www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/9YB7V4F4zp
Effective URL:
https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-dat...
Submission: On September 12 via api (September 12th 2018, 11:04:30 am UTC) from US

Summary HTTP 116 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 26 domains to perform 116 HTTP transactions. The main IP is 45.60.76.225, located in Redwood City, United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.imperva.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on June 4th 2018. Valid for: 2 years.

This is the only time www.imperva.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 1	67.199.248.10 67.199.248.10	395224 (BITLY-AS) (BITLY-AS - Bitly Inc)
36	45.60.76.225 45.60.76.225	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2	104.111.242.254 104.111.242.254	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
4	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	199.15.212.238 199.15.212.238	53580 (MARKETO) (MARKETO - MARKETO)
1 6	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	68.232.35.116 68.232.35.116	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:401... 2a00:1450:4011:804::101f	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f11... 2a03:2880:f11c:8186:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
7	104.111.239.158 104.111.239.158	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
8	172.227.102.19 172.227.102.19	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	151.101.132.134 151.101.132.134	54113 (FASTLY) (FASTLY - Fastly)
1	2.19.34.83 2.19.34.83	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.16.186.146 2.16.186.146	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	147.75.80.133 147.75.80.133	54825 (PACKET) (PACKET - Packet Host)
1 3	18.196.44.49 18.196.44.49	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	172.227.88.206 172.227.88.206	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	2400:cb00:204... 2400:cb00:2048:1::6810:4da6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY - Fastly)
2	52.21.153.156 52.21.153.156	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	151.101.132.64 151.101.132.64	54113 (FASTLY) (FASTLY - Fastly)
6	52.3.187.150 52.3.187.150	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	2a00:1450:401... 2a00:1450:4013:c00::5f	15169 (GOOGLE) (GOOGLE - Google LLC)
3	54.192.94.29 54.192.94.29	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.192.94.171 54.192.94.171	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
116	32

1 104.244.42.133 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.248.10 (United States) 1 redirects

ASN395224 (BITLY-AS - Bitly Inc, US)

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 45.60.76.225 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)

www.imperva.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.254 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-242-254.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.15.212.238 (San Mateo, United States)

ASN53580 (MARKETO - MARKETO, Inc., US)

727-wrl-406.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.232.35.116 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.bizible.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9b (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4011:804::101f (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8186:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.111.239.158 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-239-158.deploy.static.akamaitechnologies.com

app-ab13.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.227.102.19 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-102-19.deploy.static.akamaitechnologies.com

ws.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.132.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

imperva-blog.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.34.83 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-34-83.deploy.static.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.146 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-146.deploy.static.akamaitechnologies.com

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.80.133 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-4

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.44.49 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-44-49.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.227.88.206 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-88-206.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:cb00:2048:1::6810:4da6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.134 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.153.156 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-153-156.compute-1.amazonaws.com

errors.client.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.132.64 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

links.services.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.3.187.150 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-3-187-150.compute-1.amazonaws.com

prod.trendemon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c00::5f (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.192.94.29 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-29.fra2.r.cloudfront.net

d1ysmqklpsb9ih.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.94.171 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-94-171.fra2.r.cloudfront.net

d1ysmqklpsb9ih.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	imperva.com www.imperva.com	415 KB
13	sharethis.com 1 redirects ws.sharethis.com l.sharethis.com t.sharethis.com	47 KB
7	marketo.com app-ab13.marketo.com	131 KB
6	trendemon.com prod.trendemon.com	126 KB
6	google-analytics.com 1 redirects www.google-analytics.com	16 KB
5	disqus.com imperva-blog.disqus.com disqus.com links.services.disqus.com	26 KB
4	cloudfront.net d1ysmqklpsb9ih.cloudfront.net	221 KB
4	disquscdn.com c.disquscdn.com	201 KB
4	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
4	bizible.com cdn.bizible.com	32 KB
4	gstatic.com fonts.gstatic.com	72 KB
3	optimizely.com cdn.optimizely.com errors.client.optimizely.com	129 KB
3	facebook.com www.facebook.com staticxx.facebook.com	245 B
3	google.de www.google.de	325 B
3	google.com 2 redirects www.google.com	496 B
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	82 KB
3	facebook.net connect.facebook.net	102 KB
3	googletagmanager.com www.googletagmanager.com	97 KB
2	marketo.net munchkin.marketo.net	6 KB
1	googleapis.com fonts.googleapis.com	654 B
1	consensu.org c.sharethis.mgr.consensu.org
1	googleadservices.com www.googleadservices.com	7 KB
1	mktoresp.com 727-wrl-406.mktoresp.com	623 B
1	flashtalking.com servedby.flashtalking.com
1	bit.ly 1 redirects bit.ly	624 B
1	t.co t.co	343 B
116	26

	Domain	Requested by
36	www.imperva.com	t.co www.imperva.com
8	ws.sharethis.com	www.imperva.com ws.sharethis.com
7	app-ab13.marketo.com	www.imperva.com app-ab13.marketo.com prod.trendemon.com
6	prod.trendemon.com	t.co prod.trendemon.com
6	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com www.imperva.com
4	d1ysmqklpsb9ih.cloudfront.net
4	c.disquscdn.com	imperva-blog.disqus.com
4	cdn.bizible.com	www.googletagmanager.com www.imperva.com cdn.bizible.com
4	fonts.gstatic.com	www.imperva.com
3	l.sharethis.com	1 redirects www.imperva.com
3	www.google.de	www.imperva.com
3	www.google.com	2 redirects www.imperva.com
3	stats.g.doubleclick.net	2 redirects www.imperva.com
3	connect.facebook.net	t.co connect.facebook.net www.imperva.com
3	www.googletagmanager.com	www.imperva.com
2	errors.client.optimizely.com	cdn.bizible.com
2	disqus.com	imperva-blog.disqus.com
2	t.sharethis.com	www.imperva.com t.sharethis.com
2	imperva-blog.disqus.com	www.imperva.com
2	www.facebook.com	www.imperva.com www.googletagmanager.com
2	munchkin.marketo.net	www.imperva.com munchkin.marketo.net
1	fonts.googleapis.com
1	links.services.disqus.com	cdn.bizible.com
1	staticxx.facebook.com	connect.facebook.net
1	vars.hotjar.com	static.hotjar.com
1	c.sharethis.mgr.consensu.org	ws.sharethis.com
1	cdn.optimizely.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	727-wrl-406.mktoresp.com	munchkin.marketo.net
1	servedby.flashtalking.com	www.imperva.com
1	bit.ly	1 redirects
1	t.co
116	35

This site contains links to these domains. Also see Links.

Domain
www.incapsula.com
partners.imperva.com
imperva.com
www.telegraph.co.uk
en.wikipedia.org
gs.statcounter.com
www.google.com
chromereleases.googleblog.com
cloud.feedly.com
www.imperva.cn
www.imperva.jp
www.facebook.com
twitter.com
feeds.feedburner.com
www.linkedin.com
www.youtube.com
plus.google.com
www.slideshare.net
www.glassdoor.com

Subject Issuer	Validity	Valid
t.co DigiCert SHA2 Extended Validation Server CA	`2017-07-25` - `2018-11-05`	a year	crt.sh
www.imperva.com GeoTrust RSA CA 2018	`2018-06-04` - `2020-04-04`	2 years	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2018-02-22` - `2019-02-22`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
servedby.flashtalking.com GeoTrust RSA CA 2018	`2018-02-13` - `2019-02-13`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
*.mktoresp.com Go Daddy Secure Certificate Authority - G2	`2015-12-02` - `2018-12-02`	3 years	crt.sh
s11.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2015-11-20` - `2019-01-16`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.hotjar.com Let's Encrypt Authority X3	`2018-07-25` - `2018-10-23`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-08-28` - `2018-11-20`	3 months	crt.sh
*.marketo.com DigiCert SHA2 Secure Server CA	`2018-02-13` - `2019-02-13`	a year	crt.sh
*.sharethis.com DigiCert SHA2 Secure Server CA	`2018-02-14` - `2019-02-14`	a year	crt.sh
www.google.com Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
cdn.optimizely.com DigiCert ECC Secure Server CA	`2018-01-23` - `2019-01-23`	a year	crt.sh
*.sharethis.mgr.consensu.org DigiCert ECC Secure Server CA	`2018-07-31` - `2019-07-31`	a year	crt.sh
pxcel.net GeoTrust RSA CA 2018	`2018-01-22` - `2019-02-21`	a year	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-04-29` - `2018-11-05`	6 months	crt.sh
client.optimizely.com DigiCert SHA2 High Assurance Server CA	`2015-09-29` - `2018-10-02`	3 years	crt.sh
f.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2018-08-30` - `2020-12-02`	2 years	crt.sh
*.trendemon.com SSL.com DV CA	`2017-10-18` - `2019-01-16`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2018-08-21` - `2018-11-13`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2017-11-22` - `2018-11-21`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Frame ID: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Requests: 106 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/7749;55259;5882;iframe/?ft_referrer=https%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&ns=https%3A//t.co/9YB7V4F4zp&cb=520849.87488768244
Frame ID: A4BB9EA9DC421957C2EE424898D35DDB
Requests: 1 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
Frame ID: C84DC78E2D994CA88FE1CEBDF617ECF1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: BD2EB8FD7DC1D1646393931CD96E2ED5
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/kO5a7GzG6AF.js?version=42
Frame ID: A0AAB32C6779A0B74B98F98771652FCF
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1/d/t.dhj?rnd=1536750259005&cid=c010&dmn=www.imperva.com
Frame ID: 24A1B79792A5D228348E33BD97AFDDD4
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=0.190.7544&cid=c010
Frame ID: 14073C34EF303534E08A4B9A437E927B
Requests: 1 HTTP requests in this frame

Frame: https://app-ab13.marketo.com/index.php/form/XDFrame
Frame ID: CE6DFB5EEF365CC610EC994B33390444
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 23FB0004456F667D0DEA876A19598AA2
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=imperva-blog&t_i=5487%20https%3A%2F%2Fwww.imperva.com%2Fblog%2F%3Fp%3D5487&t_u=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F&t_e=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data&t_d=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data&t_t=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data&s_o=default
Frame ID: 01F6FA314D037C2579FABBC80514C494
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: F0B42B062EDFD07EFF7C9E5EA4B0CF65
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://t.co/9YB7V4F4zp Page URL
https://bit.ly/2BdTCRx HTTP 301
https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-w... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

env /^DISQUS/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /^\/\/static\.hotjar\.com\/c\/hotjar-/i

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

env /^Munchkin$/i

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^optimizely$/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

VigLink (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^(?:vglnk(?:$|_)|vl_(?:cB|disable)$)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

116
Requests

100 %
HTTPS

33 %
IPv6

26
Domains

35
Subdomains

32
IPs

5
Countries

1713 kB
Transfer

4895 kB
Size

5
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.incapsula.com/website-security/web-application-firewall.html
Title: Cloud WAF

Search URL Search Domain Scan URL

URL: https://www.incapsula.com/web-application-ddos-protection-services.html
Title: DDoS Protection

Search URL Search Domain Scan URL

URL: https://www.incapsula.com/cloud-based-application-delivery.html
Title: Application Delivery

Search URL Search Domain Scan URL

URL: https://www.incapsula.com/cdn-content-delivery-network/
Title: Content Delivery Network

Search URL Search Domain Scan URL

URL: https://www.incapsula.com/load-balancer.html
Title: Load Balancer

Search URL Search Domain Scan URL

URL: https://www.incapsula.com/failover.html
Title: Site Failover

Search URL Search Domain Scan URL

URL: https://partners.imperva.com/
Title: Partner Portal Login

Search URL Search Domain Scan URL

URL: https://imperva.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.telegraph.co.uk/technology/eric-schmidt/10076175/Eric-Schmidt-interview-You-have-to-fight-for-your-privacy-or-you-will-lose-it.html
Title: interview

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Blink_(web_engine)
Title: Blink engine

Search URL Search Domain Scan URL

URL: http://gs.statcounter.com/
Title: 58 percent

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/
Title: the latest version

Search URL Search Domain Scan URL

URL: https://chromereleases.googleblog.com/2018/07/stable-channel-update-for-desktop.html
Title: Chrome’s 68 release

Search URL Search Domain Scan URL

URL: http://cloud.feedly.com/#subscription%2Ffeed%2Fhttps%3A%2F%2Fwww.imperva.com%2Fblog%2Ffeed%2F
Title: Feedly

Search URL Search Domain Scan URL

URL: http://www.imperva.cn/
Title: 中文

Search URL Search Domain Scan URL

URL: http://www.imperva.jp/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://www.facebook.com/imperva
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/imperva
Title:

Search URL Search Domain Scan URL

URL: https://feeds.feedburner.com/Imperviews?format=xml
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/imperva
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/ImpervaChannel
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/+imperva/posts
Title:

Search URL Search Domain Scan URL

URL: http://www.slideshare.net/imperva
Title:

