0658b3a92ea791e168323ade367025fd8
c08322b04aae3e3778eab86e6d8dffb3e2663ad3eeb75dc6cd7a879f51d549d6
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
cff529d7720ee0f33c0149176099fec19b826ce368d15c12dd0bce55229480d6
eb8c1a85e23b4d5d63ce5b8398cbec0f4074f8908c34a519ddb30f4f32d6bcc0
ec9e032e1abc34d6008fd22130241b2caef7e600db3513ecb9c547652be10764
f3746feed6b605ddf0ebe85ab4de0edb1c88651db6c199c31a4b4399b7566f6d
feed2250bfa70b6fdf452932a739a64f8dd36e972b701d9129ba43284dcaef58