Reactive
HTTPS
ANALYSE_CIBLE
www.reactive.live
IP : 185.199.108.153
ASN : AS54113
Un rapport complet d'analyse de sécurité et de réseau pour www.reactive.live. Serveur : GitHub.com. Hébergé en US.
- Port principal
- 443
- Temps de scan
- Lien de rapport partageable
- https://sechttp.com/scan/www.reactive.live
Analyse de sécurité détaillée
Analyse des chemins d'attaque et de défense contre les DDoS
Attaquant
Trafic L4
Trafic L7
AS54113 (GitHub.com POP)
L4 défendu
L7 contourné
L4 bloqué
Trafic L7
Votre serveur
Résumé de la défense
Bien que GitHub.com offre une protection robuste contre les attaques de couche 4 (niveau réseau), votre serveur reste potentiellement vulnérable aux attaques sophistiquées de couche 7 (niveau application) qui peuvent contourner les défenses CDN standard. Des règles WAF supplémentaires et des mesures de sécurité côté application sont recommandées.
Défense de couche 4
GitHub.com fournit une protection robuste contre les inondations SYN, l'amplification UDP et les attaques volumétriques à la périphérie du réseau.
Vulnérabilités de couche 7
Les attaques de couche application ciblant les points d'accès API exposés de 2 nécessitent des règles WAF supplémentaires et une limitation de débit.
Divulgation d'informations sur le serveur
LOWINFO-001
Description
Le serveur divulgue son type de logiciel : GitHub.com. Cela peut aider les attaquants à identifier des vulnérabilités potentielles.
Recommandation
Configurez votre serveur web pour masquer ou modifier l'en-tête Server afin d'éviter la divulgation d'informations.
En-tête HSTS manquant ou invalide
MEDIUMSEC-001
Description
L'en-tête Strict-Transport-Security n'est pas correctement configuré, laissant le site vulnérable aux attaques de type man-in-the-middle.
Recommandation
Implémentez HSTS en ajoutant l'en-tête Strict-Transport-Security avec une valeur max-age appropriée pour forcer les connexions HTTPS.
En-tête X-Frame-Options manquant
MEDIUMSEC-002
Description
Le site n'est pas protégé contre les attaques de clickjacking.
Recommandation
Ajoutez l'en-tête X-Frame-Options avec la valeur 'DENY' ou 'SAMEORIGIN' pour empêcher le clickjacking.
Exposition d'informations sensibles dans JavaScript
HIGHJS-001
Description
Trouvé 140 variables potentiellement sensibles exposées dans le code JavaScript côté client.
Recommandation
Examinez et supprimez les informations sensibles du code côté client. Utilisez des variables d'environnement et un traitement côté serveur pour les données sensibles.
root@sechttp: /var/log/fuzz
root@sechttp : ~ $
> [Code: 200]
/api [FUITE SENSIBLE]
> [Code: 403]
/api/ [INTERDIT]
[+] Scan terminé. Trouvé 1 fuites potentielles.
root@sechttp : ~ $
Résultats du scan de ports
| Port | Service | Statut | Version |
|---|---|---|---|
| 80 | HTTP | FERMÉ | - |
| 443 | HTTPS | OUVERT | TLS 1.3 |
| 22 | SSH | FILTRÉ | - |
| 3306 | MySQL | FERMÉ | - |
Analyse des en-têtes HTTP
age:
6
via:
1.1 varnish
date:
Thu, 11 Sep 2025 16:35:51 GMT
etag:
"67c0984b-11842"
vary:
Accept-Encoding
server:
GitHub.com
expires:
Thu, 11 Sep 2025 16:45:46 GMT
x-cache:
HIT
x-timer:
S1757608552.671677,VS0,VE1
connection:
keep-alive
x-served-by:
cache-lax-kwhp1940069-LAX
content-type:
text/html; charset=utf-8
x-cache-hits:
1
accept-ranges:
bytes
cache-control:
max-age=600
last-modified:
Thu, 27 Feb 2025 16:52:27 GMT
x-proxy-cache:
MISS
content-length:
71746
x-fastly-request-id:
8775885db034566c6b8aa86d45e46c4d36326656
x-github-request-id:
4230:273A5D:129E752:1313599:68C2FA5F
access-control-allow-origin:
*
Informations ASN
ASN: AS54113
Adresse IP: 185.199.108.153
Préfixe réseau: 185.199.108.0/24
Organisation: FASTLY
Pays:
🇺🇸 US
Nom: FASTLY
Fournisseurs en amont (91)
AS3356
LEVEL3
Level 3 Parent, LLC
🇺🇸 US
upstream
AS1299
TWELVE99
Arelion, f/k/a Telia Carrier
🇸🇪 SE
upstream
AS174
COGENT-174
Cogent Communications
🇺🇸 US
upstream
AS2914
NTT-DATA-2914
NTT America, Inc.
🇺🇸 US
upstream
AS6939
HURRICANE
Hurricane Electric LLC
🇺🇸 US
upstream
AS3257
GTT-BACKBONE
GTT
🇺🇸 US
upstream
AS7922
COMCAST-7922
Comcast Cable Communications, LLC
🇺🇸 US
upstream
AS4637
ASN-TELSTRA-GLOBAL
Telstra Global
🇭🇰 HK
upstream
AS55836
RELIANCEJIO-IN
Reliance Jio Infocomm Limited
🇮🇳 IN
upstream
AS7018
ATT-INTERNET4
AT&T Enterprises, LLC
🇺🇸 US
upstream
AS5511
Opentransit
Orange S.A.