Search URL Search Domain Scan URL

URL: https://www.glassdoor.com/Overview/Working-at-Imperva-EI_IE101738.11,18.htm
Title:

Search URL Search Domain Scan URL

URL: http://www.incapsula.com/
Title: Incapsula

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/9YB7V4F4zp Page URL
https://bit.ly/2BdTCRx HTTP 301
https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&gjid=1832943153&_gid=939013663.1536750259&_u=aHDAiEAjB~&z=1458975931 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&_v=j68&z=1458975931 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&_v=j68&z=1458975931&slf_rd=1&random=2076575135

Request Chain 79

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=3bf0470-165cd740a36-327e69e8-1&sessionID=1536750258742.84226&hostname=www.imperva.com&location=%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F&product=widget&stid=&publisher=5c06dde6-c2f1-4b97-a18d-121fd64310d6-10exp-Y&st_optout=false&refDomain=t.co&refQuery=9YB7V4F4zp&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F&sharURL=&buttonType=ERROR&destination=ERROR&source=ERROR&title=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&ts1536750258742.0=&sop=false HTTP 301
https://l.sharethis.com/sc?cm=ZGAPGFuY8rIAAAATFQj7Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F

Request Chain 96

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=528137853&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&dr=https%3A%2F%2Ft.co%2F9YB7V4F4zp&ul=en-us&de=UTF-8&dt=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Forms&ea=2692%7C727-WRL-406%7Ca-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%7Cno-pid&el=form-start&_u=aHDACEAjB~&jid=817486945&gjid=2093913811&cid=1975724634.1536750260&tid=UA-2821586-1&_gid=1565658761.1536750260&_r=1&gtm=G94KF4BJ8&cd13=2692%7C727-WRL-406%7Ca-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%7Cno-pid&z=645344834 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_gid=1565658761.1536750260&gjid=2093913811&_v=j68&z=645344834 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_v=j68&z=645344834 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_v=j68&z=645344834&slf_rd=1&random=3140248394

116 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 9YB7V4F4zp Show response
t.co/ 221 B
343 B 140ms
140ms Document
text/html 104.244.42.133
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/9YB7V4F4zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

e6398996cb813aac38fe0c868acccd4106c976ffa886bf2111f744a668b2fbc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method: GET
:authority: t.co
:scheme: https
:path: /9YB7V4F4zp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F

Response headers

status: 200
cache-control: private,max-age=300
content-encoding: gzip
content-length: 174
content-type: text/html; charset=utf-8
date: Wed, 12 Sep 2018 11:04:16 GMT
expires: Wed, 12 Sep 2018 11:09:16 GMT
server: tsa_o
set-cookie: muc=8e0e2157-94e2-44ac-ae86-108803990563; Max-Age=63072000; Expires=Fri, 11 Sep 2020 11:04:16 GMT; Domain=t.co
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: a6858f0b0460f4745b36739b3ff5b574
x-response-time: 133
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report

GET
H2

200

Primary Request / Show response
www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/
Redirect Chain

https://bit.ly/2BdTCRx
https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_...

88 KB
20 KB

1319ms
1319ms

Document
text/html

45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Requested by

Host: t.co
URL: https://t.co/9YB7V4F4zp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Apache / PHP/5.6.35

Resource Hash

70e95c7a725f8ff9b2b21664bd56b555438eb8b761cf887f033aa22d39556fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:method: GET
:authority: www.imperva.com
:scheme: https
:path: /blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://t.co/9YB7V4F4zp
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://t.co/9YB7V4F4zp

Response headers

status: 200
date: Wed, 12 Sep 2018 11:04:17 GMT
server: Apache
x-powered-by: PHP/5.6.35
x-pingback: https://www.imperva.com/blog/xmlrpc.php
link: <https://www.imperva.com/blog/wp-json/>; rel="https://api.w.org/" <https://www.imperva.com/blog/?p=5487>; rel=shortlink
content-type: text/html; charset=UTF-8
set-cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; expires=Thu, 12 Sep 2019 06:54:24 GMT; path=/; Domain=.imperva.com nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; path=/; Domain=.imperva.com incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; path=/; Domain=.imperva.com isEuropeUser=true; path= / cookieconsent_status=europe-user; path= /
strict-transport-security: max-age=0; includeSubDomains
x-iinfo: 9-186425911-186425912 NNNN CT(56 132 0) RT(1536750256725 0) q(0 0 2 0) r(13 13) U10000
x-cdn: Incapsula
content-encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 12 Sep 2018 11:04:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 330
Connection: keep-alive
Cache-Control: private, max-age=90
Content-Security-Policy: referrer always;
Location: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Referrer-Policy: unsafe-url
Set-Cookie: _bit=i8cb4g-bb1597922cffb7630d-00G; Domain=bit.ly; Expires=Mon, 11 Mar 2019 11:04:16 GMT

GET
H2 200 widget.css
www.imperva.com/blog/wp-content/plugins/yet-another-related-posts-plugin/style/ 771 B
538 B 8ms
6ms Stylesheet
text/css 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.5

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

1210b2986220f5f6e6f416d87911e6655eed292f81a8219d8506f57c5d4353a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/yet-another-related-posts-plugin/style/widget.css?ver=4.9.5
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "303-5496eab88ba1f"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
status: 200
x-iinfo: 9-186426603-0 0CNN RT(1536750258271 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 384
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 styles.css
www.imperva.com/blog/wp-content/plugins/contact-form-7/includes/css/ 2 KB
780 B 9ms
7ms Stylesheet
text/css 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.1
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 10:43:02 GMT
x-cdn: Incapsula
etag: "693-56afa66c85a61"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
status: 200
x-iinfo: 9-186426604-0 0CNN RT(1536750258273 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 656
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 svgs-attachment.css
www.imperva.com/blog/wp-content/plugins/svg-support/css/ 222 B
233 B 10ms
9ms Stylesheet
text/css 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=4.9.5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/svg-support/css/svgs-attachment.css?ver=4.9.5
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 10:43:25 GMT
x-cdn: Incapsula
etag: "de-56afa6826e4d0"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
status: 200
x-iinfo: 9-186426605-0 0CNN RT(1536750258274 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 111
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 tcbd-modals.css
www.imperva.com/blog/wp-content/plugins/tcbd-modals/css/ 3 KB
1018 B 12ms
10ms Stylesheet
text/css 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/tcbd-modals/css/tcbd-modals.css?ver=1.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

d3a887d366ab3d243823e7c9ac85b1ba06018dbd3cf41eecff4bc3ca0c88e396

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/tcbd-modals/css/tcbd-modals.css?ver=1.0
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "c5d-5496eab8677ff"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
status: 200
x-iinfo: 9-186426606-0 0CNN RT(1536750258277 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 918
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 style.css
www.imperva.com/blog/wp-content/themes/impervablog/css/ 346 KB
49 KB 13ms
12ms Stylesheet
text/css 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

deb7f5bf5ace6476eb016781ded0cd75a2f4b8fbecf1d6e4b22d97ee140e9f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 22 Jul 2018 10:16:16 GMT
x-cdn: Incapsula
etag: "56997-57193d1b53c00"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
status: 200
x-iinfo: 9-186426608-0 0CNN RT(1536750258278 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 50237
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 theme.css
www.imperva.com/blog/wp-content/themes/impervablog/ 4 KB
1 KB 14ms
13ms Stylesheet
text/css 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/theme.css?ver=1488114556

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

f8588af9824dd40882480f26b4210f4baaa950f51c993b48c49ce1027a7c849d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/theme.css?ver=1488114556
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "f4a-5496eab88f89f"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
status: 200
x-iinfo: 9-186426609-0 0CNN RT(1536750258279 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 1033
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 style.css
www.imperva.com/blog/wp-content/plugins/malinky-ajax-pagination/css/ 230 B
253 B 14ms
14ms Stylesheet
text/css 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/malinky-ajax-pagination/css/style.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

19f8302b428c9cfdaf4d32a17f07c71eb8c3b08eec5151f81bddb3892df15504

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/malinky-ajax-pagination/css/style.css
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "e6-5496eab863d67"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css
status: 200
x-iinfo: 9-186426610-0 0CNN RT(1536750258280 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 153
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 jquery-1.11.2.min.js Show response
www.imperva.com/blog/wp-content/themes/impervablog/js/ 94 KB
33 KB 15ms
14ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/js/jquery-1.11.2.min.js?ver=4.9.5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

3d65f9e788f7ef78d0e1e40bdce42caf85b1c2b18d8eb1ecc358b113d01265d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/js/jquery-1.11.2.min.js?ver=4.9.5
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "176bb-5496eab88f0cf"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426611-0 0CNN RT(1536750258281 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 33218
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.imperva.com/blog/wp-includes/js/ 11 KB
4 KB 6ms
6ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-includes/js/wp-emoji-release.min.js?ver=4.9.5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

a0be121d953691a90de00ce456caa95ba8fc6ced658cd50f9ab66a84ccd246a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-includes/js/wp-emoji-release.min.js?ver=4.9.5
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 11 Feb 2018 11:06:26 GMT
x-cdn: Incapsula
etag: "2dc9-564edc0ab4693"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426614-0 0CNN RT(1536750258287 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 4175
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 6ms
6ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jun 2018 01:36:41 GMT
Server: Apache
ETag: "8a1ad47bd9401d0c4cde2aab48eeb571:1528767401"
X-Serial: 1
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
X-Check-Cacheable: YES
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 62 KB
22 KB 84ms
84ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFT2K83

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

afe53f14f4fd0687277fff70d4bfe9bfdf87bacd741bf8e2f6031fae3fc57013

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 22162
x-xss-protection: 1; mode=block
expires: Wed, 12 Sep 2018 11:04:18 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
37 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKDMLX7

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

35a646d089a4456a712c4fadb01fa732ba2ffdecfaf3f1b8bfc6e2ec0d556feb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 37923
x-xss-protection: 1; mode=block
expires: Wed, 12 Sep 2018 11:04:18 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
38 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:81f::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KF4BJ8

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81f::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

4ad6e57e866d5f6860048125dfd308878b9dabf1acf90484264243f66054204e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 38663
x-xss-protection: 1; mode=block
expires: Wed, 12 Sep 2018 11:04:18 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/154/ 8 KB
5 KB 7ms
6ms Script
application/x-javascript 104.111.242.254
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/154/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.242.254 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-242-254.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
X-Check-Cacheable: YES
Server: Apache
ETag: "808fc844032f646c32adce24553838be:1526611527"
X-Serial: 10776
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Last-Modified: Fri, 18 May 2018 02:45:27 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 3700
Expires: Fri, 21 Dec 2018 11:04:18 GMT

GET
H2 200 logo.png
www.imperva.com/blog/wp-content/uploads/2016/12/ 866 B
974 B 18ms
17ms Image
image/png 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2016/12/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

28393630021b9180e7c1db5f4c18d4f028e11c5a25147e1444fd48157eaacf99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/uploads/2016/12/logo.png
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "362-5496eab8b699f"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
status: 200
x-iinfo: 9-186426632-0 0CNN RT(1536750258394 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 866
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/container/7749;55259;5882;iframe/ Frame A4BB 0
0 33ms
19ms Document
text/html 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/container/7749;55259;5882;iframe/?ft_referrer=https%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&ns=https%3A//t.co/9YB7V4F4zp&cb=520849.87488768244
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: prod-xre-app8.frk11 /
Resource Hash

Request headers

Host: servedby.flashtalking.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Connection: close
Cache-Control: no-cache, no-store
Content-Type: text/html
Server: prod-xre-app8.frk11
Pragma: no-cache
X-HW: 1536750258.dop009.fr8.shc,1536750258.dop009.fr8.t,1536750258.cds050.fr8.sc,1536750258.cds050.fr8.p

GET
S 200 DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v13/ 35 KB
21 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTYnF5uFdDttMLvmWuJdhhgs.ttf

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5290570a36dd396b7defdf1c771bc9d3601780abe5ab09210263f05945fddc97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
Origin: https://www.imperva.com

Response headers

date: Tue, 28 Aug 2018 13:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1286862
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21792
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Apr 2015 23:46:43 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2019 13:36:36 GMT

GET
S 200 MTP_ySUJH_bn48VBG8sNSonF5uFdDttMLvmWuJdhhgs.ttf
fonts.gstatic.com/s/opensans/v13/ 34 KB
21 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/MTP_ySUJH_bn48VBG8sNSonF5uFdDttMLvmWuJdhhgs.ttf

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

93b4b393bdf79a8047bd391f9ca92db7924db520f81eb2de4b7df2ce1e534783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
Origin: https://www.imperva.com

Response headers

date: Tue, 28 Aug 2018 13:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1286654
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21791
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Apr 2015 23:45:19 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Aug 2019 13:40:04 GMT

GET
H2 200 fontello.woff2
www.imperva.com/blog/wp-content/themes/impervablog/fonts/ 2 KB
3 KB 10ms
10ms Font
application/octet-stream 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/fonts/fontello.woff2?77500554

