urlscan.io logo urlscan.io
SecurityTrails logo

www.vaadata.com Open in urlscan Pro
213.186.33.171  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Submission: On September 13 via api from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 7 domains to perform 45 HTTP transactions. The main IP is 213.186.33.171, located in France and belongs to OVH, FR. The main domain is www.vaadata.com.
TLS certificate: Issued by Sectigo RSA Extended Validation Secur... on August 2nd 2019. Valid for: 2 years.
This is the only time www.vaadata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

25    213.186.33.171 (France)

ASN16276 (OVH, FR)
PTR: full-cdn-01.cluster015.hosting.ovh.net
www.vaadata.com
1    2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    163.172.102.120 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-102-120.rev.poneytelecom.eu
api.plezi.co
1    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    51.15.13.14 (Haarlem, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 51-15-13-14.rev.poneytelecom.eu
files.plezi.co
1    147.75.80.95 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16
static.hotjar.com
2    163.172.70.254 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-70-254.rev.poneytelecom.eu
app.plezi.co
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    147.75.84.91 (Parsippany, United States)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress13
script.hotjar.com
1    147.75.102.197 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress11
vars.hotjar.com
1    63.33.1.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-1-59.eu-west-1.compute.amazonaws.com
in.hotjar.com
Domain Requested by
25 www.vaadata.com www.vaadata.com
5 api.plezi.co www.vaadata.com
api.plezi.co
4 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 app.plezi.co www.googletagmanager.com
www.vaadata.com
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.googletagmanager.com
1 files.plezi.co api.plezi.co
1 www.googletagmanager.com www.vaadata.com
1 fonts.googleapis.com www.vaadata.com
45 12
Subject Issuer Validity Valid
www.vaadata.com
Sectigo RSA Extended Validation Secure Server CA		 2019-08-02 -
2021-08-28		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.plezi.co
Gandi Standard SSL CA 2		 2019-05-06 -
2021-05-26		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
files.plezi.co
Let's Encrypt Authority X3		 2020-08-24 -
2020-11-22		 3 months crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-08-16 -
2020-11-14		 3 months crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-08-17 -
2020-11-15		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-08-15 -
2020-11-13		 3 months crt.sh
*.hotjar.com
Amazon		 2020-08-29 -
2021-09-28		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Frame ID: 5B33767F7A6EADEB00085E52FF1DB9A3
Requests: 46 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 23801EBD7F542F504FF9239158E474DF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i

Page Statistics

45
Requests

100 %
HTTPS

38 %
IPv6

7
Domains

12
Subdomains

14
IPs

6
Countries

694 kB
Transfer

1549 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/ 		54 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
5dfa01f5bfccce97be278d48fd522567afd48e13c676bfcccd954f07b1dbe04f

Request headers

:method
GET
:authority
www.vaadata.com
:scheme
https
:path
/blog/hardcoded-secret-leads-to-account-takeover/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Sun, 13 Sep 2020 06:25:32 GMT
content-type
text/html; charset=UTF-8
last-modified
Fri, 11 Sep 2020 07:52:54 GMT
cache-control
max-age=0
expires
Sun, 13 Sep 2020 06:25:32 GMT
vary
Accept-Encoding
x-request-id
584058651
content-encoding
br
x-cdn-pop
rbx1
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Cacheable
accept-ranges
bytes
css
fonts.googleapis.com/ 		21 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26889b582579cb005772ee1452d696d68fffafd25bdd5996a43529973c4bcdee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 13 Sep 2020 06:25:32 GMT
server
ESF
date
Sun, 13 Sep 2020 06:25:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 13 Sep 2020 06:25:32 GMT
style.css
www.vaadata.com/blog/wp-content/themes/contentberg/ 		185 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/style.css?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
d83eed6701628b269f788242d350c53a9ab5a39ef529b47e7901cc26e0b3f50e