🇫🇷 FR
upstream
AS3491
CONSOLE-CONNECT-ASN
PCCW Global, Inc.
🇺🇸 US
upstream
AS9498
BBIL-AP
BHARTI Airtel Ltd.
🇮🇳 IN
upstream
AS2497
IIJ
Internet Initiative Japan Inc.
🇯🇵 JP
upstream
AS9002
RETN-AS
RETN Limited
🇬🇧 GB
upstream
AS1221
ASN-TELSTRA
Telstra Limited
🇦🇺 AU
upstream
AS4755
TATACOMM-AS
TATA Communications formerly VSNL is Leading ISP
🇮🇳 IN
upstream
AS6762
SEABONE-NET
TELECOM ITALIA SPARKLE S.p.A.
🇮🇹 IT
upstream
AS6830
LibertyGlobal
Liberty Global (formerly UPC Broadband Holding, aka AORTA)
🇳🇱 NL
upstream
AS37271
Workonline
Workonline Communications Ltd
🇿🇦 ZA
upstream
AS6453
AS6453
TATA COMMUNICATIONS (AMERICA) INC
🇺🇸 US
upstream
AS7195
EDGEUNO S.A.S
EDGEUNO S.A.S
🇨🇴 CO
upstream
AS3320
DTAG
Internet service provider operations
🇩🇪 DE
upstream
AS4648
SPARK-NZ
Global-Gateway Internet
🇳🇿 NZ
upstream
AS577
BACOM
Bell Canada
🇨🇦 CA
upstream
AS9583
SIFY-AS-IN
Sify Limited
🇮🇳 IN
upstream
AS4826
VOCUS-BACKBONE-AS
Vocus Connect International Backbone
🇦🇺 AU
upstream
AS37100
SEACOM-AS
SEACOM Limited
🇲🇺 MU
upstream
AS21859
ZEN-ECN
Zenlayer Inc
🇺🇸 US
upstream
AS12956
TELXIUS
TELXIUS Cable
🇪🇸 ES
upstream
AS6461
ZAYO-6461
Zayo Bandwidth
🇺🇸 US
upstream
AS22381
Megatelecom Telecomunicacoes Ltda
Megatelecom Telecomunicacoes Ltda
🇧🇷 BR
upstream
AS7474
OPTUSCOM-AS01-AU
SingTel Optus Pty Ltd
🇦🇺 AU
upstream
AS8966
Etisalat-AS
P.O. Box 1150, Dubai, UAE
🇦🇪 AE
upstream
AS12271
TWC-12271-NYC
Charter Communications Inc
🇺🇸 US
upstream
AS9299
IPG-AS-AP
Philippine Long Distance Telephone Company
🇵🇭 PH
upstream
AS7473
SINGTEL-AS-AP
Singapore Telecommunications Ltd
🇸🇬 SG
upstream
AS9957
KINX-AS
KINX
🇰🇷 KR
upstream
AS18678
INTERNEXA S.A. E.S.P
INTERNEXA S.A. E.S.P
🇨🇴 CO
upstream
AS32098
TRANSTELCO-INC
Transtelco Inc
🇺🇸 US
upstream
AS63927
RISE-HK
RISE
🇵🇭 PH
upstream
AS262589
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
🇧🇷 BR
upstream
AS9318
SKB-AS
SK Broadband Co Ltd
🇰🇷 KR
upstream
AS37662
WIOCC-AS
West Indian Ocean Cable Company
🇲🇺 MU
upstream
AS4775
GLOBE-TELECOM-AS
Globe Telecoms
🇵🇭 PH
upstream
AS3356
LEVEL3
Level 3 Parent, LLC
🇺🇸 US
upstream
AS1299
TWELVE99
Arelion, f/k/a Telia Carrier
🇸🇪 SE
upstream
AS174
COGENT-174
Cogent Communications
🇺🇸 US
upstream
AS2914
NTT-DATA-2914
NTT America, Inc.
🇺🇸 US
upstream
AS6939
HURRICANE
Hurricane Electric LLC
🇺🇸 US
upstream
AS3257
GTT-BACKBONE
GTT
🇺🇸 US
upstream
AS7922
COMCAST-7922
Comcast Cable Communications, LLC
🇺🇸 US
upstream
AS4637
ASN-TELSTRA-GLOBAL
Telstra Global
🇭🇰 HK
upstream
AS55836
RELIANCEJIO-IN
Reliance Jio Infocomm Limited
🇮🇳 IN
upstream
AS7018
ATT-INTERNET4
AT&T Enterprises, LLC
🇺🇸 US
upstream
AS5511
Opentransit
Orange S.A.
🇫🇷 FR
upstream
AS3491
CONSOLE-CONNECT-ASN
PCCW Global, Inc.
🇺🇸 US
upstream
AS9498
BBIL-AP
BHARTI Airtel Ltd.
🇮🇳 IN
upstream
AS2497
IIJ
Internet Initiative Japan Inc.
🇯🇵 JP
upstream
AS9002
RETN-AS
RETN Limited
🇬🇧 GB
upstream
AS1221
ASN-TELSTRA
Telstra Limited
🇦🇺 AU
upstream
AS4755
TATACOMM-AS
TATA Communications formerly VSNL is Leading ISP
🇮🇳 IN
upstream
AS6762
SEABONE-NET
TELECOM ITALIA SPARKLE S.p.A.