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

40f82839b4de554d6f6d0c5e2dc070abe7abca6aa163382118a216e5ebfe606d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/fonts/fontello.woff2?77500554
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user
origin: https://www.imperva.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
Origin: https://www.imperva.com

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Sun, 08 Jul 2018 08:37:43 GMT
x-cdn: Incapsula
etag: "9b8-57078cf851355"
strict-transport-security: max-age=0; includeSubDomains
status: 200
x-iinfo: 9-186426633-0 0CNN RT(1536750258395 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 2488
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H/1.1 200
OK visitWebPage Show response
727-wrl-406.mktoresp.com/webevents/ 43 B
623 B 374ms
96ms XHR
image/gif 199.15.212.238
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL

https://727-wrl-406.mktoresp.com/webevents/visitWebPage?_mchNc=1536750258445&_mchCn=&_mchId=727-WRL-406&_mchTk=_mch-imperva.com-1536750258444-13613&_mchHo=www.imperva.com&_mchPo=&_mchRu=%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F&_mchPc=https%3A&_mchVr=154&_mchHa=&_mchRe=https%3A%2F%2Ft.co%2F9YB7V4F4zp&_mchQp=utm_source%3DTwitter__-__utm_medium%3Dorganic_empshare__-__utm_content%3Dchrome-bug__-__utm_campaign%3D2018_q3_twitter_awareness

Requested by

Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/154/munchkin.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

199.15.212.238 San Mateo, United States, ASN53580 (MARKETO - MARKETO, Inc., US),

Reverse DNS

Software

Apache /

Resource Hash

cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Origin: https://www.imperva.com

Response headers

Pragma: no-cache
Date: Wed, 12 Sep 2018 11:04:18 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Sep 2018 06:04:18 -0500
Server: Apache
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=100
Content-Length: 43
Expires: -1

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKDMLX7

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 5112
date: Wed, 12 Sep 2018 09:39:06 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Wed, 12 Sep 2018 11:39:06 GMT

GET
S 200 bizible.js Show response
cdn.bizible.com/scripts/ 83 KB
32 KB 6ms
6ms Script
application/x-javascript 68.232.35.116
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/scripts/bizible.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKDMLX7
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.232.35.116 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40B4) / ASP.NET
Resource Hash: 2556fae4a0db89c06ab0927fe7f9338ad9d7662f1fd64973560f0476c25b8121

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
etag: W/"65ac1991446d41:0"
last-modified: Thu, 06 Sep 2018 19:05:39 GMT
server: ECS (fcn/40B4)
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/x-javascript
status: 200
accept-ranges: bytes
content-length: 32318

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 44 KB
14 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/9YB7V4F4zp

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

2dfc25db166fb3c0d6c24de2f24ca1b03e27f6b40372ed8a0ccf865840af6db0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: HNQGsrBTYgFc/hogPeJPqgCUNsF6SuWSwYn2zmx1M34e+2yncellacM+2Wmwvw99soYamjx06U8fQ1/SubpTcQ==
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 12 Sep 2018 11:04:18 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 13680
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf
fonts.gstatic.com/s/opensans/v13/ 33 KB
21 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v13/cJZKeOuBrn4kERxqtaUH3aCWcynf_cDxXwCLxiixG1c.ttf

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
Origin: https://www.imperva.com

Response headers

date: Fri, 31 Aug 2018 15:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1019257
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21204
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Apr 2015 23:46:39 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 31 Aug 2019 15:56:41 GMT

GET
H/1.1 200
OK hotjar-316053.js Show response
static.hotjar.com/c/ 2 KB
2 KB 115ms
103ms Script
application/javascript 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-316053.js?sv=5

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KF4BJ8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

fcc1bee4e35c415db5bfb262399ad7a4b672b41ebbf416f952da4f619727316d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
ETag: W/7090cf22e23acbcbb9d7a6cd564b2758
X-Frame-Options: SAMEORIGIN
X-HW: 1536750258.dop007.fr8.shc,1536750258.dop007.fr8.t,1536750258.cds039.fr8.pr
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1105

GET
S 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 18 KB
7 KB 17ms
17ms Script
text/javascript 216.58.205.226
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KF4BJ8

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f2.1e100.net

Software

cafe /

Resource Hash

336ec73f667d7e9f663aad1a2cb1f1449c123e961158e7eb78b9fceca1ef7317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 6900
x-xss-protection: 1; mode=block
server: cafe
etag: 2487716126583275439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 12 Sep 2018 11:04:18 GMT

GET
S 200 271477867023159 Show response
connect.facebook.net/signals/config/ 83 KB
17 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/271477867023159?v=2.8.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

774ec657c07b77da509d4ea5a14ffc54c2013450cf50be3a283020c5c5c08d3e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 16939
x-xss-protection: 0
pragma: public
x-fb-debug: chOQQo752inV6NBMw70pLrmC7uDcUuZ6rtOTd7SRGBiWnfZhg0L2XKvISI+CPadDKnq6mIFw6Ju8hC39tmhkGQ==
x-frame-options: DENY
date: Wed, 12 Sep 2018 11:04:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
930 B 6ms
5ms Script
text/javascript 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 10:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 2537
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 856
x-xss-protection: 1; mode=block
expires: Wed, 12 Sep 2018 11:22:01 GMT

GET
S 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=528137853&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&dr=https%3A%2F%2Ft.co%2F9YB7V4F4zp&ul=en-us&de=UTF-8&dt=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAj~&jid=1580747532&gjid=876524563&cid=1797104840.1536750259&tid=UA-114236658-1&_gid=939013663.1536750259&_r=1&gtm=G94WKDMLX7&z=1213665736

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071102441/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1071102441/?random=1536750258587&cv=9&fst=1536750258587&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G94&sendb=1&frm=0&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&ref=https%3A%2F%2Ft.co%2F9YB7V4F4zp&tiba=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8b0063fb60381622d0a96cc497fc583ab72589e1fa03069c238f9cb72b3d20a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 1155
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Private-browsing-data-Chrome-blog-320x213.jpg
www.imperva.com/blog/wp-content/uploads/2018/08/ 16 KB
16 KB 11ms
8ms Image
image/jpeg 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2018/08/Private-browsing-data-Chrome-blog-320x213.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

9ad01a1b40b2d9fdb35c0400cf1d024e0b3ef83341d67de779a4c6cd1be9560c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/uploads/2018/08/Private-browsing-data-Chrome-blog-320x213.jpg
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Wed, 15 Aug 2018 14:37:48 GMT
x-cdn: Incapsula
etag: "3fb9-5737a453fa107"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/jpeg
status: 200
x-iinfo: 9-186426707-0 0CNN RT(1536750258561 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 16023
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 Chrome-bug1.png
www.imperva.com/blog/wp-content/uploads/2018/08/ 9 KB
9 KB 16ms
14ms Image
image/png 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2018/08/Chrome-bug1.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

5bb8db2e6ed8698e36f69cca152b3e2d5fffbaf8ae9dd336a94ee6a0b1e82886

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/uploads/2018/08/Chrome-bug1.png
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Wed, 15 Aug 2018 14:40:03 GMT
x-cdn: Incapsula
etag: "6747-5737a4d496871"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
status: 200
x-iinfo: 9-186426709-0 0CNN RT(1536750258567 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 9585
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 Chrome-bug2.png
www.imperva.com/blog/wp-content/uploads/2018/08/ 33 KB
33 KB 17ms
15ms Image
image/png 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2018/08/Chrome-bug2.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

544409531123804e1170a08e506f4be42396cf833447e176e089f7702f03745a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/uploads/2018/08/Chrome-bug2.png
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Wed, 15 Aug 2018 14:40:04 GMT
x-cdn: Incapsula
etag: "f109-5737a4d536af3"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
status: 200
x-iinfo: 9-186426711-0 0CNN RT(1536750258570 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 33959
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 Chrome-bug3.png
www.imperva.com/blog/wp-content/uploads/2018/08/ 43 KB
43 KB 22ms
21ms Image
image/png 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2018/08/Chrome-bug3.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

740aeda52180f4bd3602ed6589c20b34a03c9672c67aa4291424700e12d41a29

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/uploads/2018/08/Chrome-bug3.png
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Wed, 15 Aug 2018 14:40:04 GMT
x-cdn: Incapsula
etag: "ad19-5737a4d60019f"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
status: 200
x-iinfo: 9-186426712-0 0CNN RT(1536750258575 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 44313
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 Chrome-bug4.png
www.imperva.com/blog/wp-content/uploads/2018/08/ 122 KB
123 KB 26ms
24ms Image
image/png 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2018/08/Chrome-bug4.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

37b09e2aca5b738081f22e8ad718bd9590a753e5952c76728d2988ca6fd7ff3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/uploads/2018/08/Chrome-bug4.png
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Wed, 15 Aug 2018 14:40:05 GMT
x-cdn: Incapsula
etag: "1e95b-5737a4d6e3e2b"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
status: 200
x-iinfo: 9-186426713-0 0CNN RT(1536750258579 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 125275
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=528137853&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&dr=https%3A%2F%2Ft.co%2F9YB7V4F4zp&ul=en-us&de=UTF-8&dt=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjB~&jid=5422224&gjid=1832943153&cid=1797104840.1536750259&tid=UA-2821586-1&_gid=939013663.1536750259&gtm=G94KF4BJ8&z=202791848

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 03:20:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1323818
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&gjid=1832943153&_gid=939013663.1536750259&_u=aHDAiEAjB~&z=1458975931
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&_v=j68&z=1458975931
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&_v=j68&z=1458975931&slf_rd=1&random=2076575135

42 B
109 B

66ms
66ms

Image
image/gif

2a00:1450:4011:804::101f
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&_v=j68&z=1458975931&slf_rd=1&random=2076575135

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4011:804::101f , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1797104840.1536750259&jid=5422224&_v=j68&z=1458975931&slf_rd=1&random=2076575135
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
6ms Image
image/gif 2a00:1450:4001:818::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=528137853&t=pageview&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&dr=https%3A%2F%2Ft.co%2F9YB7V4F4zp&ul=en-us&de=UTF-8&dt=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjB~&jid=1620164589&gjid=1026612742&cid=1797104840.1536750259&tid=UA-2821586-2&_gid=939013663.1536750259&gtm=G94KF4BJ8&z=316181224

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:818::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Aug 2018 03:20:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1323818
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c0c::9b
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-2821586-2&cid=1797104840.1536750259&jid=1620164589&gjid=1026612742&_gid=939013663.1536750259&_u=aHDAiEAjB~&z=246651288

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c0c::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 12 Sep 2018 11:04:18 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ico-rss-white.png
www.imperva.com/blog/wp-content/themes/impervablog/images/ 472 B
595 B 17ms
17ms Image
image/png 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/images/ico-rss-white.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

452347f454d69db6f89243881b1661d05167295f3ea83adb8ce8060aba1aaad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/images/ico-rss-white.png
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Wed, 22 Mar 2017 17:04:56 GMT
x-cdn: Incapsula
etag: "3de-54b54c28c4ccc"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/png
status: 200
x-iinfo: 9-186426715-0 0CNN RT(1536750258581 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 472
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
245 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=271477867023159&ev=PageView&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&rl=https%3A%2F%2Ft.co%2F9YB7V4F4zp&if=false&ts=1536750258637&sw=1600&sh=1200&v=2.8.27&r=stable&ec=0&o=28&it=1536750258538
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 12 Sep 2018 11:04:18 GMT

GET
H/1.1 200
OK forms2.min.js Show response
app-ab13.marketo.com/js/forms2/js/ 169 KB
57 KB 11ms
7ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/js/forms2/js/forms2.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbf63674053e3b35a34473fc7568df63730cb5e71f7e81aa8432e75374c758a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Jun 2018 17:51:59 GMT
Server: Apache
ETag: "74165f-2a214-56eee38df8dc0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Date: Wed, 12 Sep 2018 11:04:18 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58220

GET
H2 200 imperva_white.svg
www.imperva.com/blog/wp-content/uploads/2016/12/ 2 KB
1 KB 13ms
9ms Image
image/svg+xml 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/uploads/2016/12/imperva_white.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

bcd9a431f74c863be19a4889d6f4d997053fa95af54a8622150d53bd76034bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/uploads/2016/12/imperva_white.svg
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "97d-5496eab8b65b7"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
status: 200
x-iinfo: 9-186426739-0 0CNN RT(1536750258629 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 1093
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 scripts.js Show response
www.imperva.com/blog/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 10ms
6ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

ed5aa55542db88f4973e3d001825ba673ad415952668ffc1a92eb1b9d671c9a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 10:43:02 GMT
x-cdn: Incapsula
etag: "38d7-56afa66c86619"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426734-0 0CNN RT(1536750258626 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 3377
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 comment_count.js Show response
www.imperva.com/blog/wp-content/plugins/disqus-comment-system/public/js/ 708 B
524 B 11ms
7ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.15