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 13:06:39 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
30388
x-request-id
649134240
expires
Wed, 08 Sep 2021 13:06:39 GMT
style.min.css
www.vaadata.com/blog/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/css/dist/block-library/style.min.css?ver=5.5.1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 13:06:39 GMT
content-encoding
br
last-modified
Tue, 01 Sep 2020 22:03:38 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
7390
x-request-id
649134241
expires
Wed, 08 Sep 2021 13:06:39 GMT
style.css
www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/ 		812 B
544 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-vertical/style.css?ver=1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 13:06:39 GMT
content-encoding
br
last-modified
Wed, 02 Sep 2020 22:21:38 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
232
x-request-id
649134242
expires
Wed, 08 Sep 2021 13:06:39 GMT
lightbox.css
www.vaadata.com/blog/wp-content/themes/contentberg/css/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/lightbox.css?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 13:06:39 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1963
x-request-id
649134243
expires
Wed, 08 Sep 2021 13:06:39 GMT
font-awesome.min.css
www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/font-awesome.min.css?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 13:06:39 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
6265
x-request-id
649134244
expires
Wed, 08 Sep 2021 13:06:39 GMT
style.css
www.vaadata.com/blog/wp-content/themes/contentberg-child/ 		204 B
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg-child/style.css?ver=5.5.1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
2e62c54f36fc3c4eb12ea5db0ce0e6c81f0e44c48811f37800937bedefbe47e9

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 13:06:39 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 07:22:24 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
text/css; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
119
x-request-id
649134245
expires
Wed, 08 Sep 2021 13:06:39 GMT
jquery.js
www.vaadata.com/blog/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 09:43:50 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
32734
x-request-id
637501902
expires
Wed, 08 Sep 2021 11:48:25 GMT
frontend.js
www.vaadata.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/ 		232 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/plugins/stop-user-enumeration/frontend/js/frontend.js?ver=1.3.25
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
84f7bdd9d518f244e12254d2dab2827a56fa1c0be95dd685178105518fdd94d2

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 29 Nov 2019 09:36:07 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
121
x-request-id
637501903
expires
Wed, 08 Sep 2021 11:48:25 GMT
scripts
api.plezi.co/api/v1/web_forms/ 		40 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
cf3e78f5b266d63f57984974ab8209db91491d6d1173b8fe8251c4682e109a60

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Runtime
0.020852
Date
Sun, 13 Sep 2020 06:25:33 GMT
Server
nginx/1.10.3
ETag
W/"cf3e78f5b266d63f57984974ab8209db"
Vary
Origin
Content-Type
application/json; charset=utf-8
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
X-Request-Id
514abbd5-2635-4581-9115-7277868ac5b2
X-UA-Compatible
IE=Edge,chrome=1
magnific-popup.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/magnific-popup.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
7031
x-request-id
637501904
expires
Wed, 08 Sep 2021 11:48:25 GMT
jquery.fitvids.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/jquery.fitvids.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
94a82b1a138fa5d52f95bca894904e57a7ba5d89275712792e34c6192aeaddba

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
760
x-request-id
637501905
expires
Wed, 08 Sep 2021 11:48:25 GMT
imagesloaded.min.js
www.vaadata.com/blog/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Wed, 12 Aug 2020 14:39:54 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1727
x-request-id
637501906
expires
Wed, 08 Sep 2021 11:48:25 GMT
object-fit-images.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/object-fit-images.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1298
x-request-id
637501907
expires
Wed, 08 Sep 2021 11:48:25 GMT
theme.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/theme.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
c2b0faa7c4968fb61ab3fda817bedc47c98a7650ed26e424cbb34c8923c1057d

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
12719
x-request-id
637501908
expires
Wed, 08 Sep 2021 11:48:25 GMT
theia-sticky-sidebar.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/theia-sticky-sidebar.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
1737
x-request-id
637501909
expires
Wed, 08 Sep 2021 11:48:25 GMT
jquery.slick.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/jquery.slick.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
9618
x-request-id
637501910
expires
Wed, 08 Sep 2021 11:48:25 GMT
jarallax.js
www.vaadata.com/blog/wp-content/themes/contentberg/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/js/jarallax.js?ver=1.5.0
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
a8680939292053c808260c3dfa05f9257b6940c0da273f26ad3fc969e53f84f3