🇮🇹 IT
upstream
AS6830
LibertyGlobal
Liberty Global (formerly UPC Broadband Holding, aka AORTA)
🇳🇱 NL
upstream
AS37271
Workonline
Workonline Communications Ltd
🇿🇦 ZA
upstream
AS6453
AS6453
TATA COMMUNICATIONS (AMERICA) INC
🇺🇸 US
upstream
AS7195
EDGEUNO S.A.S
EDGEUNO S.A.S
🇨🇴 CO
upstream
AS3320
DTAG
Internet service provider operations
🇩🇪 DE
upstream
AS4648
SPARK-NZ
Global-Gateway Internet
🇳🇿 NZ
upstream
AS577
BACOM
Bell Canada
🇨🇦 CA
upstream
AS9583
SIFY-AS-IN
Sify Limited
🇮🇳 IN
upstream
AS4826
VOCUS-BACKBONE-AS
Vocus Connect International Backbone
🇦🇺 AU
upstream
AS37100
SEACOM-AS
SEACOM Limited
🇲🇺 MU
upstream
AS21859
ZEN-ECN
Zenlayer Inc
🇺🇸 US
upstream
AS12956
TELXIUS
TELXIUS Cable
🇪🇸 ES
upstream
AS6461
ZAYO-6461
Zayo Bandwidth
🇺🇸 US
upstream
AS22381
Megatelecom Telecomunicacoes Ltda
Megatelecom Telecomunicacoes Ltda
🇧🇷 BR
upstream
AS701
UUNET
Verizon Business
🇺🇸 US
upstream
AS7474
OPTUSCOM-AS01-AU
SingTel Optus Pty Ltd
🇦🇺 AU
upstream
AS8966
Etisalat-AS
P.O. Box 1150, Dubai, UAE
🇦🇪 AE
upstream
AS12271
TWC-12271-NYC
Charter Communications Inc
🇺🇸 US
upstream
AS9299
IPG-AS-AP
Philippine Long Distance Telephone Company
🇵🇭 PH
upstream
AS7473
SINGTEL-AS-AP
Singapore Telecommunications Ltd
🇸🇬 SG
upstream
AS9957
KINX-AS
KINX
🇰🇷 KR
upstream
AS18678
INTERNEXA S.A. E.S.P
INTERNEXA S.A. E.S.P
🇨🇴 CO
upstream
AS32098
TRANSTELCO-INC
Transtelco Inc
🇺🇸 US
upstream
AS63927
RISE-HK
RISE
🇵🇭 PH
upstream
AS212250
HORIZON-SCOPE
HORIZON-SCOPE
🇮🇶 IQ
upstream
AS262589
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
🇧🇷 BR
upstream
AS9318
SKB-AS
SK Broadband Co Ltd
🇰🇷 KR
upstream
AS37662
WIOCC-AS
West Indian Ocean Cable Company
🇲🇺 MU
upstream
Points d'échange Internet (260)
🇧🇬
BIX.BG
BG
100 Gbps
Bandwidth
🇧🇬
BIX.BG
BG
100 Gbps
Bandwidth
🇦🇺
Equinix Melbourne
AU
100 Gbps
Bandwidth
🇦🇺
Equinix Melbourne
AU
100 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) São Paulo
BR
600 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) São Paulo
BR
600 Gbps
Bandwidth
🇦🇺
MegaIX Melbourne
AU
10 Gbps
Bandwidth
🇦🇺
MegaIX Melbourne
AU
10 Gbps
Bandwidth
🇦🇺
MegaIX Sydney
AU
20 Gbps
Bandwidth
🇦🇺
MegaIX Sydney
AU
20 Gbps
Bandwidth
🇦🇺
Equinix Sydney
AU
100 Gbps
Bandwidth
🇦🇺
Equinix Sydney
AU
100 Gbps
Bandwidth
🇺🇸
Equinix Ashburn
US
300 Gbps
Bandwidth
🇺🇸
Equinix Ashburn
US
300 Gbps
Bandwidth
🇺🇸
Equinix Chicago
US
200 Gbps
Bandwidth
🇺🇸
Equinix Dallas
US
200 Gbps
Bandwidth
🇺🇸
Equinix Dallas
US
200 Gbps
Bandwidth
🇺🇸
Equinix Los Angeles
US
100 Gbps
Bandwidth
🇺🇸
Equinix Los Angeles
US
100 Gbps
Bandwidth
🇺🇸
Equinix San Jose
US
100 Gbps
Bandwidth
🇺🇸
Equinix San Jose
US
100 Gbps
Bandwidth
🇺🇸
Equinix New York
US
100 Gbps
Bandwidth
🇺🇸
Equinix New York
US
100 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇺🇸
Equinix Chicago
US
200 Gbps
Bandwidth
🇭🇰
Equinix Hong Kong
HK
100 Gbps
Bandwidth
🇭🇰
Equinix Hong Kong
HK
100 Gbps
Bandwidth
🇦🇺
QLD-IX
AU
100 Gbps
Bandwidth
🇦🇺
QLD-IX
AU
100 Gbps
Bandwidth
🇺🇸
SIX Seattle
US
200 Gbps
Bandwidth
🇺🇸
SIX Seattle
US
200 Gbps
Bandwidth
🇬🇧
LONAP
GB
200 Gbps
Bandwidth
🇬🇧
LONAP
GB
200 Gbps
Bandwidth
🇸🇬
Equinix Singapore
SG
400 Gbps