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.15
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 10:43:05 GMT
x-cdn: Incapsula
etag: "379-56afa66fcbc8f"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426735-0 0CNN RT(1536750258626 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 401
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 comment_embed.js Show response
www.imperva.com/blog/wp-content/plugins/disqus-comment-system/public/js/ 828 B
471 B 11ms
7ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.15

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.15
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 10:43:05 GMT
x-cdn: Incapsula
etag: "47e-56afa66fcbc8f"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426736-0 0CNN RT(1536750258627 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 371
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 svgs-inline-min.js Show response
www.imperva.com/blog/wp-content/plugins/svg-support/js/min/ 1 KB
656 B 11ms
7ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/svg-support/js/min/svgs-inline-min.js?ver=1.0.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

f5e0d4e432c51d6b82047befba23bfd5597790b88cbcdfe1ec21dee7195e8399

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/svg-support/js/min/svgs-inline-min.js?ver=1.0.0
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 29 Apr 2018 10:43:25 GMT
x-cdn: Incapsula
etag: "493-56afa6826e8b8"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426737-0 0CNN RT(1536750258627 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 556
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 tcbd-modals.js Show response
www.imperva.com/blog/wp-content/plugins/tcbd-modals/js/ 7 KB
2 KB 11ms
8ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/tcbd-modals/js/tcbd-modals.js?ver=1.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

3a80a5153b59eec73428e92eb3f328b835484e800ccd1579064e0ee99afa7111

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/tcbd-modals/js/tcbd-modals.js?ver=1.0
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "26d2-5496eab8677ff"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426738-0 0CNN RT(1536750258628 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 2032
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 comment-reply.js Show response
www.imperva.com/blog/wp-content/themes/impervablog/js/ 711 B
438 B 11ms
7ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/js/comment-reply.js?ver=1488114556

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

8d6fd11cf11df05dd01688350167f8df43e61c7d99dd391596c8dafa30cebf11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/js/comment-reply.js?ver=1488114556
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "38d-5496eab88f0cf"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426742-0 0CNN RT(1536750258637 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 338
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 jquery.fancybox.js Show response
www.imperva.com/blog/wp-content/themes/impervablog/js/ 31 KB
10 KB 9ms
6ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/js/jquery.fancybox.js?ver=1488114556

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

527d4753b9f4fd1c40df024e88e2a602ccd4a82093dfd5fd33b4450c638084f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/js/jquery.fancybox.js?ver=1488114556
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "be9b-5496eab88f4b7"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426743-0 0CNN RT(1536750258637 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 9773
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 jquery.main.js Show response
www.imperva.com/blog/wp-content/themes/impervablog/js/ 76 KB
17 KB 10ms
7ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/js/jquery.main.js?ver=1531812626

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

064f39d59581e2a073f8a762c5853fcebea8bae6602a83299f75fd911ef0ba3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/js/jquery.main.js?ver=1531812626
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Tue, 17 Jul 2018 07:30:26 GMT
x-cdn: Incapsula
etag: "1a2d4-5712ceb7960d1"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426744-0 0CNN RT(1536750258638 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 17624
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 dev.js Show response
www.imperva.com/blog/wp-content/themes/impervablog/js/ 3 KB
1 KB 10ms
8ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/js/dev.js?ver=1534677809

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

27f953f2eef013de7b6bd86c038610b529793f7609f7a1f55738be854322b196

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/js/dev.js?ver=1534677809
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 19 Aug 2018 11:23:29 GMT
x-cdn: Incapsula
etag: "1146-573c805af2293"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426745-0 0CNN RT(1536750258639 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 1258
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H/1.1 200
OK buttons.js Show response
ws.sharethis.com/button/ 54 KB
15 KB 9ms
7ms Script
application/javascript 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/buttons.js?publisher=5c06dde6-c2f1-4b97-a18d-121fd64310d6-10exp-Y&ver=4.9.5
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 1b00a109efa27819449f08da220246851dfc2948f485d92b31581a85a4db0150

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
ETag: W/"5b96ef33-d9a9"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=172783
Connection: keep-alive
Content-Length: 15380
Expires: Fri, 14 Sep 2018 11:04:01 GMT

GET
H2 200 popper.min.js Show response
www.imperva.com/blog/wp-content/themes/impervablog/js/ 20 KB
7 KB 10ms
9ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/js/popper.min.js?ver=4.9.5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

03cf15cbd2f66f12860a1560b131cf132d883b0bfabbbda7aa3d0d7a33f8ac60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/js/popper.min.js?ver=4.9.5
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 15:29:57 GMT
x-cdn: Incapsula
etag: "4f71-570a6cd6e6740"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426746-0 0CNN RT(1536750258640 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 7115
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 bootstrap.min.js Show response
www.imperva.com/blog/wp-content/themes/impervablog/js/ 36 KB
10 KB 12ms
10ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/js/bootstrap.min.js?ver=4.9.5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/js/bootstrap.min.js?ver=4.9.5
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Tue, 10 Jul 2018 15:29:57 GMT
x-cdn: Incapsula
etag: "90b5-570a6cd6e6740"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426748-0 0CNN RT(1536750258641 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 9748
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 main.js Show response
www.imperva.com/blog/wp-content/plugins/malinky-ajax-pagination/js/ 10 KB
2 KB 8ms
5ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/plugins/malinky-ajax-pagination/js/main.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

4eec2d8fde91d4282f4787dbcee682982f4527dbca6a62283552b6f3cfde9b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/plugins/malinky-ajax-pagination/js/main.js
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "271b-5496eab863d67"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426750-0 0CNN RT(1536750258645 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 2074
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 wp-embed.min.js Show response
www.imperva.com/blog/wp-includes/js/ 1 KB
875 B 7ms
6ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-includes/js/wp-embed.min.js?ver=4.9.5

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-includes/js/wp-embed.min.js?ver=4.9.5
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:18 GMT
x-cdn: Incapsula
etag: "576-5496eab9f5347"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/javascript
status: 200
x-iinfo: 9-186426751-0 0CNN RT(1536750258646 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 751
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
S 200 /
www.google.com/ads/user-lists/1071102441/ 42 B
116 B 16ms
15ms Image
image/gif 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/user-lists/1071102441/?random=1536750258587&cv=9&fst=1536750000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G94&sendb=1&frm=0&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&ref=https%3A%2F%2Ft.co%2F9YB7V4F4zp&tiba=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&async=1&fmt=3&cdct=2&is_vtc=1&random=811713223&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.google.de/ads/user-lists/1071102441/ 42 B
107 B 65ms
64ms Image
image/gif 2a00:1450:4011:804::101f
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/user-lists/1071102441/?random=1536750258587&cv=9&fst=1536750000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G94&sendb=1&frm=0&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&ref=https%3A%2F%2Ft.co%2F9YB7V4F4zp&tiba=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&async=1&fmt=3&cdct=2&is_vtc=1&random=811713223&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4011:804::101f , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

adclick_server /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
x-content-type-options: nosniff
server: adclick_server
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK modules-fb023a49161b39880451c2fedbd087e9.js Show response
script.hotjar.com/ 398 KB
81 KB 21ms
6ms Script
application/javascript 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules-fb023a49161b39880451c2fedbd087e9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-316053.js?sv=5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

d1d993656168fdf731811ab74979b9ce1d35e8713cda7aabc5e23a3f54487775

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 30 Aug 2018 09:46:00 GMT
ETag: "1535622360"
X-HW: 1536750258.dop009.fr8.shc,1536750258.dop009.fr8.t,1536750258.cds026.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=30408137
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 82026

GET
H/1.1 200
OK getForm Show response
app-ab13.marketo.com/index.php/form/ 4 KB
4 KB 296ms
295ms Script
application/javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/index.php/form/getForm?munchkinId=727-WRL-406&form=2692&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F&callback=jQuery112406056166267576675_1536750258694&_=1536750258695

Requested by

Host: app-ab13.marketo.com
URL: https://app-ab13.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8d9facb43272448499d1ec00f018e8f847efad342e68abf3d818f4e521c17fb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
X-Content-Type-Options: nosniff
Server: Apache
Connection: keep-alive
Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Length: 4184
Content-Type: application/javascript; charset=utf-8

GET
H2 200 angle-up.svg
www.imperva.com/blog/wp-content/themes/impervablog/images/ 690 B
507 B 15ms
15ms Image
image/svg+xml 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/images/angle-up.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

f0a31b189d7d9f6092ac4ffc905503c067063908367861a8e4c99873f433105b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/images/angle-up.svg
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
last-modified: Sun, 26 Feb 2017 13:09:16 GMT
x-cdn: Incapsula
etag: "2b2-5496eab88c1ef"
strict-transport-security: max-age=0; includeSubDomains
content-type: image/svg+xml
status: 200
x-iinfo: 9-186426770-0 0CNN RT(1536750258690 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 407
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
H2 200 icomoon.ttf
www.imperva.com/blog/wp-content/themes/impervablog/fonts/ 4 KB
4 KB 16ms
15ms Font
application/font-sfnt 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/blog/wp-content/themes/impervablog/fonts/icomoon.ttf?ucf6ha

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

a06f2400feb196c5f2a59d45e62a1cfeaa4ed82341094f3e5ca5c27ec7fa86d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /blog/wp-content/themes/impervablog/fonts/icomoon.ttf?ucf6ha
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1
origin: https://www.imperva.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
:scheme: https
:method: GET
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.imperva.com/blog/wp-content/themes/impervablog/css/style.css?ver=1532254576
Origin: https://www.imperva.com

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
last-modified: Sun, 08 Jul 2018 08:37:48 GMT
x-cdn: Incapsula
etag: "fd8-57078cfccaba9"
strict-transport-security: max-age=0; includeSubDomains
content-type: application/font-sfnt
status: 200
x-iinfo: 9-186426771-0 0CNN RT(1536750258692 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=86400, public
content-length: 4056
expires: Thu, 13 Sep 2018 11:04:18 GMT

GET
S 200 sdk.js Show response
connect.facebook.net/en_US/ 238 KB
72 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d094c0d041f3abfcbcdac787eb0d71fddf78bfc600ff0f2d392b0664a5e29aa5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: OE+pXj1xUBqMtNo5nwTC+A==
status: 200
content-length: 73281
x-xss-protection: 0
x-fb-debug: VzMtS+sgFLR+ggBmngTCdh2i/69+Oh+1lETRPuG7daW4PDlAuJDPUeJ9N0djuyZJURM5qOfivIQOKGoKI/dxUQ==
x-fb-content-md5: 5a3ff8f9676764b7d8b77a8624e902a7
x-frame-options: DENY
date: Wed, 12 Sep 2018 11:04:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "44ae971e075274d8de91212200f4e3f9"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin: *
expires: Wed, 12 Sep 2018 11:13:35 GMT

GET
H/1.1 200
OK count.js Show response
imperva-blog.disqus.com/ 1 KB
1 KB 784ms
782ms Script
application/javascript 151.101.132.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva-blog.disqus.com/count.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.15

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.132.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 703237
P3P: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 28 Aug 2018 22:21:59 GMT
Server: nginx
ETag: "5b85cb07-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect

GET
H/1.1 200
OK embed.js Show response
imperva-blog.disqus.com/ 63 KB
21 KB 345ms
344ms Script
application/javascript 151.101.132.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://imperva-blog.disqus.com/embed.js

Requested by

Host: www.imperva.com
URL: https://www.imperva.com/blog/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.15

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.132.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

b6774f666e554041fab5dc4fee03bc63307160056e8de34a47ce104478a5ee3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:19 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21327

GET
H/1.1 200
OK async-buttons.js Show response
ws.sharethis.com/button/ 90 KB
19 KB 7ms
7ms Script
application/javascript 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/async-buttons.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?publisher=5c06dde6-c2f1-4b97-a18d-121fd64310d6-10exp-Y&ver=4.9.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 7dc72c99cab280cec4866890ccabfab6c7118d85022773f170575d684963e983

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
ETag: W/"5b96ef6a-1686e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=129665
Connection: keep-alive
Content-Length: 19071
Expires: Thu, 13 Sep 2018 23:05:23 GMT

GET
H2 200 _Incapsula_Resource Show response
www.imperva.com/ 110 KB
16 KB 11ms
11ms Script
application/javascript 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://www.imperva.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1302495843

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

f82c99d3ac0f4075d35242fd24f42094ec04fef0d3fdd8fb71de757a93dcd8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1302495843
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _biz_nA=1; _biz_pendingA=%5B%22m%2Fipv%3F_biz_r%3Dhttps%253A%252F%252Ft.co%252F9YB7V4F4zp%26_biz_h%3D-1906410348%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258573%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D0%26rnd%3D341450%22%5D; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1; __unam=3bf0470-165cd740a36-327e69e8-1
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
strict-transport-security: max-age=0; includeSubDomains
content-encoding: gzip
cache-control: no-cache
content-length: 16156
content-type: application/javascript