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4853
x-request-id
637501911
expires
Wed, 08 Sep 2021 11:48:25 GMT
wp-embed.min.js
www.vaadata.com/blog/wp-includes/js/ 		1 KB
995 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-includes/js/wp-embed.min.js?ver=5.5.1
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Thu, 23 Apr 2020 07:08:09 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
669
x-request-id
637501912
expires
Wed, 08 Sep 2021 11:48:25 GMT
lazyload.min.js
www.vaadata.com/blog/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:25 GMT
content-encoding
br
last-modified
Thu, 03 Sep 2020 22:15:29 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=31536000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
2562
x-request-id
637501913
expires
Wed, 08 Sep 2021 11:48:25 GMT
gtm.js
www.googletagmanager.com/ 		123 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
010dbd6b50c8a4d96c4f4474f576b175806a6d6a7842026fc6d5fee43876fb63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 06:25:33 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44206
x-xss-protection
0
last-modified
Sun, 13 Sep 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 13 Sep 2020 06:25:33 GMT
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
221df4eb53ffff5f1205cb5d06f6fd82f40d2dba1eb7ae0818b0e2f5d9a61f74

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f723231b1a6583adfb3540ce455ae45e18842b72b377e18069691f5e5e947b3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOjCneDtsqEr0keqCMhbCc6CsTYl4BO.woff2
fonts.gstatic.com/s/ubuntumono/v10/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntumono/v10/KFOjCneDtsqEr0keqCMhbCc6CsTYl4BO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3268fe4c9e41569f32915d6dfd564ed9fbadc7d04783bce8c396f4f5d6760218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 09:50:05 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:42:13 GMT
server
sffe
age
419728
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11952
x-xss-protection
0
expires
Wed, 08 Sep 2021 09:50:05 GMT
bg_header_blog.jpg
www.vaadata.com/blog/wp-content/uploads/2019/11/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/uploads/2019/11/bg_header_blog.jpg
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
54cdd844398c2a8e1971177ef3ac0d9ce1ad2e571abaaa72118b7f055423c3bb

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:26 GMT
last-modified
Tue, 26 Nov 2019 13:14:26 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
229968
x-request-id
637501914
expires
Wed, 06 Jan 2021 11:48:26 GMT
fontawesome-webfont.woff2
www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/font-awesome.min.css?ver=1.5.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin
https://www.vaadata.com
Referer
https://www.vaadata.com/blog/wp-content/themes/contentberg/css/fontawesome/css/font-awesome.min.css?ver=1.5.0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 13:28:48 GMT
last-modified
Fri, 25 Oct 2019 10:22:06 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
status
200
cache-control
max-age=2592000
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
71896
x-request-id
578192405
expires
Thu, 08 Oct 2020 13:28:48 GMT
KFO-CneDtsqEr0keqCMhbC-BL9H1tY1keXO0.woff2
fonts.gstatic.com/s/ubuntumono/v10/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntumono/v10/KFO-CneDtsqEr0keqCMhbC-BL9H1tY1keXO0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a021cbdbc297ba45d8cc18f88d585ae95de222cc196c3178092277446e2e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 09:42:23 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 04:32:20 GMT
server
sffe
age
420190
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11760
x-xss-protection
0
expires
Wed, 08 Sep 2021 09:42:23 GMT
nKKU-Go6G5tXcr4uPhWnVaFrNlJz.woff2
fonts.gstatic.com/s/kanit/v7/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr4uPhWnVaFrNlJz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58f9ed8694ac4d0956a3490c73a8e49a328925d116af2de017ca81da9ae881e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 14:23:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:19:30 GMT
server
sffe
age
403317
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10252
x-xss-protection
0
expires
Wed, 08 Sep 2021 14:23:36 GMT
nKKZ-Go6G5tXcraVGwCKd6xB.woff2
fonts.gstatic.com/s/kanit/v7/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraVGwCKd6xB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8ec3d8ae26b96c75fe42bfac331be8933084cfc66062136126e5b20a2d05dc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.vaadata.com
Referer
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%2C700%7CPT%20Serif%3A400%2C400i%2C600%7CIBM%20Plex%20Serif%3A500%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CUbuntu%20Mono%3A400%7CUbuntu%20Mono%3A600%7CUbuntu%20Mono%3A700%7CKanit%3A400%7CKanit%3A600%7CKanit%3A700&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 10:30:44 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Sep 2020 05:36:45 GMT
server
sffe
age
417289
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10472
x-xss-protection
0
expires
Wed, 08 Sep 2021 10:30:44 GMT
form-en
files.plezi.co/p/5e667155e317a753730829e1/content_web_forms/5e7ddeced59cbc3560d055f1/html_files/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://files.plezi.co/p/5e667155e317a753730829e1/content_web_forms/5e7ddeced59cbc3560d055f1/html_files/form-en?_=1599978333467
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.13.14 Haarlem, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-13-14.rev.poneytelecom.eu
Software
nginx /
Resource Hash
2960d6102fa2e4510b08dd5304a4e2140c48153ddcc7af605511f9ded363ba37