Bandwidth
🇸🇬
Equinix Singapore
SG
400 Gbps
Bandwidth
🇦🇺
VIC-IX
AU
100 Gbps
Bandwidth
🇦🇺
VIC-IX
AU
100 Gbps
Bandwidth
🇦🇺
NSW-IX
AU
200 Gbps
Bandwidth
🇦🇺
NSW-IX
AU
200 Gbps
Bandwidth
🇩🇪
MegaIX Frankfurt
DE
100 Gbps
Bandwidth
🇩🇪
MegaIX Frankfurt
DE
100 Gbps
Bandwidth
🇳🇱
AMS-IX
NL
400 Gbps
Bandwidth
🇳🇱
AMS-IX
NL
400 Gbps
Bandwidth
🇺🇸
Boston Internet Exchange
US
100 Gbps
Bandwidth
🇺🇸
Boston Internet Exchange
US
100 Gbps
Bandwidth
🇨🇦
TorIX
CA
200 Gbps
Bandwidth
🇨🇦
TorIX
CA
200 Gbps
Bandwidth
🇺🇸
DE-CIX New York
US
100 Gbps
Bandwidth
🇺🇸
DE-CIX New York
US
100 Gbps
Bandwidth
🇩🇪
DE-CIX Frankfurt
DE
600 Gbps
Bandwidth
🇩🇪
DE-CIX Frankfurt
DE
600 Gbps
Bandwidth
🇦🇪
SH-IX
AE
100 Gbps
Bandwidth
🇺🇸
MICE
US
100 Gbps
Bandwidth
🇺🇸
MICE
US
100 Gbps
Bandwidth
🇺🇸
FL-IX
US
100 Gbps
Bandwidth
🇺🇸
FL-IX
US
100 Gbps
Bandwidth
🇸🇪
STHIX - Stockholm
SE
100 Gbps
Bandwidth
🇸🇪
STHIX - Stockholm
SE
100 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Johannesburg
ZA
100 Gbps
Bandwidth
🇳🇿
MegaIX Auckland
NZ
10 Gbps
Bandwidth
🇳🇿
MegaIX Auckland
NZ
10 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇯🇵
JPIX OSAKA
JP
400 Gbps
Bandwidth
🇯🇵
JPIX OSAKA
JP
400 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Rio de Janeiro
BR
400 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Rio de Janeiro
BR
400 Gbps
Bandwidth
🇺🇸
NYIIX New York
US
100 Gbps
Bandwidth
🇺🇸
Databank IX Houston
US
10 Gbps
Bandwidth
🇺🇸
Databank IX Houston
US
10 Gbps
Bandwidth
🇺🇸
Any2West
US
200 Gbps
Bandwidth
🇺🇸
Any2West
US
200 Gbps
Bandwidth
🇸🇰
NIX.SK
SK
200 Gbps
Bandwidth
🇯🇵
Equinix Tokyo
JP
200 Gbps
Bandwidth
🇯🇵
Equinix Tokyo
JP
200 Gbps
Bandwidth
🇬🇧
LINX LON1
GB
400 Gbps
Bandwidth
🇬🇧
LINX LON1
GB
400 Gbps
Bandwidth
🇺🇸
MASS-IX
US
10 Gbps
Bandwidth
🇮🇳
Extreme IX Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
Extreme IX Mumbai
IN
100 Gbps
Bandwidth
🇺🇸
Any2Denver
US
200 Gbps
Bandwidth
🇺🇸
Any2Denver
US
200 Gbps
Bandwidth
🇯🇵
JPNAP Tokyo
JP
200 Gbps
Bandwidth
🇯🇵
JPNAP Tokyo
JP
200 Gbps
Bandwidth
🇺🇸
Digital Realty Atlanta
US
100 Gbps
Bandwidth
🇺🇸
Digital Realty Atlanta
US
100 Gbps
Bandwidth
🇮🇳
Extreme IX Kolkata
IN
10 Gbps
Bandwidth
🇳🇿
APE
NZ
10 Gbps
Bandwidth
🇳🇿
APE
NZ
10 Gbps
Bandwidth
🇺🇸
DET-iX
US
200 Gbps
Bandwidth
🇳🇿
WIX-NZ
NZ
10 Gbps
Bandwidth
🇳🇿
WIX-NZ
NZ
10 Gbps
Bandwidth
🇨🇿
NIX.CZ
CZ
200 Gbps
Bandwidth
🇨🇿
NIX.CZ
CZ
200 Gbps
Bandwidth
🇯🇵
BBIX Tokyo
JP
500 Gbps
Bandwidth
🇯🇵
BBIX Tokyo
JP
500 Gbps
Bandwidth
🇯🇵
JPIX TOKYO
JP
600 Gbps
Bandwidth
🇯🇵
JPIX TOKYO
JP
600 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) São Paulo
BR
600 Gbps
Bandwidth
🇳🇱
NL-ix
NL
400 Gbps
Bandwidth
🇸🇬
SGIX
SG
200 Gbps
Bandwidth
🇸🇬
SGIX
SG
200 Gbps
Bandwidth
🇺🇸
DE-CIX Dallas
US
200 Gbps
Bandwidth
🇺🇸
DE-CIX Dallas
US
200 Gbps
Bandwidth
🇮🇹
MIX-IT
IT
300 Gbps
Bandwidth
🇮🇹
MIX-IT
IT
300 Gbps
Bandwidth
🇮🇳
Extreme IX Delhi
IN
100 Gbps
Bandwidth
🇮🇳
Extreme IX Delhi
IN
100 Gbps
Bandwidth
🇳🇿
AKL-IX (Auckland NZ)
NZ
100 Gbps
Bandwidth
🇳🇿
AKL-IX (Auckland NZ)
NZ
100 Gbps
Bandwidth
🇨🇦
QIX Montreal
CA
200 Gbps
Bandwidth
🇸🇬
BBIX Singapore
SG
100 Gbps
Bandwidth
🇪🇸
ESpanix Madrid Lower LAN
ES
100 Gbps