GET
S 200 ipv
cdn.bizible.com/m/ 43 B
145 B 7ms
6ms Image
image/gif 68.232.35.116
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/ipv?_biz_r=https%3A%2F%2Ft.co%2F9YB7V4F4zp&_biz_h=-1906410348&_biz_u=51b0e12dbb884dd1a6a87262d384d6a8&_biz_s=6556bb&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&_biz_t=1536750258573&_biz_i=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&_biz_n=0&rnd=341450&cdn_o=a&_biz_z=1536750258795
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.232.35.116 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A2) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
x-aspnetmvc-version: 4.0
last-modified: Tue, 11 Sep 2018 00:30:10 GMT
server: ECS (fcn/41A2)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
S 200 6931781924.js Show response
cdn.optimizely.com/js/ 470 KB
129 KB 6ms
6ms Script
text/javascript 2.19.34.83
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/6931781924.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKDMLX7

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2.19.34.83 , European Union, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a2-19-34-83.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

d11d6209fa27396401e57dde8b94d8f20672ce390cfa7f26d006fd29ba97f766

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: YqY.bKq_4yF_L_v.MuAL9aJijC2zFTsg
content-encoding: gzip
etag: "013c944f1f29931a3ba24cadc10fda88"
x-amz-request-id: 3357394805F30B73
status: 200
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=86400
vary: Accept-Encoding
content-length: 130774
x-amz-id-2: EaeoL5A7Ry7eGODCiwZMhDO4pmI7FVktjFhIgVdnzgnprnpcgXIjhAlEYAFpfNOQ2y1DJIiGzKo=
last-modified: Wed, 05 Sep 2018 20:54:21 GMT
server: AmazonS3
date: Wed, 12 Sep 2018 11:04:18 GMT
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
x-amz-meta-revision: 2150
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK portal.html
c.sharethis.mgr.consensu.org/v1.0/cmp/ Frame C84D 0
0 42ms
41ms Document
text/html 2.16.186.146
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/v1.0/cmp/portal.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?publisher=5c06dde6-c2f1-4b97-a18d-121fd64310d6-10exp-Y&ver=4.9.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.146 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-146.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: c.sharethis.mgr.consensu.org
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, POST, PUT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
ETag: W/"26b-4977387000"
Last-Modified: Tue, 01 Jan 1980 00:00:00 GMT
Vary: Accept-Encoding
Content-Length: 619
Cache-Control: public, max-age=3600
Date: Wed, 12 Sep 2018 11:04:18 GMT
Connection: keep-alive

GET
S 200 BizibleAcct.js Show response
cdn.bizible.com/ 376 B
449 B 265ms
264ms Script
text/javascript 68.232.35.116
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bizible.com/BizibleAcct.js?_biz_u=51b0e12dbb884dd1a6a87262d384d6a8&_biz_h=-1906410348&cdn_o=a&jsVer=4.18.08.30
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.232.35.116 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4c89c450a0c1ef13ef29b513b83a1892f099206b1566ab3c06e0b3d4fd95d5de

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:18 GMT
content-encoding: gzip
etag: 6C084E4E
x-aspnetmvc-version: 4.0
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: private, must-revalidate, max-age=21600
content-type: text/javascript; charset=utf-8
content-length: 320

GET
H2 200 rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame BD2E 0
0 14ms
13ms Document
text/html 147.75.80.133
Packet Host

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-316053.js?sv=5
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.80.133 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS: pkt-ams-k1-4
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

status: 200
date: Wed, 12 Sep 2018 11:04:18 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 11 Sep 2018 12:48:45 GMT
etag: W/"da10bd4908deb9e19dfde013ec3fe4ff"
cache-control: max-age=31536000
section-io-origin-status: 200
section-io-origin-time-seconds: 0.079
section-io-id: 3ac08de0e04811c0573e5f0113aa40d0
content-encoding: gzip

GET
H/1.1 200
OK buttons-secure.css
ws.sharethis.com/button/css/ 23 KB
4 KB 7ms
6ms Stylesheet
text/css 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/css/buttons-secure.css
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
Last-Modified: Mon, 10 Sep 2018 22:25:46 GMT
Server: nginx/1.12.2
ETag: W/"5b96ef6a-5a76"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Content-Length: 3851

GET
H2 200 _Incapsula_Resource
www.imperva.com/ 1 B
89 B 7ms
5ms Image
text/plain 45.60.76.225
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.imperva.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6358102474315912

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.76.225 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.6358102474315912
pragma: no-cache
cookie: visid_incap_2439=6yEqMuOxTj6d7FLAa4zOD7DymFsAAAAAQUIPAAAAAABMsfJoFLTAA586ia3Zt17u; nlbi_2439=OQa2X75gLA1EcTyACBVhmwAAAAAig15JiI8vCCJ80+zqFkWA; incap_ses_260_2439=wIuGMCTI62QG6iQmW+ubA7LymFsAAAAAynw5Ox2KZeDCD9DkSZCJNw==; isEuropeUser=true; cookieconsent_status=europe-user; _mkto_trk=id:727-WRL-406&token:_mch-imperva.com-1536750258444-13613; _bamPercentPageViewed=100%7C%7C%7Chttps%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness; _ga=GA1.2.1797104840.1536750259; _gid=GA1.2.939013663.1536750259; _gat_UA-114236658-1=1; _biz_dfsA=%5B%5D; _biz_uid=51b0e12dbb884dd1a6a87262d384d6a8; _biz_sid=6556bb; _dc_gtm_UA-2821586-1=1; _dc_gtm_UA-2821586-2=1; _biz_nA=2; _biz_flagsA=%7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%7D; _biz_pendingA=%5B%22m%2Fu%3FmapType%3Dmkto%26mapValue%3Did%253A727-WRL-406%2526token%253A_mch-imperva.com-1536750258444-13613%26_biz_u%3D51b0e12dbb884dd1a6a87262d384d6a8%26_biz_s%3D6556bb%26_biz_l%3Dhttps%253A%252F%252Fwww.imperva.com%252Fblog%252F2018%252F08%252Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%252F%253Futm_source%253DTwitter%2526utm_medium%253Dorganic_empshare%2526utm_content%253Dchrome-bug%2526utm_campaign%253D2018_q3_twitter_awareness%26_biz_t%3D1536750258797%26_biz_i%3DA%2520Bug%2520in%2520Chrome%2520Gives%2520Bad%2520Actors%2520License%2520to%2520Play%2520%25E2%2580%259820%2520Questions%25E2%2580%2599%2520with%2520Your%2520Private%2520Data%2520%25E2%2580%2593%2520Blog%2520%257C%2520Imperva%26_biz_n%3D1%26rnd%3D583625%22%5D; __unam=3bf0470-165cd740a36-327e69e8-2; ___utmvc=vgwll7vAdF13iPK+J+2n0iG+2B230cJsy+grsfPTOCQMLaFwo4m0vaQIc+4+bs3T2MVNgZfMZjH/EckE2n8rV2yKmNfUSOX32vHW4nVP3004iM0kBBx6LXvUpBEdl5XB2HqGzAvsF6J2E02gKf9JneUucCEg5eQAMg73H7MGENBd5nzZ/RP+YlLz5DXfSGy4vFxWVSB8sO15lnoWORJHSKYuI4ZkQjQkcaKkGC4T/L0x13M2szdAipxoTiOFlAmpn81aWaBtTf7OKikoKkKbfgWcER7CA29pbNI+mzYX+EN08tm0WlALV1KQ+L832N7hX5SS40ldXK0dpqjFf4fOAZCq3GMYer0Sl2WTgzgLnaKIpVeAq0tFvDvji8l4ExoIktKyWNp77THJOXmaVEc8JmfMXVmQFx+IB73NdlmNbHgRequhCTY+LLVL6D+jWbv5axST+Tykee43GlVeuiiBtix+fQ5MMhAgFgkl/fuwagwFq89tT9IISS9OJWYh+vBR49VYSFzGebK4hIPUgTIHz+oQ3YsXBs+YFFc67nP4GtPhapoev3PF2a1dnYnIzbiEJmMVlyqLYuKfnVYZfcXg0jhOcTmq9vfnphheO8Lt7CiFmXik4nNxmBhR+4Mi0Av/XNroubtllFMf6R5fkB2gSZ+kQ366DvGjISTciL//WfE/X8vNiuY/juNQqA782YI1i5RI8sREBywvtZuJGkqFkA7xd+5Y5ACKPlr81v6NrjiqpIrnd/bPbBg59GBDtKjOLD+N5yWhhtGtT4EC40NFAEEYX5FR2AmH5d81wiy93uTif02xf94iY8tsfj8fb8Dx9sZ+qzVLU9t6kV7bxk3Yi3Wn4aAJ4ys3pzcrVjaDK+A3NoH46Ndg8VjxGa0bq7rHpuK03S4Ey6DRZH4QH1AlkgO7Wq/v+MbGqZh0HiPqCxKRpwnvHKYCxkyUxnLZIIzGB+/M7Kr1sP7/vBvoSW0NchZl3WiX8IcZfJ73b4R0Ta6pa1a/qRy7GEbXoP8jlq9u6CC55rCTLM04gypMNbkUm8kFZWvTpKMftAsplyp8qXI5BU0wbH7kdnO3c6b79TkMr2Ly7SHhVreH26HgBbFyf0SSEsIOKrLVHIE6LkKR6MSXDH4QwNCOOMTCh7PpXPfBp8Ll1P+XqRZikctLmPAgZRBAppOX/a/LLGRpZ2VzdD04NjkzMSxzPTg0NmU3YjY5ODE4NDdmYTg2Mjk5NzE4MTliOWU5YWFiOGE4Nzk2N2Q3ZTdkYTQ5ZDljOTE2YzZjNzU5ZmIyODY3MDk1NjZhYzc5N2E3MDZl
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: www.imperva.com
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
:scheme: https
:method: GET
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
strict-transport-security: max-age=0; includeSubDomains
cache-control: no-cache
set-cookie: ___utmvc=a; Max-Age=0; path=/; expires=Thu, 06 Sep 2018 06:52:10 GMT
content-length: 1
content-type: text/plain

GET
H/1.1 200
OK linkedin_32.png
ws.sharethis.com/images/2017/ 1 KB
1 KB 7ms
6ms Image
image/png 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/linkedin_32.png
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Server: nginx/1.12.2
ETag: "5b96ef2f-4c9"
Content-Type: image/png
Cache-Control: max-age=31406724
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1225
Expires: Tue, 10 Sep 2019 23:09:42 GMT

GET
H/1.1 200
OK facebook_32.png
ws.sharethis.com/images/2017/ 1 KB
1 KB 7ms
6ms Image
image/png 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/facebook_32.png
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Server: nginx/1.12.2
ETag: "5b96ef2f-497"
Content-Type: image/png
Cache-Control: max-age=31406532
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1175
Expires: Tue, 10 Sep 2019 23:06:30 GMT

GET
H/1.1 200
OK twitter_32.png
ws.sharethis.com/images/2017/ 1 KB
2 KB 13ms
6ms Image
image/png 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ws.sharethis.com/images/2017/twitter_32.png
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Server: nginx/1.12.2
ETag: "5b96ef2f-53a"
Content-Type: image/png
Cache-Control: max-age=31406532
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1338
Expires: Tue, 10 Sep 2019 23:06:30 GMT

GET
H/1.1

301
Moved Permanently

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&fpc=3bf0470-165cd740a36-327e69e8-1&sessionID=1536750258742.84226&hostname=www.imperva.com&location=%2Fblog%2F2018%2F08%2Fa-bug-i...
https://l.sharethis.com/sc?cm=ZGAPGFuY8rIAAAATFQj7Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-pr...