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Sep 2020 06:25:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Sep 2020 07:35:50 GMT
Server
nginx
ETag
W/"5f55e2d6-1546"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,Content-Range
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
logo_vaadata_web.png
www.vaadata.com/blog/wp-content/uploads/2019/10/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/uploads/2019/10/logo_vaadata_web.png
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
e51c68893bd6fd3cf5dac09a78c555a29515ee359f3f39be7f11579199aa8bd1

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:26 GMT
last-modified
Fri, 25 Oct 2019 10:36:47 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4183
x-request-id
637501915
expires
Wed, 06 Jan 2021 11:48:26 GMT
Pancake-300x157.jpg
www.vaadata.com/blog/wp-content/uploads/2020/09/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/uploads/2020/09/Pancake-300x157.jpg
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
a45a0a1007db11f84f3aa862fb4a22daa299c94ea5a1345f840d4e0caf74fee8

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 07:52:49 GMT
last-modified
Tue, 08 Sep 2020 15:23:03 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/jpeg
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
6112
x-request-id
261457987
expires
Fri, 08 Jan 2021 07:52:49 GMT
en.png
www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 		600 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:26 GMT
last-modified
Wed, 02 Sep 2020 22:21:34 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
600
x-request-id
637501916
expires
Wed, 06 Jan 2021 11:48:26 GMT
fr.png
www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 		268 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vaadata.com/blog/wp-content/plugins/sitepress-multilingual-cms/res/flags/fr.png
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.186.33.171 , France, ASN16276 (OVH, FR),
Reverse DNS
full-cdn-01.cluster015.hosting.ovh.net
Software
/
Resource Hash
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 11:48:26 GMT
last-modified
Wed, 02 Sep 2020 22:21:34 GMT
x-cdn-pop-ip
51.254.41.192/26
x-cacheable
Matched cache
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=10368000, public
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
268
x-request-id
637501917
expires
Wed, 06 Jan 2021 11:48:26 GMT
hotjar-1662220.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1662220.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.80.95 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress16
Software
/
Resource Hash
ae5a720441f8025d4c414a1ff58f6f63f9e42454a4bb9c6b57f9cd7a132161c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 06:25:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjarjs
age
0
status
200
section-io-cache
Miss
vary
Accept-Encoding
content-length
1745
cache-control
max-age=60
etag
W/bdb989514b2b1aa575f2880792ea3f15
access-control-max-age
600
section-io-origin-status
304
access-control-allow-origin
*
x-cache-hit
1
section-io-origin-time-seconds
0.020
accept-ranges
bytes
section-io-id
e8b6a16a959be627c51d5994024ba34e
section-origin-responded
true
ossleads_analytics.js
app.plezi.co/scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.plezi.co/scripts/ossleads_analytics.js?tenant=5e667155e317a753730829e1&tw=5e667158e317a75373082a91
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.70.254 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-70-254.rev.poneytelecom.eu
Software
nginx/1.15.3 /
Resource Hash
ac24ae0f0304a842d015e37e2191a4aa5e31dda6f172a64d8f4bc1a569d27c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime
0.019741
date
Sun, 13 Sep 2020 06:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.15.3
etag
W/"ea82cfa66c63e62ce2bbc4ed7acc9ee9"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0, private, must-revalidate
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
901faea2-99df-4ac8-917e-b0343507e3f0
x-ua-compatible
IE=Edge,chrome=1
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLGTLWC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
4193
date
Sun, 13 Sep 2020 05:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Sun, 13 Sep 2020 07:15:40 GMT
collect
www.google-analytics.com/j/ 		1 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&aip=1&a=103983704&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vaadata.com%2Fblog%2Fhardcoded-secret-leads-to-account-takeover%2F&ul=en-us&de=UTF-8&dt=Pancake%20hardcoded%20secret%20leads%20to%20account%20takeover&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1046556031&gjid=385801053&cid=578004815.1599978334&tid=UA-31545818-3&_gid=264086271.1599978334&_r=1&gtm=2wg920NLGTLWC&z=1273975112
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 13 Sep 2020 06:25:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.vaadata.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
form_config
api.plezi.co/api/v1/web_forms/scripts/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/api/v1/web_forms/scripts/form_config
Protocol
HTTP/1.1
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.vaadata.com
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.10.3
Date
Sun, 13 Sep 2020 06:25:33 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Access-Control-Expose-Headers
Access-Control-Max-Age
1728000
Access-Control-Allow-Headers
content-type
X-UA-Compatible
IE=Edge,chrome=1
form_config
api.plezi.co/api/v1/web_forms/scripts/ 		81 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/api/v1/web_forms/scripts/form_config
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
073f2aa0f92ac5c1df438281179dcb7db59c217b7435a26c12595b91d558355d