Bandwidth
🇪🇸
ESpanix Madrid Upper LAN
ES
100 Gbps
Bandwidth
🇬🇧
Equinix London
GB
100 Gbps
Bandwidth
🇬🇧
Equinix London
GB
100 Gbps
Bandwidth
🇳🇱
NL-ix
NL
200 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Johannesburg
ZA
100 Gbps
Bandwidth
🇺🇸
NYIIX New York
US
100 Gbps
Bandwidth
🇬🇧
LINX Manchester
GB
100 Gbps
Bandwidth
🇬🇧
LINX Manchester
GB
100 Gbps
Bandwidth
🇮🇪
INEX LAN1
IE
200 Gbps
Bandwidth
🇮🇪
INEX LAN1
IE
200 Gbps
Bandwidth
🇺🇸
Ohio IX
US
100 Gbps
Bandwidth
🇺🇸
Ohio IX
US
100 Gbps
Bandwidth
🇮🇳
Extreme IX Kolkata
IN
10 Gbps
Bandwidth
🇦🇹
VIX
AT
100 Gbps
Bandwidth
🇦🇹
VIX
AT
100 Gbps
Bandwidth
🇦🇪
UAE-IX
AE
200 Gbps
Bandwidth
🇺🇸
Digital Realty Dallas
US
10 Gbps
Bandwidth
🇺🇸
Digital Realty Dallas
US
10 Gbps
Bandwidth
🇺🇸
☀✪⌁KCIX⌁✪☀
US
100 Gbps
Bandwidth
🇺🇸
Equinix Miami
US
100 Gbps
Bandwidth
🇮🇳
DE-CIX Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
DE-CIX Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
Extreme IX Chennai
IN
10 Gbps
Bandwidth
🇮🇳
Extreme IX Chennai
IN
10 Gbps
Bandwidth
🇺🇸
☀✪⌁STLIX⌁✪☀
US
100 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Cape Town
ZA
100 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Cape Town
ZA
100 Gbps
Bandwidth
🇺🇸
☀✪⌁KCIX⌁✪☀
US
100 Gbps
Bandwidth
🇳🇱
NL-ix
NL
100 Gbps
Bandwidth
🇺🇸
SFMIX
US
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Sydney
AU
400 Gbps
Bandwidth
🇺🇸
CIX-ATL
US
200 Gbps
Bandwidth
🇧🇷
Equinix São Paulo
BR
100 Gbps
Bandwidth
🇮🇳
NIXI Chennai
IN
10 Gbps
Bandwidth
🇮🇳
NIXI Chennai
IN
10 Gbps
Bandwidth
🇪🇸
DE-CIX Madrid
ES
100 Gbps
Bandwidth
🇪🇸
DE-CIX Madrid
ES
100 Gbps
Bandwidth
🇯🇵
JPNAP Osaka
JP
200 Gbps
Bandwidth
🇯🇵
JPNAP Osaka
JP
200 Gbps
Bandwidth
🇵🇪
PIT - Peru - Lima
PE
200 Gbps
Bandwidth
🇮🇹
MINAP Milan
IT
100 Gbps
Bandwidth
🇩🇪
DE-CIX Munich
DE
100 Gbps
Bandwidth
🇮🇹
MINAP Milan
IT
100 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇳🇱
NL-ix
NL
400 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇫🇷
DE-CIX Marseille
FR
100 Gbps
Bandwidth
🇺🇸
NWAX
US
100 Gbps
Bandwidth
🇬🇭
GIXA
GH
10 Gbps
Bandwidth
🇬🇭
GIXA
GH
10 Gbps
Bandwidth
🇵🇭
GetaFIX Manila
PH
100 Gbps
Bandwidth
🇵🇭
GetaFIX Manila
PH
100 Gbps
Bandwidth
🇲🇾
MyIX
MY
100 Gbps
Bandwidth
🇲🇾
MyIX
MY
100 Gbps
Bandwidth
🇮🇹
Namex Rome
IT
100 Gbps
Bandwidth
🇮🇹
Namex Rome
IT
100 Gbps
Bandwidth
🇫🇮
FICIX 2 (Helsinki)
FI
100 Gbps
Bandwidth
🇫🇮
FICIX 2 (Helsinki)
FI
100 Gbps
Bandwidth
🇺🇸
DRF IX
US
10 Gbps
Bandwidth
🇺🇸
DRF IX
US
10 Gbps
Bandwidth
🇳🇿
CHC-IX (Christchurch NZ)
NZ
10 Gbps
Bandwidth
🇳🇿
CHC-IX (Christchurch NZ)
NZ
10 Gbps
Bandwidth
🇦🇺
EdgeIX - Perth
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Perth
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Sydney
AU
400 Gbps
Bandwidth
🇦🇺
EdgeIX - Brisbane
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Brisbane
AU
100 Gbps
Bandwidth
🇨🇦
YYCIX
CA
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Adelaide
AU
10 Gbps
Bandwidth
🇦🇺
EdgeIX - Adelaide
AU
10 Gbps
Bandwidth
🇦🇺
EdgeIX - Melbourne
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Melbourne
AU
100 Gbps
Bandwidth
🇹🇭
THAILAND IX (TH-IX)
TH
10 Gbps
Bandwidth
🇹🇭
BKNIX (Thailand)