0
-1 B

29ms
7ms

XHR
text/html

18.196.44.49
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=ZGAPGFuY8rIAAAATFQj7Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.44.49 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-44-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Access-Control-Allow-Origin: https://www.imperva.com
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=ZGAPGFuY8rIAAAATFQj7Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: *
Content-Length: 230
Stid: ZGAPGFuY8rIAAAATFQj7Aw==

Redirect headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Access-Control-Allow-Origin: https://www.imperva.com
Access-Control-Max-Age: 1728000
P3p: policyref="/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT DEM"
Location: /sc?cm=ZGAPGFuY8rIAAAATFQj7Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: *
Content-Length: 230
Stid: ZGAPGFuY8rIAAAATFQj7Aw==

GET
S 200 u
cdn.bizible.com/m/ 43 B
80 B 7ms
6ms Image
image/gif 68.232.35.116
MCI Communication...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bizible.com/m/u?mapType=mkto&mapValue=id%3A727-WRL-406%26token%3A_mch-imperva.com-1536750258444-13613&_biz_u=51b0e12dbb884dd1a6a87262d384d6a8&_biz_s=6556bb&_biz_l=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&_biz_t=1536750258797&_biz_i=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data%20%E2%80%93%20Blog%20%7C%20Imperva&_biz_n=1&rnd=583625&cdn_o=a&_biz_z=1536750258911
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 68.232.35.116 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DD) / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:18 GMT
x-aspnetmvc-version: 4.0
last-modified: Tue, 11 Sep 2018 01:53:09 GMT
server: ECS (fcn/40DD)
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-cache: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status: 200
cache-control: no-cache, no-store
accept-ranges: bytes
content-type: Image/GIF
content-length: 43
expires: -1

GET
H/1.1 200
OK sc Show response
l.sharethis.com/ 51 B
473 B 8ms
8ms XHR
text/plain 18.196.44.49
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/sc?cm=ZGAPGFuY8rIAAAATFQj7Aw%3D%3D&uid=true&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F
Requested by: Host: www.imperva.com
URL: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.44.49 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-44-49.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 746446302c91af32bf0f87d73081bc72071ad7bc5794c176f2c84a671db3c4da

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Origin: https://www.imperva.com
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.imperva.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZGAPGFuY8rIAAAATFQj7Aw==
Access-Control-Allow-Headers: *
Content-Length: 51

GET
H2 200 kO5a7GzG6AF.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame A0AA 0
0 8ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/kO5a7GzG6AF.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/kO5a7GzG6AF.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
accept-encoding: gzip, deflate
cookie: fr=0No17pWYLfF3rwYrt..BbmPKy...1.0.BbmPKy.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

status: 200
expires: Sat, 07 Sep 2019 22:07:18 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: /RjUCdcELFeIKy2AM81VII+lyaYAtZbydDiZyvBgOAJA5rrkNYvtLB13UZeikm5vGz0eAR7+GuyAKsqQ7r0a0w==
content-length: 13884
date: Wed, 12 Sep 2018 11:04:18 GMT

GET
H/1.1 200
OK p.js Show response
ws.sharethis.com/button/ 3 KB
1 KB 9ms
7ms Script
application/javascript 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/button/p.js
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/buttons.js?publisher=5c06dde6-c2f1-4b97-a18d-121fd64310d6-10exp-Y&ver=4.9.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash: 97875e1cc37494327341a6d4444231a16127ab958907b9e879a87eb99808c7a0

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:18 GMT
Content-Encoding: gzip
Server: nginx/1.12.2
ETag: W/"5b96ef36-bc6"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=129712
Connection: keep-alive
Content-Length: 1182
Expires: Thu, 13 Sep 2018 23:06:10 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/d/ Frame 24A1 1 KB
1 KB 7ms
7ms Script
application/javascript 172.227.88.206
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/d/t.dhj?rnd=1536750259005&cid=c010&dmn=www.imperva.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

172.227.88.206 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a172-227-88-206.deploy.static.akamaitechnologies.com

Software

Resource Hash

f119fbc1c0db1af2c2ac6ef255d0abfee4184a8f71e7f52e1fb10ee12415e3fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Cache-Control: private, max-age=3600
Connection: keep-alive
Content-Type: application/javascript
Content-Length: 941
Expires: Wed, 12 Sep 2018 12:04:19 GMT

GET
H/1.1 200
OK forms2.css
app-ab13.marketo.com/js/forms2/css/ 13 KB
3 KB 7ms
7ms Stylesheet
text/css 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/js/forms2/css/forms2.css

Requested by

Host: app-ab13.marketo.com
URL: https://app-ab13.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Apr 2017 19:34:58 GMT
Server: Apache
ETag: "56080d-33f8-54c98b884bc80"
Vary: Accept-Encoding
Content-Type: text/css
Date: Wed, 12 Sep 2018 11:04:19 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2610

GET
H/1.1 200
OK forms2-theme-simple.css
app-ab13.marketo.com/js/forms2/css/ 826 B
610 B 64ms
64ms Stylesheet
text/css 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/js/forms2/css/forms2-theme-simple.css

Requested by

Host: app-ab13.marketo.com
URL: https://app-ab13.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Apr 2017 19:34:58 GMT
Server: Apache
ETag: "560809-33a-54c98b884bc80"
Vary: Accept-Encoding
Content-Type: text/css
Date: Wed, 12 Sep 2018 11:04:19 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 242

GET
H/1.1 200
OK t_.htm
t.sharethis.com/a/ Frame 1407 0
0 10ms
9ms Document
text/html 172.227.88.206
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://t.sharethis.com/a/t_.htm?ver=0.190.7544&cid=c010
Requested by: Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?rnd=1536750259005&cid=c010&dmn=www.imperva.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.88.206 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-88-206.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Host: t.sharethis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Accept-Encoding: gzip, deflate
Cookie: __stid=ZGAPGFuY8rIAAAATFQj7Aw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 783
Cache-Control: max-age=604800
Expires: Wed, 19 Sep 2018 11:04:19 GMT
Date: Wed, 12 Sep 2018 11:04:19 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="DSP LAW NID OUR DEL SAM BUS UNI PUR COM NAV INT STA PRE LOC OTC"
Content-Type: text/html

GET
S 200 lounge.04dd90af7bc65bdd97911fd885cc83a9.css
c.disquscdn.com/next/embed/styles/ 101 KB
19 KB 14ms
13ms Stylesheet
text/css 2400:cb00:2048:1::6810:4da6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.04dd90af7bc65bdd97911fd885cc83a9.css

Requested by

Host: imperva-blog.disqus.com
URL: https://imperva-blog.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4da6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7da66411c51d88cb1c03404ef780efad6c6039e0ea6dcb8abe2387ef70d8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 19408
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 06 Sep 2018 23:37:57 GMT
server: cloudflare
fastly-debug-digest: fdfcbaf00c2d545ad101d50e2d5f40b2baf73c55570688955f0e7e0f8bdf1992
etag: "5b91ba55-4bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 4591e47f4d50bef8-FRA
expires: Fri, 06 Sep 2019 23:47:36 GMT

GET
S 200 common.bundle.e9b4803ecd9f11a1b0b249822211345c.js Show response
c.disquscdn.com/next/embed/ 242 KB
81 KB 14ms
13ms Script
application/javascript 2400:cb00:2048:1::6810:4da6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e9b4803ecd9f11a1b0b249822211345c.js

Requested by

Host: imperva-blog.disqus.com
URL: https://imperva-blog.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4da6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

997005d856e74947bab4d435133e50e9ff714f8730617db97866509cdb1e9dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 82675
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 21 Aug 2018 21:49:49 GMT
server: cloudflare
fastly-debug-digest: 9572d16bc232b9175ba9b6d4512c8d3e6297458756c2d2578c7ee9bb4910fb18
etag: "5b7c88fd-142f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 4591e47f4d52bef8-FRA
expires: Thu, 22 Aug 2019 20:50:36 GMT

GET
S 200 lounge.bundle.86cf813e6fb8f13e8ca67e44da312a70.js Show response
c.disquscdn.com/next/embed/ 361 KB
94 KB 12ms
11ms Script
application/javascript 2400:cb00:2048:1::6810:4da6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.86cf813e6fb8f13e8ca67e44da312a70.js

Requested by

Host: imperva-blog.disqus.com
URL: https://imperva-blog.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4da6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6f9e75b974e540bb1370a2b7d32b29758eeead0b4fed33c62c3bd6bfba6bc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 95854
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 10 Sep 2018 20:40:33 GMT
server: cloudflare
fastly-debug-digest: f707ab22247b7c33b1cb6218b7769ec8ca8afebd6f63f8e557ba6b3813e42d4c
etag: "5b96d6c1-1766e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 4591e47f4d53bef8-FRA
expires: Wed, 11 Sep 2019 00:04:12 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ 5 KB
3 KB 6ms
5ms Script
application/javascript 151.101.0.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: imperva-blog.disqus.com
URL: https://imperva-blog.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

322cd98e151b214efe4bd13513e8425ac7de389d38c32af8fe8a7f07101a372e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 28
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2347
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

GET
H/1.1 200
OK Cookie set XDFrame
app-ab13.marketo.com/index.php/form/ Frame CE6D 0
0 272ms
271ms Document
text/html 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/index.php/form/XDFrame

Requested by

Host: app-ab13.marketo.com
URL: https://app-ab13.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Host: app-ab13.marketo.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

Server: Apache
Strict-Transport-Security: max-age=63113904
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 636
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Sep 2018 11:04:19 GMT
Connection: keep-alive
Set-Cookie: BIGipServerab13web-app_https=!AdOJ7KaY1HFoVJ1ybf/nLIVwOTHiDlTYrCMBz/+FWHc/OrN6xg36JgRN5aPYnxeGDfgsD9J1MXmYEg==;Path=/;Version=1;Secure;Httponly

POST
H2 200 /
www.facebook.com/tr/ Frame 23FB 0
0 7ms
6ms Document
text/plain 2a03:2880:f11c:8186:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to

Full URL: https://www.facebook.com/tr/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KF4BJ8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2227
pragma: no-cache
cache-control: no-cache
origin: https://www.imperva.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
accept-encoding: gzip, deflate
Origin: https://www.imperva.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

status: 200
content-type: text/plain
content-length: 0
server: proxygen-bolt
date: Wed, 12 Sep 2018 11:04:19 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 01F6 0
0 150ms
148ms Document
text/html 151.101.0.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=imperva-blog&t_i=5487%20https%3A%2F%2Fwww.imperva.com%2Fblog%2F%3Fp%3D5487&t_u=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F&t_e=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data&t_d=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data&t_t=A%20Bug%20in%20Chrome%20Gives%20Bad%20Actors%20License%20to%20Play%20%E2%80%9820%20Questions%E2%80%99%20with%20Your%20Private%20Data&s_o=default

Requested by

Host: imperva-blog.disqus.com
URL: https://imperva-blog.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Thu, 23 Aug 2018 08:06:21 GMT
ETag: W/"lounge:view:6855142465.a1aec7b64b853fb2c34282cf5a855bb7.2"
Content-Encoding: gzip
Content-Length: 2678
Date: Wed, 12 Sep 2018 11:04:19 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

OPTIONS
H/1.1 200
OK log Show response
errors.client.optimizely.com/ 13 B
407 B 391ms
97ms XHR
text/plain 52.21.153.156
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.153.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-153-156.compute-1.amazonaws.com
Software: /
Resource Hash: 16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method: POST
Origin: https://www.imperva.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Wed, 12 Sep 2018 11:04:19 GMT
Allow: POST,OPTIONS
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.imperva.com
Access-Control-Max-Age: 1800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Accept,Origin
Content-Length: 13

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=528137853&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questio...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_gid=1565658761.1536750260&gjid=2093913811&_v=j68&z=645344834
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_v=j68&z=645344834
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_v=j68&z=645344834&slf_rd=1&random=3140248394

42 B
109 B

67ms
66ms

Image
image/gif

2a00:1450:4011:804::101f
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_v=j68&z=645344834&slf_rd=1&random=3140248394

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4011:804::101f , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 12 Sep 2018 11:04:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2821586-1&cid=1975724634.1536750260&jid=817486945&_v=j68&z=645344834&slf_rd=1&random=3140248394
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 alfie.f51946af45e0b561c60f768335c9eb79.js Show response
c.disquscdn.com/next/embed/ 19 KB
7 KB 9ms
9ms Script
application/javascript 2400:cb00:2048:1::6810:4da6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/alfie.f51946af45e0b561c60f768335c9eb79.js

Requested by

Host: imperva-blog.disqus.com
URL: https://imperva-blog.disqus.com/embed.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2400:cb00:2048:1::6810:4da6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 12 Sep 2018 11:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 6605
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Thu, 28 Sep 2017 17:39:26 GMT
server: cloudflare
fastly-debug-digest: baac760ca1e6f62ea6380d62d4f07b5dfbb97755c19df0448623d4ede950e2e4
etag: "59cd33ce-19cd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-ray: 4591e482487dbef8-FRA
expires: Sat, 29 Sep 2018 08:22:16 GMT

GET
H/1.1 200
OK ping Show response
links.services.disqus.com/api/ 295 B
920 B 102ms
101ms XHR
text/javascript 151.101.132.64
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://links.services.disqus.com/api/ping?format=jsonp&key=cfdfcf52dffd0a702a61bad27507376d&loc=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&subId=4934396&v=1&jsonp=vglnk_jsonp_15367502595800
Requested by: Host: cdn.bizible.com
URL: https://cdn.bizible.com/scripts/bizible.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.132.64 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 233a44b5ccf10ed78f8c578a37a74b8841d4657b8dd28b204ce1eb4027ea016b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Origin: https://www.imperva.com

Response headers

Pragma: no-cache
Date: Wed, 12 Sep 2018 11:04:19 GMT
Server: Apache-Coyote/1.1
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin: https://www.imperva.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Content-Length: 295
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content log Show response
errors.client.optimizely.com/ 0
241 B 100ms
100ms XHR
text/plain 52.21.153.156
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://errors.client.optimizely.com/log
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.153.156 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-21-153-156.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Origin: https://www.imperva.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://www.imperva.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials: true
Connection: keep-alive
Date: Wed, 12 Sep 2018 11:04:19 GMT
Content-Type: text/plain