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

X-Runtime
0.225804
Date
Sun, 13 Sep 2020 06:25:33 GMT
Server
nginx/1.10.3
ETag
W/"073f2aa0f92ac5c1df438281179dcb7d"
Vary
Origin
Access-Control-Allow-Methods
GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
Transfer-Encoding
chunked
Access-Control-Max-Age
1728000
Connection
keep-alive
X-Request-Id
b04f2ce0-8fcd-4c70-935c-d8f6620518fa
X-UA-Compatible
IE=Edge,chrome=1
modules.8ee8cc2007768327a36f.js
script.hotjar.com/ 		360 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.8ee8cc2007768327a36f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1662220.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.91 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress13
Software
/
Resource Hash
e27356012307cbbb467b5fa1310a74a7b2b9a0a05b32bc950e63f64d59457e4b

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 06:25:33 GMT
content-encoding
br
age
4603
status
200
section-io-cache
Hit
content-length
71735
last-modified
Fri, 11 Sep 2020 13:16:37 GMT
etag
"35fa3521cc9f97992b3f310d81685df2"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.103
section-io-id
9d51a7c2225d7fa78c0266c88efe81f0
accept-ranges
bytes
content-type
application/javascript
section-origin-responded
true
create_hit
app.plezi.co/analytics/ 		43 B
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.plezi.co/analytics/create_hit?key_hit=5e667155e317a753730829e1-1599978333-185.217.171.12&hit=true&tenant=5e667155e317a753730829e1&tw=5e667158e317a75373082a91&referer=&visitor=7517692839071486159997833346767163&visit=5697554122519284159997833346652311&title=Pancake%20hardcoded%20secret%20leads%20to%20account%20takeover&tracking_version=3&gclid=&utm_source=&utm_medium=&utm_term=&utm_content=&utm_campaign=&cid=&utm_plz_email_id=
Requested by
Host: www.vaadata.com
URL: https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.70.254 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-70-254.rev.poneytelecom.eu
Software
nginx/1.15.3 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 06:25:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
dc3d58da-87d2-4db9-a3d8-2af5e255b98c
x-ua-compatible
IE=Edge,chrome=1
x-runtime
0.029206
server
nginx/1.15.3
x-frame-options
SAMEORIGIN
etag
W/"07fff40b5dd495aca2ac4e1c3fbc60aa"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 2380 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1662220.js?sv=7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.102.197 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress11
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/

Response headers

status
200
date
Sun, 13 Sep 2020 06:25:33 GMT
content-type
text/html
content-length
851
last-modified
Mon, 17 Aug 2020 18:24:17 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.045
section-origin-responded
true
age
2263477
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
f865d341f6a8c5946872f4e81c6ca408
visit-data
in.hotjar.com/api/v2/client/sites/1662220/ 		178 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1662220/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8ee8cc2007768327a36f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.1.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-1-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Sun, 13 Sep 2020 06:25:33 GMT
content-encoding
br
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
access-control-allow-credentials
true
disposable_emails.js
api.plezi.co/web_forms/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/web_forms/disposable_emails.js
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
572f521fbff37d72209638d9f7b3a967fe185d6bea1a8807d35abc35a8798f05