TH
100 Gbps
Bandwidth
🇹🇭
BKNIX (Thailand)
TH
100 Gbps
Bandwidth
🇳🇿
WLG-IX (Wellington NZ)
NZ
10 Gbps
Bandwidth
🇳🇿
WLG-IX (Wellington NZ)
NZ
10 Gbps
Bandwidth
🇸🇰
NIX.SK
SK
200 Gbps
Bandwidth
🇮🇳
Extreme IX Hyderabad
IN
10 Gbps
Bandwidth
🇮🇳
Extreme IX Hyderabad
IN
10 Gbps
Bandwidth
🇺🇸
Any2East
US
100 Gbps
Bandwidth
🇺🇸
Digital Realty Ashburn
US
10 Gbps
Bandwidth
🇺🇸
Digital Realty Ashburn
US
10 Gbps
Bandwidth
🇵🇹
GigaPIX - LAN 1
PT
100 Gbps
Bandwidth
🇭🇺
BiX
HU
200 Gbps
Bandwidth
🇨🇿
Peering.cz
CZ
200 Gbps
Bandwidth
🇫🇷
France-IX Paris
FR
100 Gbps
Bandwidth
🇫🇷
France-IX Paris
FR
100 Gbps
Bandwidth
🇫🇷
France-IX Marseille
FR
100 Gbps
Bandwidth
🇿🇦
CINX
ZA
100 Gbps
Bandwidth
🇿🇦
JINX
ZA
100 Gbps
Bandwidth
🇦🇺
SA-IX
AU
20 Gbps
Bandwidth
🇦🇺
SA-IX
AU
20 Gbps
Bandwidth
🇹🇭
BBIX Thailand
TH
100 Gbps
Bandwidth
🇦🇺
WA-IX
AU
100 Gbps
Bandwidth
🇦🇺
WA-IX
AU
100 Gbps
Bandwidth
🇨🇴
PIT - Colombia - Bogota
CO
200 Gbps
Bandwidth
🇳🇱
NL-ix 2
NL
400 Gbps
Bandwidth
🇳🇱
NL-ix 2
NL
400 Gbps
Bandwidth
🇬🇭
Accra Internet Exchange LBG
GH
100 Gbps
Bandwidth
🇮🇳
Equinix Mumbai
IN
100 Gbps
Bandwidth
🇵🇭
BBIX Manila
PH
100 Gbps
Bandwidth
🇵🇭
BBIX Manila
PH
100 Gbps
Bandwidth
🇮🇳
NIXI Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
NIXI Delhi
IN
100 Gbps
Bandwidth
🇮🇳
NIXI Kolkata
IN
10 Gbps
Bandwidth
🇮🇳
NIXI Hyderabad
IN
10 Gbps
Bandwidth
🇰🇷
KINX
KR
100 Gbps
Bandwidth
🇰🇷
KINX
KR
100 Gbps
Bandwidth
🇺🇸
Any2Chicago
US
100 Gbps
Bandwidth
🇨🇦
VANIX
CA
100 Gbps
Bandwidth
🇺🇸
IX-Denver
US
200 Gbps
Bandwidth
🇯🇵
BBIX Tokyo
JP
500 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Rio de Janeiro
BR
400 Gbps
Bandwidth
🇮🇳
Equinix Mumbai
IN
100 Gbps
Bandwidth
🇺🇸
BBIX US-West
US
100 Gbps
Bandwidth
🇺🇸
BBIX US-West
US
100 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Fortaleza
BR
200 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Fortaleza
BR
200 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Curitiba
BR
20 Gbps
Bandwidth
🇭🇺
BiX
HU
200 Gbps
Bandwidth
🇵🇭
PhIX
PH
200 Gbps
Bandwidth
🇵🇭
PhIX
PH
200 Gbps
Bandwidth
🇮🇳
AMS-IX Kolkata
IN
10 Gbps
Bandwidth
🇮🇳
AMS-IX Kolkata
IN
10 Gbps
Bandwidth
🇮🇳
AMS-IX Hyderabad
IN
10 Gbps
Bandwidth
🇦🇪
UAE-IX
AE
200 Gbps
Bandwidth
🇮🇳
AMS-IX Hyderabad
IN
10 Gbps
Bandwidth
🇳🇿
EdgeIX - Auckland
NZ
100 Gbps
Bandwidth
🇦🇷
AR-IX Cabase - Argentina
AR
100 Gbps
Bandwidth
🇦🇷
AR-IX Cabase - Argentina
AR
100 Gbps
Bandwidth
🇳🇿
EdgeIX - Auckland
NZ
100 Gbps
Bandwidth
🇦🇷
PIT - Argentina - Buenos Aires
AR
200 Gbps
Bandwidth
🇺🇸
DE-CIX Chicago
US
100 Gbps
Bandwidth
🇺🇸
DE-CIX Chicago
US
100 Gbps
Bandwidth
🇲🇽
PIT MX
MX
100 Gbps
Bandwidth
🇲🇽
PIT MX
MX
100 Gbps
Bandwidth
🇲🇽
DE-CIX Mexico
MX
100 Gbps
Bandwidth
🇲🇽
DE-CIX Mexico
MX
100 Gbps
Bandwidth
🇺🇸
Ninja-IX Phoenix
US
100 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇸🇬
BBIX Singapore
SG
100 Gbps
Bandwidth
🇲🇾
DE-CIX Kuala Lumpur
MY
10 Gbps
Bandwidth
🇲🇾
DE-CIX Kuala Lumpur
MY
10 Gbps
Bandwidth
🇸🇬
Equinix Singapore
SG
400 Gbps
Bandwidth
Analyse JavaScript
Security Analysis Alert
Client-side code analysis has identified potential security vulnerabilities and information disclosure risks.