GET
H/1.1 200
OK mainflamejs Show response
prod.trendemon.com/apis/loadflame/ 208 KB
57 KB 443ms
125ms Script
application/x-javascript 52.3.187.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1845&uid=1864&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748
Requested by: Host: t.co
URL: https://t.co/9YB7V4F4zp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.187.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-187-150.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: a01ad6798ce69184226e8ab2630f1eea15c826bf3bcd928393d62bf34241f4fb

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:20 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 57308
Expires: Thu, 13 Sep 2018 11:04:20 GMT

GET
H/1.1 200
OK index.html
ws.sharethis.com/secure5x/ Frame F0B4 0
0 7ms
7ms Document
text/html 172.227.102.19
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ws.sharethis.com/secure5x/index.html
Requested by: Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.227.102.19 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a172-227-102-19.deploy.static.akamaitechnologies.com
Software: nginx/1.12.2 /
Resource Hash

Request headers

Host: ws.sharethis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 2C46A6FB42FEAA216EF1AAD4F2AC991F
Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness

Response headers

Content-Encoding: gzip
Content-Type: text/html
ETag: W/"5b96ef6a-3984"
Last-Modified: Mon, 10 Sep 2018 22:25:46 GMT
Server: nginx/1.12.2
Vary: Accept-Encoding
Content-Length: 4117
Date: Wed, 12 Sep 2018 11:04:20 GMT
Connection: keep-alive

GET
H/1.1 200
OK / Show response
prod.trendemon.com/apis/loadflame/isused/ 1 KB
2 KB 173ms
172ms Script
application/x-javascript 52.3.187.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.trendemon.com/apis/loadflame/isused/?previewmode=0&uid=1864&aid=1845&cid=15367502606716700&sid=15367502606716702&cl_url=aHR0cHMlM0EvL3d3dy5pbXBlcnZhLmNvbS9ibG9nLzIwMTgvMDgvYS1idWctaW4tY2hyb21lLWdpdmVzLWJhZC1hY3RvcnMtbGljZW5zZS10by1wbGF5LTIwLXF1ZXN0aW9ucy13aXRoLXlvdXItcHJpdmF0ZS1kYXRhLyUzRnV0bV9zb3VyY2UlM0RUd2l0dGVyJTI2dXRtX21lZGl1bSUzRG9yZ2FuaWNfZW1wc2hhcmUlMjZ1dG1fY29udGVudCUzRGNocm9tZS1idWclMjZ1dG1fY2FtcGFpZ24lM0QyMDE4X3EzX3R3aXR0ZXJfYXdhcmVuZXNz&reffer=aHR0cHM6Ly90LmNvLzlZQjdWNEY0enA=&trdflame=jsonp793660
Requested by: Host: prod.trendemon.com
URL: https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1845&uid=1864&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.187.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-187-150.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: 3e92fa56fb2e7032c6a3ba8d7c84e847868caf292859cf185b3884a632c547b9

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 12 Sep 2018 11:04:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Sep 2018 11:04:20 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 758
Expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK 1864
prod.trendemon.com/apis/loadflame/flamecss/1845/ 10 KB
3 KB 144ms
143ms Stylesheet
text/css 52.3.187.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.trendemon.com/apis/loadflame/flamecss/1845/1864?agent=desktop
Requested by: Host: prod.trendemon.com
URL: https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1845&uid=1864&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.187.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-187-150.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: 7df10bfdb7b9bd4b92822f0e385f3595f24ccc322aeda1c5dbd564d42cad3a05

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:20 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 2579
Expires: Thu, 13 Sep 2018 11:04:20 GMT

GET
H/1.1 200
OK / Show response
prod.trendemon.com/apis/responsiveshow/ 9 KB
2 KB 278ms
137ms Script
application/x-javascript 52.3.187.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.trendemon.com/apis/responsiveshow/?previewmode=0&aid=1845&uid=1864&restricted=&cl_url=https%3A//www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/%3Futm_source%3DTwitter%26utm_medium%3Dorganic_empshare%26utm_content%3Dchrome-bug%26utm_campaign%3D2018_q3_twitter_awareness&callback=callback_json1
Requested by: Host: prod.trendemon.com
URL: https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1845&uid=1864&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.187.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-187-150.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: ad9cdd259e4e6669d5549b50500cd89d74f5c0beb04d1126a11fbbad5643a2d3

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:21 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 1860
Expires: Thu, 13 Sep 2018 11:04:21 GMT

GET
H/1.1 200
OK / Show response
prod.trendemon.com/apis/exitintent/load/ 187 KB
62 KB 445ms
225ms Script
application/x-javascript 52.3.187.150
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.trendemon.com/apis/exitintent/load/?aid=1845&uid=1864&client_url=aHR0cHMlM0EvL3d3dy5pbXBlcnZhLmNvbS9ibG9nLzIwMTgvMDgvYS1idWctaW4tY2hyb21lLWdpdmVzLWJhZC1hY3RvcnMtbGljZW5zZS10by1wbGF5LTIwLXF1ZXN0aW9ucy13aXRoLXlvdXItcHJpdmF0ZS1kYXRhLyUzRnV0bV9zb3VyY2UlM0RUd2l0dGVyJTI2dXRtX21lZGl1bSUzRG9yZ2FuaWNfZW1wc2hhcmUlMjZ1dG1fY29udGVudCUzRGNocm9tZS1idWclMjZ1dG1fY2FtcGFpZ24lM0QyMDE4X3EzX3R3aXR0ZXJfYXdhcmVuZXNz&uuid=1536750260852851&firstvisittime=1536750261&converted_cook=0&client_cookie=X2Jpel9mbGFnc0E9JTdCJTIyVmVyc2lvbiUyMiUzQTElMkMlMjJNa3RvJTIyJTNBJTIyMSUyMiUyQyUyMlhEb21haW4lMjIlM0ElMjIxJTIyJTdEOyBfZ2E9R0ExLjIuMTk3NTcyNDYzNC4xNTM2NzUwMjYwOyBfZ2lkPUdBMS4yLjE1NjU2NTg3NjEuMTUzNjc1MDI2MDsgX2dhdF9VQS0yODIxNTg2LTE9MTsgdHJkX3B3PTE7IHRyZF9wd3M9MTsgdHJkX2NpZD0xNTM2NzUwMjYwNjcxNjcwMDsgdHJkX3NpZD0xNTM2NzUwMjYwNjcxNjcwMjsgdHJkX3Rhc2tyZXN0cmljdGVkPTsgdHJkX2ZpcnN0X3Zpc2l0PTE1MzY3NTAyNjE7IHRyZF9yZWZlcnJhbD10d2l0dGVyLmNvbTsgdHJkX3V0bWNhbXBhaWduPTIwMThfcTNfdHdpdHRlcl9hd2FyZW5lc3M7IHRyZF91dG1zb3VyY2U9VHdpdHRlcjsgdHJkX2V4aXRpbnRlbnRjbGllbnQ9MTUzNjc1MDI2MDg1Mjg1MQ==&restricted=&os=desktop&callback=jQuery19101676134623320411_1536750260673&_=1536750260674
Requested by: Host: prod.trendemon.com
URL: https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1845&uid=1864&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.187.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-187-150.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.14
Resource Hash: 4809d92a1dbf0e0afb94faf1f11a8df0c162e8b8b511ca14f767e13fb362bf85

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:21 GMT
Content-Encoding: gzip
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.14
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/x-javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Expires: Thu, 13 Sep 2018 11:04:21 GMT

GET
S 200 css
fonts.googleapis.com/ 2 KB
654 B 18ms
17ms Stylesheet
text/css 2a00:1450:4013:c00::5f
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic-ext

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4013:c00::5f , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=86400
content-encoding: gzip
last-modified: Wed, 12 Sep 2018 11:04:20 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 12 Sep 2018 11:04:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection: 1; mode=block
expires: Wed, 12 Sep 2018 11:04:20 GMT

GET
S 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans&subset=latin,cyrillic-ext
Origin: https://www.imperva.com

Response headers

date: Sat, 25 Aug 2018 10:00:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 1559033
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sun, 25 Aug 2019 10:00:28 GMT

GET
H/1.1 200
OK forms2.min.js Show response
app-ab13.marketo.com/js/forms2/js/ 169 KB
58 KB 255ms
254ms Script
application/x-javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/js/forms2/js/forms2.min.js?_=1536750260675

Requested by

Host: prod.trendemon.com
URL: https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1845&uid=1864&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

fbf63674053e3b35a34473fc7568df63730cb5e71f7e81aa8432e75374c758a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 18 Jun 2018 17:51:59 GMT
Server: Apache
ETag: "1840f31-2a214-56eee38df8dc0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Date: Wed, 12 Sep 2018 11:04:21 GMT
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Transfer-Encoding: chunked

GET
H/1.1 200
OK getForm Show response
app-ab13.marketo.com/index.php/form/ 8 KB
8 KB 296ms
296ms Script
application/javascript 104.111.239.158
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://app-ab13.marketo.com/index.php/form/getForm?munchkinId=727-WRL-406&form=2470&url=https%3A%2F%2Fwww.imperva.com%2Fblog%2F2018%2F08%2Fa-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data%2F&callback=jQuery112406056166267576675_1536750258694&_=1536750258696

Requested by

Host: app-ab13.marketo.com
URL: https://app-ab13.marketo.com/js/forms2/js/forms2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.239.158 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-239-158.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0eb34e7985558a2643613a28f2c79ebb9a8b42518fe4e3cfd3bf7060a3fdf5ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63113904
X-Content-Type-Options: nosniff
Server: Apache
Connection: keep-alive
Date: Wed, 12 Sep 2018 11:04:21 GMT
Content-Length: 8126
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK closex.png
prod.trendemon.com/images/ 582 B
1 KB 102ms
102ms Image
image/png 52.3.187.150
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.trendemon.com/images/closex.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.187.150 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-3-187-150.compute-1.amazonaws.com
Software: Apache/2.4.7 (Ubuntu) /
Resource Hash: 15b8e27260776e357fccc4e98e83718d5aa6fcd60b85f4dc214d24aa5364ff30

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 12 Sep 2018 11:04:21 GMT
Last-Modified: Wed, 30 Mar 2016 12:29:07 GMT
Server: Apache/2.4.7 (Ubuntu)
ETag: "246-52f434acf965c"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 582
Expires: Fri, 12 Oct 2018 11:04:21 GMT

GET
H/1.1 200
OK 78e65cd3040c94c95cd8a7152f4934c6.png
d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/ 111 KB
112 KB 31ms
9ms Image
image/png 54.192.94.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/78e65cd3040c94c95cd8a7152f4934c6.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.94.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-29.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a14a6ee27d904f3002f895ab4df9e713f1266f742902627206c10648c3c82859

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
Date: Mon, 03 Sep 2018 15:02:30 GMT
Via: 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront)
Last-Modified: Mon, 03 Sep 2018 13:16:40 GMT
Server: AmazonS3
Age: 763312
ETag: "5d79cf4e65ba54300be8f3605a950388"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114112
X-Amz-Cf-Id: sObYNr9qdoXMaiKNZYaNYK6D3C9zSuQznMIziP_pjktDPTwagHhY1g==
Expires: Sun, 03 Sep 2028 13:18:12 GMT

GET
H/1.1 200
OK bTSdYq2IotriuUf.jpg
d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/ 43 KB
43 KB 10ms
9ms Image
image/jpeg 54.192.94.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/bTSdYq2IotriuUf.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.94.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-29.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e30f79ee6a1e1765e46d1273d80dde749669ed6c4ee4d6db20395beed61b6ecc

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 08 Sep 2018 04:50:32 GMT
Via: 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront)
Last-Modified: Tue, 04 Sep 2018 03:05:43 GMT
Server: AmazonS3
Age: 368030
ETag: "5c5d23ecff7c89a42cf445ed573f5e93"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44034
X-Amz-Cf-Id: eFQFgVijg4bqmBse9LwnGnJJfGAfWINTMy-F854MJDW2WMtAQx22jg==
Expires: Sat, 07 Aug 2027 06:53:04 GMT

GET
H/1.1 200
OK p5ez1QBqU0skXwC.jpg
d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/ 35 KB
36 KB 19ms
8ms Image
image/jpeg 54.192.94.29
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/p5ez1QBqU0skXwC.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.94.29 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-29.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0679c25f463dfc941ba71ec1bb7334b3fff2a36c203c4b738103c0d892819ef4