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Sep 2020 06:25:33 GMT
Last-Modified
Thu, 10 Sep 2020 12:16:31 GMT
Server
nginx/1.10.3
ETag
"5f5a191f-2672"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9842
X-UA-Compatible
IE=Edge,chrome=1
validate.min.js
api.plezi.co/web_forms/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.plezi.co/web_forms/validate.min.js
Requested by
Host: api.plezi.co
URL: https://api.plezi.co/api/v1/web_forms/scripts?tenant_id=5e667155e317a753730829e1&form_id=5e667158e317a75373082a8f&form_version=3&content_web_form_id=5e7ddeced59cbc3560d055f1&plz_lang=en
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.172.102.120 , France, ASN12876 (Online SAS, FR),
Reverse DNS
163-172-102-120.rev.poneytelecom.eu
Software
nginx/1.10.3 /
Resource Hash
2fb6f1a14208e969b14b6f7f40b947c6288bd66501f250e9de815628f2c21ebf

Request headers

Referer
https://www.vaadata.com/blog/hardcoded-secret-leads-to-account-takeover/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 13 Sep 2020 06:25:33 GMT
Last-Modified
Thu, 10 Sep 2020 12:16:31 GMT
Server
nginx/1.10.3
ETag
"5f5a191f-3908"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14600
X-UA-Compatible
IE=Edge,chrome=1

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer object| Sphere_Plugin undefined| $ function| jQuery function| EvEmitter function| imagesLoaded function| objectFitImages object| Bunyad object| Bunyad_Theme object| Bunyad_Share_Float object| Bunyad_Pagination function| jarallax object| wp object| lazyLoadOptions object| jQuery112407797456171215897 function| LazyLoad object| google_tag_manager object| i18n_calendar object| i18nValidations object| mitch_form object| mitchFormDocCookies function| mitchFormUniqueID function| mitchFormGetParameterByName object| cookieVisitor object| cookieVisit string| visit string| visitor string| baseDomain boolean| secure function| escapeRegex function| mitchFormIncludes function| mitchFormXHR function| mitchFormGetHTML function| createElementsFromHTML function| fetchForm function| initForm function| selectInputsSetup function| fetchFormConfig function| setupForm function| mimicJsonform function| jsFieldsSetup function| fetchDisposableEmails function| dateValidationSetup function| disposableEmailsValidationSetup function| lengthValidationSetup function| formatContainsValidationSetup function| formatNotContainsValidationSetup function| requiredValidationSetup function| emailValidationSetup function| urlValidationSetup function| numericalityValidationSetup function| translateMessage function| validationSetup function| validateMultipleSelect function| errorPrefix function| validateForm function| execute function| fillFormField function| smartFill object| 5e667158e317a75373082a8f function| hj object| _hjSettings undefined| cookie_consent_set string| cookie_consent_performance object| elConsentPerformance object| elConsentSave object| google_tag_data string| GoogleAnalyticsObject function| ga function| fadeOut object| cookie_bar object| container string| lang_page object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| tw string| tenant number| trackingVersion string| trackingId string| hit object| docCookies function| queryString function| getUniqueID function| generateUUID function| imgCreate function| createPixel function| extractHostname function| getDomain object| lastChild string| disposableEmailsRegex function| validate object| formats object| constraint

10 Cookies

Domain/Path Name / Value
www.vaadata.com/ Name: _hjIncludedInPageviewSample
Value: 1
.vaadata.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.vaadata.com/ Name: _hjTLDTest
Value: 1
.vaadata.com/ Name: _gat_UA-31545818-3
Value: 1
.vaadata.com/ Name: _hjid
Value: 226a6270-e0a5-4a77-9333-66a82606d8cb
.vaadata.com/ Name: _gid
Value: GA1.2.264086271.1599978334
.vaadata.com/ Name: _ga
Value: GA1.2.578004815.1599978334
.www.vaadata.com/ Name: cookie_consent_performance
Value: 1
.vaadata.com/ Name: visitor
Value: 7517692839071486159997833346767163---5e667155e317a753730829e1
.vaadata.com/ Name: visit
Value: 5697554122519284159997833346652311