Variables JavaScript exposées
Variables exposed in client-side code that may contain sensitive information
# Security Assessment: Variable Exposure Analysis
LEAK
URL
Pc
Risk: Information disclosure via client-side exposure
LEAK
Url
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
key
getChildKey
Risk: Information disclosure via client-side exposure
LEAK
url
.concat(shareLink(e)),whatsAppShareLink=e=>
Risk: Information disclosure via client-side exposure
LEAK
_key
createKey
Risk: Information disclosure via client-side exposure
LEAK
auth
n
Risk: Information disclosure via client-side exposure
LEAK
code
ENOENT
Risk: Information disclosure via client-side exposure
LEAK
keys
function
Risk: Information disclosure via client-side exposure
LEAK
test
e
Risk: Information disclosure via client-side exposure
LEAK
Token
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
keyBy
function
Risk: Information disclosure via client-side exposure
LEAK
keyOf
function
Risk: Information disclosure via client-side exposure
LEAK
toKey
function
Risk: Information disclosure via client-side exposure
LEAK
token
e
Risk: Information disclosure via client-side exposure
LEAK
altKey
0
Risk: Information disclosure via client-side exposure
LEAK
assign
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
author
Lance Marks, Co-founder, O.school
Risk: Information disclosure via client-side exposure
LEAK
client
client
Risk: Information disclosure via client-side exposure
LEAK
codeAt
Re
Risk: Information disclosure via client-side exposure
LEAK
ctaUrl
A
Risk: Information disclosure via client-side exposure
LEAK
decode
decode
Risk: Information disclosure via client-side exposure
LEAK
domain
void
Risk: Information disclosure via client-side exposure
LEAK
encode
encode
Risk: Information disclosure via client-side exposure
LEAK
getURL
function
Risk: Information disclosure via client-side exposure
LEAK
inside
avoid
Risk: Information disclosure via client-side exposure
LEAK
keyFor
function
Risk: Information disclosure via client-side exposure
LEAK
mailto
+i),!!e.md.validateLink(s)&&(n||((o=e.push(
Risk: Information disclosure via client-side exposure
LEAK
newUrl
<empty_value>
Risk: Information disclosure via client-side exposure
LEAK
UrlNode
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
clientX
0
Risk: Information disclosure via client-side exposure
LEAK
clientY
0
Risk: Information disclosure via client-side exposure
LEAK
ctrlKey
0
Risk: Information disclosure via client-side exposure
LEAK
fastKey
function
Risk: Information disclosure via client-side exposure
LEAK
findKey
function
Risk: Information disclosure via client-side exposure
LEAK
keyCode
0
Risk: Information disclosure via client-side exposure
LEAK
mapKeys
function
Risk: Information disclosure via client-side exposure
LEAK
metaKey
0
Risk: Information disclosure via client-side exposure
LEAK
ownKeys
Et
Risk: Information disclosure via client-side exposure
LEAK
cacheKey
n
Risk: Information disclosure via client-side exposure
LEAK
charCode
function
Risk: Information disclosure via client-side exposure
LEAK
password
zc
Risk: Information disclosure via client-side exposure
LEAK
s.client
client
Risk: Information disclosure via client-side exposure
LEAK
shiftKey
0
Risk: Information disclosure via client-side exposure
LEAK
src_auth
(?:(?:(?!