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sat, 16 Dec 2017 12:15:12 GMT
Via: 1.1 281d5965f165d7acaf2c52921da12d67.cloudfront.net (CloudFront)
Last-Modified: Sun, 10 Dec 2017 13:46:18 GMT
Server: AmazonS3
Age: 23323750
ETag: "69a330006c27fde66858c8f877274af2"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35940
X-Amz-Cf-Id: Fvc9J6LrG0sIPGxrrUDAbEe7TFQUD-ttcK4ZNWHUBLEtPV0muvGODw==
Expires: Sat, 07 Aug 2027 06:53:55 GMT

GET
H/1.1 200
OK 9N0yXJVzQ3KMOMs.jpg
d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/ 29 KB
30 KB 23ms
10ms Image
image/jpeg 54.192.94.171
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1ysmqklpsb9ih.cloudfront.net/tasks_logo/1864/9N0yXJVzQ3KMOMs.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.192.94.171 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-192-94-171.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e88105a8a37afb7f1e28571ffecdd70a4a6b5061fecd42fa26c257eb660c3116

Request headers

Referer: https://www.imperva.com/blog/2018/08/a-bug-in-chrome-gives-bad-actors-license-to-play-20-questions-with-your-private-data/?utm_source=Twitter&utm_medium=organic_empshare&utm_content=chrome-bug&utm_campaign=2018_q3_twitter_awareness
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 06 Mar 2018 07:27:09 GMT
Via: 1.1 9f37c8b999ae2d6018396fda48773445.cloudfront.net (CloudFront)
Last-Modified: Tue, 06 Mar 2018 03:35:15 GMT
Server: AmazonS3
Age: 16429033
ETag: "6644321af238ce9f4e7696db6ed6a091"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29736
X-Amz-Cf-Id: Uue74qfpVKulG2o19IVl2QyIl2X0QNQVW9PemAWvj6dg86LmMW01lw==
Expires: Sun, 05 Sep 2027 13:23:44 GMT

Verdicts & Comments Add Verdict or Comment

202 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
app-ab13.marketo.com/	1969-12-31 23:59:59	Name: BIGipServerab13web-app_https Value: !AdOJ7KaY1HFoVJ1ybf/nLIVwOTHiDlTYrCMBz/+FWHc/OrN6xg36JgRN5aPYnxeGDfgsD9J1MXmYEg==
.imperva.com/	1970-01-18 18:52:30	Name: _gat_UA-2821586-1 Value: 1
.imperva.com/	1970-01-18 18:53:56	Name: _gid Value: GA1.2.1565658761.1536750260
.imperva.com/	1970-01-19 12:23:42	Name: _ga Value: GA1.2.1975724634.1536750260
.imperva.com/	1970-01-19 03:38:06	Name: _biz_flagsA Value: %7B%22Version%22%3A1%2C%22Mkto%22%3A%221%22%2C%22XDomain%22%3A%221%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

727-wrl-406.mktoresp.com
app-ab13.marketo.com
bit.ly
c.disquscdn.com
c.sharethis.mgr.consensu.org
cdn.bizible.com
cdn.optimizely.com
connect.facebook.net
d1ysmqklpsb9ih.cloudfront.net
disqus.com
errors.client.optimizely.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imperva-blog.disqus.com
l.sharethis.com
links.services.disqus.com
munchkin.marketo.net
prod.trendemon.com
script.hotjar.com
servedby.flashtalking.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
t.sharethis.com
vars.hotjar.com
ws.sharethis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imperva.com
104.111.239.158
104.111.242.254
104.244.42.133
147.75.80.133
151.101.0.134
151.101.132.134
151.101.132.64
172.227.102.19
172.227.88.206
18.196.44.49
199.15.212.238
2.16.186.146
2.19.34.83
205.185.216.42
216.58.205.226
2400:cb00:2048:1::6810:4da6
2a00:1450:4001:818::2003
2a00:1450:4001:818::200e
2a00:1450:4001:819::2002
2a00:1450:4001:81f::2004
2a00:1450:4001:81f::2008
2a00:1450:400c:c0c::9b
2a00:1450:4011:804::101f
2a00:1450:4013:c00::5f
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
45.60.76.225
52.21.153.156
52.3.187.150
54.192.94.171
54.192.94.29
67.199.248.10
68.232.35.116
03cf15cbd2f66f12860a1560b131cf132d883b0bfabbbda7aa3d0d7a33f8ac60
064f39d59581e2a073f8a762c5853fcebea8bae6602a83299f75fd911ef0ba3b
0679c25f463dfc941ba71ec1bb7334b3fff2a36c203c4b738103c0d892819ef4
0eb34e7985558a2643613a28f2c79ebb9a8b42518fe4e3cfd3bf7060a3fdf5ee
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1210b2986220f5f6e6f416d87911e6655eed292f81a8219d8506f57c5d4353a3
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
15b8e27260776e357fccc4e98e83718d5aa6fcd60b85f4dc214d24aa5364ff30
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
19f8302b428c9cfdaf4d32a17f07c71eb8c3b08eec5151f81bddb3892df15504
1b00a109efa27819449f08da220246851dfc2948f485d92b31581a85a4db0150
1e36067ffbde51faec89f96ebe1fd08513be4a97d109cc8130dcdc9cf3f4590d
233a44b5ccf10ed78f8c578a37a74b8841d4657b8dd28b204ce1eb4027ea016b
24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4
2556fae4a0db89c06ab0927fe7f9338ad9d7662f1fd64973560f0476c25b8121
27f953f2eef013de7b6bd86c038610b529793f7609f7a1f55738be854322b196
28393630021b9180e7c1db5f4c18d4f028e11c5a25147e1444fd48157eaacf99
2dfc25db166fb3c0d6c24de2f24ca1b03e27f6b40372ed8a0ccf865840af6db0
322cd98e151b214efe4bd13513e8425ac7de389d38c32af8fe8a7f07101a372e
336ec73f667d7e9f663aad1a2cb1f1449c123e961158e7eb78b9fceca1ef7317
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
35a646d089a4456a712c4fadb01fa732ba2ffdecfaf3f1b8bfc6e2ec0d556feb
37b09e2aca5b738081f22e8ad718bd9590a753e5952c76728d2988ca6fd7ff3c
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
397d07fbfb19b6ac538d7b8bcdf5ebf7be881c9f9ad3982278d9d4f3a02c160b
3a80a5153b59eec73428e92eb3f328b835484e800ccd1579064e0ee99afa7111
3d65f9e788f7ef78d0e1e40bdce42caf85b1c2b18d8eb1ecc358b113d01265d6
3e92fa56fb2e7032c6a3ba8d7c84e847868caf292859cf185b3884a632c547b9
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
40f82839b4de554d6f6d0c5e2dc070abe7abca6aa163382118a216e5ebfe606d
452347f454d69db6f89243881b1661d05167295f3ea83adb8ce8060aba1aaad4
4809d92a1dbf0e0afb94faf1f11a8df0c162e8b8b511ca14f767e13fb362bf85
4ad6e57e866d5f6860048125dfd308878b9dabf1acf90484264243f66054204e
4c89c450a0c1ef13ef29b513b83a1892f099206b1566ab3c06e0b3d4fd95d5de
4eec2d8fde91d4282f4787dbcee682982f4527dbca6a62283552b6f3cfde9b23
527d4753b9f4fd1c40df024e88e2a602ccd4a82093dfd5fd33b4450c638084f3
5290570a36dd396b7defdf1c771bc9d3601780abe5ab09210263f05945fddc97
544409531123804e1170a08e506f4be42396cf833447e176e089f7702f03745a
5bb8db2e6ed8698e36f69cca152b3e2d5fffbaf8ae9dd336a94ee6a0b1e82886
70e95c7a725f8ff9b2b21664bd56b555438eb8b761cf887f033aa22d39556fee
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
740aeda52180f4bd3602ed6589c20b34a03c9672c67aa4291424700e12d41a29
746446302c91af32bf0f87d73081bc72071ad7bc5794c176f2c84a671db3c4da
756df835cdc3e6d51abfaa6f2cd0d48a3430e2bcc2c12566e06dc79f3ba4ff74
774ec657c07b77da509d4ea5a14ffc54c2013450cf50be3a283020c5c5c08d3e
7dc72c99cab280cec4866890ccabfab6c7118d85022773f170575d684963e983
7df10bfdb7b9bd4b92822f0e385f3595f24ccc322aeda1c5dbd564d42cad3a05
82bbf4a0f25757d1c9b9f18672eabf510965e4873e9d989a407823eac0d99259
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853f90b3f3829a8cb42b31b7ba0058aae3127bb5da43174157cdf85073460461
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8b0063fb60381622d0a96cc497fc583ab72589e1fa03069c238f9cb72b3d20a5
8d6fd11cf11df05dd01688350167f8df43e61c7d99dd391596c8dafa30cebf11
8d9facb43272448499d1ec00f018e8f847efad342e68abf3d818f4e521c17fb7
9298a280eda6b54290d3c69fda3ae7da0cec1a0169d01d4e5944af63d68939d5
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93b4b393bdf79a8047bd391f9ca92db7924db520f81eb2de4b7df2ce1e534783
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
97875e1cc37494327341a6d4444231a16127ab958907b9e879a87eb99808c7a0
997005d856e74947bab4d435133e50e9ff714f8730617db97866509cdb1e9dcb
9ad01a1b40b2d9fdb35c0400cf1d024e0b3ef83341d67de779a4c6cd1be9560c
9c7da66411c51d88cb1c03404ef780efad6c6039e0ea6dcb8abe2387ef70d8b9
a01ad6798ce69184226e8ab2630f1eea15c826bf3bcd928393d62bf34241f4fb
a06f2400feb196c5f2a59d45e62a1cfeaa4ed82341094f3e5ca5c27ec7fa86d0
a0be121d953691a90de00ce456caa95ba8fc6ced658cd50f9ab66a84ccd246a2
a14a6ee27d904f3002f895ab4df9e713f1266f742902627206c10648c3c82859
ad9cdd259e4e6669d5549b50500cd89d74f5c0beb04d1126a11fbbad5643a2d3
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
afe53f14f4fd0687277fff70d4bfe9bfdf87bacd741bf8e2f6031fae3fc57013
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b6774f666e554041fab5dc4fee03bc63307160056e8de34a47ce104478a5ee3d
bcd9a431f74c863be19a4889d6f4d997053fa95af54a8622150d53bd76034bef
c6f9e75b974e540bb1370a2b7d32b29758eeead0b4fed33c62c3bd6bfba6bc86
cbbd42bb1d88693e6805bd9d676840424af5ecf3e13d874fd06e6b57d53d8d40
d094c0d041f3abfcbcdac787eb0d71fddf78bfc600ff0f2d392b0664a5e29aa5
d11d6209fa27396401e57dde8b94d8f20672ce390cfa7f26d006fd29ba97f766
d1d993656168fdf731811ab74979b9ce1d35e8713cda7aabc5e23a3f54487775
d3a887d366ab3d243823e7c9ac85b1ba06018dbd3cf41eecff4bc3ca0c88e396
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
deb7f5bf5ace6476eb016781ded0cd75a2f4b8fbecf1d6e4b22d97ee140e9f67
e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f
e30f79ee6a1e1765e46d1273d80dde749669ed6c4ee4d6db20395beed61b6ecc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6398996cb813aac38fe0c868acccd4106c976ffa886bf2111f744a668b2fbc5
e7f5a831ead8920451598097754bb1d4fbf16fff1fd90794b950724867345794
e88105a8a37afb7f1e28571ffecdd70a4a6b5061fecd42fa26c257eb660c3116
ed5aa55542db88f4973e3d001825ba673ad415952668ffc1a92eb1b9d671c9a6
eda8f00e9255746e7620848227aca122053845c9b4a90f1b3e26b4cd99af9e25
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a31b189d7d9f6092ac4ffc905503c067063908367861a8e4c99873f433105b
f119fbc1c0db1af2c2ac6ef255d0abfee4184a8f71e7f52e1fb10ee12415e3fb
f25762c95fd82e39c32fa642825f3550cdd41463243eb14e08d2572f78ad06bc
f5e0d4e432c51d6b82047befba23bfd5597790b88cbcdfe1ec21dee7195e8399
f82c99d3ac0f4075d35242fd24f42094ec04fef0d3fdd8fb71de757a93dcd8ec
f8588af9824dd40882480f26b4210f4baaa950f51c993b48c49ce1027a7c849d
fbf63674053e3b35a34473fc7568df63730cb5e71f7e81aa8432e75374c758a3
fcc1bee4e35c415db5bfb262399ad7a4b672b41ebbf416f952da4f619727316d

www.imperva.com Open in urlscan Pro 45.60.76.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

33 %IPv6

26 Domains

35 Subdomains

32 IPs

5 Countries

1713 kBTransfer

4895 kBSize

5 Cookies

25 Outgoing links

Page URL History

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.imperva.com Open in urlscan Pro
45.60.76.225 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

33 %
IPv6

26
Domains

35
Subdomains

32
IPs

5
Countries

1713 kB
Transfer

4895 kB
Size

5
Cookies

116 HTTP transactions
0 data transactions