1 Console Messages

Source Level URL
Text
console-api log URL: https://app.plezi.co/scripts/ossleads_analytics.js?tenant=5e667155e317a753730829e1&tw=5e667158e317a75373082a91(Line 115)
Message:
vaadata.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.plezi.co
app.plezi.co
files.plezi.co
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
script.hotjar.com
static.hotjar.com
vars.hotjar.com
www.google-analytics.com
www.googletagmanager.com
www.vaadata.com
147.75.102.197
147.75.80.95
147.75.84.91
163.172.102.120
163.172.70.254
213.186.33.171
2a00:1450:4001:814::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
51.15.13.14
63.33.1.59
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
010dbd6b50c8a4d96c4f4474f576b175806a6d6a7842026fc6d5fee43876fb63
073f2aa0f92ac5c1df438281179dcb7db59c217b7435a26c12595b91d558355d
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
221df4eb53ffff5f1205cb5d06f6fd82f40d2dba1eb7ae0818b0e2f5d9a61f74
26889b582579cb005772ee1452d696d68fffafd25bdd5996a43529973c4bcdee
287e1b30ad2973257cbb28a7e07b6715a1cebc74f796c4948e4fcecc4ab9cc6c
2960d6102fa2e4510b08dd5304a4e2140c48153ddcc7af605511f9ded363ba37
29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476
2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee
2e62c54f36fc3c4eb12ea5db0ce0e6c81f0e44c48811f37800937bedefbe47e9
2fb6f1a14208e969b14b6f7f40b947c6288bd66501f250e9de815628f2c21ebf
3268fe4c9e41569f32915d6dfd564ed9fbadc7d04783bce8c396f4f5d6760218
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
54cdd844398c2a8e1971177ef3ac0d9ce1ad2e571abaaa72118b7f055423c3bb
572f521fbff37d72209638d9f7b3a967fe185d6bea1a8807d35abc35a8798f05
58f9ed8694ac4d0956a3490c73a8e49a328925d116af2de017ca81da9ae881e1
5dfa01f5bfccce97be278d48fd522567afd48e13c676bfcccd954f07b1dbe04f
6154d5f7f6961e042d013bab33fd02b691970d873f44f3c32d8fcc6e79ef5bcd
652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
84f7bdd9d518f244e12254d2dab2827a56fa1c0be95dd685178105518fdd94d2
8c2fded8e3119fcb15699d6752e3834a4b20ba353ca20f0842419c466f2dc97b
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8f723231b1a6583adfb3540ce455ae45e18842b72b377e18069691f5e5e947b3
94a82b1a138fa5d52f95bca894904e57a7ba5d89275712792e34c6192aeaddba
9a021cbdbc297ba45d8cc18f88d585ae95de222cc196c3178092277446e2e467
9c86c0c02ccb446b1a50d0282f4d9715e45670be443c4c3f666c263601e36274
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a45a0a1007db11f84f3aa862fb4a22daa299c94ea5a1345f840d4e0caf74fee8
a8680939292053c808260c3dfa05f9257b6940c0da273f26ad3fc969e53f84f3
ac24ae0f0304a842d015e37e2191a4aa5e31dda6f172a64d8f4bc1a569d27c28
ae5a720441f8025d4c414a1ff58f6f63f9e42454a4bb9c6b57f9cd7a132161c0
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b8ec3d8ae26b96c75fe42bfac331be8933084cfc66062136126e5b20a2d05dc6
c2b0faa7c4968fb61ab3fda817bedc47c98a7650ed26e424cbb34c8923c1057d
cf3e78f5b266d63f57984974ab8209db91491d6d1173b8fe8251c4682e109a60
d83eed6701628b269f788242d350c53a9ab5a39ef529b47e7901cc26e0b3f50e
e27356012307cbbb467b5fa1310a74a7b2b9a0a05b32bc950e63f64d59457e4b
e51c68893bd6fd3cf5dac09a78c555a29515ee359f3f39be7f11579199aa8bd1
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869