Risk: Information disclosure via client-side exposure
LEAK
burlywood
deb887
Risk: Information disclosure via client-side exposure
LEAK
createKey
function
Risk: Information disclosure via client-side exposure
LEAK
eE.client
client
Risk: Information disclosure via client-side exposure
LEAK
embed_url
l
Risk: Information disclosure via client-side exposure
LEAK
formatUrl
function
Risk: Information disclosure via client-side exposure
LEAK
keyPrefix
n
Risk: Information disclosure via client-side exposure
LEAK
keyframes
u
Risk: Information disclosure via client-side exposure
LEAK
mapDomain
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
routeKeys
o
Risk: Information disclosure via client-side exposure
LEAK
toUnicode
toUnicode
Risk: Information disclosure via client-side exposure
LEAK
tokenised
n
Risk: Information disclosure via client-side exposure
LEAK
updateURL
function
Risk: Information disclosure via client-side exposure
LEAK
PHASE_TEST
function
Risk: Information disclosure via client-side exposure
LEAK
PanSession
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
SideEffect
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
isAPIRoute
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
isLocalURL
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
numNumbers
n
Risk: Information disclosure via client-side exposure
LEAK
src_domain
(?:
Risk: Information disclosure via client-side exposure
LEAK
statusCode
r
Risk: Information disclosure via client-side exposure
LEAK
ucs2decode
function
Risk: Information disclosure via client-side exposure
LEAK
ucs2encode
function
Risk: Information disclosure via client-side exposure
LEAK
DecodeError
function
Risk: Information disclosure via client-side exposure
LEAK
clientLogos
t
Risk: Information disclosure via client-side exposure
LEAK
codePointAt
function
Risk: Information disclosure via client-side exposure
LEAK
credentials
same-origin
Risk: Information disclosure via client-side exposure
LEAK
getChildKey
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
numberToHex
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
responseURL
n
Risk: Information disclosure via client-side exposure
LEAK
s.burlywood
deb887
Risk: Information disclosure via client-side exposure
LEAK
DOMTokenList
1
Risk: Information disclosure via client-side exposure
LEAK
latestValues
o
Risk: Information disclosure via client-side exposure
LEAK
onSessionEnd
n
Risk: Information disclosure via client-side exposure
LEAK
prepareUrlAs
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
SVGNumberList
0
Risk: Information disclosure via client-side exposure
LEAK
domainLocales
A
Risk: Information disclosure via client-side exposure
LEAK
fromCodePoint
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
isAbsoluteUrl
function
Risk: Information disclosure via client-side exposure
LEAK
mobileNavOpen
r
Risk: Information disclosure via client-side exposure
LEAK
protectedKeys
e
Risk: Information disclosure via client-side exposure
LEAK
testValueType
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
urlObjectKeys
function
Risk: Information disclosure via client-side exposure
LEAK
ClientRectList
0
Risk: Information disclosure via client-side exposure
LEAK
onSessionStart
asyncHandler
Risk: Information disclosure via client-side exposure
LEAK
src_email_name
[\\-;:&=\\+\\$,\\.a-zA-Z0-9_][\\-;:&=\\+\\$,\\
Risk: Information disclosure via client-side exposure
LEAK
MozPrintableKey
Unidentified
Risk: Information disclosure via client-side exposure
LEAK
URLSearchParams
ys
Risk: Information disclosure via client-side exposure
LEAK
Xr.DOMTokenList
1
Risk: Information disclosure via client-side exposure
LEAK
createScriptURL
r
Risk: Information disclosure via client-side exposure
LEAK
getMetadataKeys
function
Risk: Information disclosure via client-side exposure
LEAK
getSafeRouteKey
f
Risk: Information disclosure via client-side exposure
LEAK
isIdentityScale
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
lastDevicePoint
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
src_domain_root
"(?:"+t.src_xn+"|"+t.src_pseudo_letter+"{1,63})",t.src_domain="(?:"+t.src_xn+"|(?:"+t.src_pseudo_letter+")|(?:"+t.src_pseudo_letter+"(?:-|"+t.src_pseudo_letter+"){0,61}"+t.src_pseudo_letter+"))",t.src...
Risk: Information disclosure via client-side exposure
LEAK
tpl_email_fuzzy
(^|
Risk: Information disclosure via client-side exposure
LEAK
PAGE_SEGMENT_KEY
function
Risk: Information disclosure via client-side exposure
LEAK
Xr.SVGNumberList
<empty_value>
Risk: Information disclosure via client-side exposure
LEAK
parseRelativeUrl
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
Xr.ClientRectList
<empty_value>
Risk: Information disclosure via client-side exposure
LEAK
isKeyframesTarget
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
isValidEntityCode
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
onPanSessionStart
e
Risk: Information disclosure via client-side exposure
LEAK
detectDomainLocale
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
getOwnMetadataKeys
function
Risk: Information disclosure via client-side exposure
LEAK
nR.MozPrintableKey
Unidentified
Risk: Information disclosure via client-side exposure
LEAK
publicRuntimeConfig
u
Risk: Information disclosure via client-side exposure
LEAK
tpl_host_fuzzy_test
localhost|www\\.|\\.\\d{1,3}\\.|(?:\\.(?:%TLDS%)(?:
Risk: Information disclosure via client-side exposure
LEAK
APP_CLIENT_INTERNALS
function
Risk: Information disclosure via client-side exposure
LEAK
convertNumbersToZero
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
getSafeKeyFromSegment
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
shadowKeyUmbraOpacity
0.25
Risk: Information disclosure via client-side exposure
LEAK
getClientBuildManifest
function
Risk: Information disclosure via client-side exposure
LEAK
handleClientScriptLoad
function
Risk: Information disclosure via client-side exposure
LEAK
isWaapiSupportedEasing
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
searchParamsToUrlQuery
function
Risk: Information disclosure via client-side exposure
LEAK
stringifyUrlQueryParam
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
urlQueryToSearchParams
function
Risk: Information disclosure via client-side exposure
LEAK
DEV_MIDDLEWARE_MANIFEST
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_PUBLIC_FILES_PATH
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_PATH
function
Risk: Information disclosure via client-side exposure
LEAK
PHASE_DEVELOPMENT_SERVER
function
Risk: Information disclosure via client-side exposure
LEAK
makePublicRouterInstance
function
Risk: Information disclosure via client-side exposure
LEAK
shadowKeyPenumbraOpacity
0.14
Risk: Information disclosure via client-side exposure
LEAK
unstable_skipClientCache
o
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_REFERENCE_MANIFEST
function
Risk: Information disclosure via client-side exposure
LEAK
DEV_CLIENT_PAGES_MANIFEST
function
Risk: Information disclosure via client-side exposure
LEAK
EDGE_UNSUPPORTED_NODE_APIS
function
Risk: Information disclosure via client-side exposure
LEAK
REQUIRED_CODE_ERROR_MESSAGE
Please choose a country code
Risk: Information disclosure via client-side exposure
LEAK
__unsafeCreateTrustedScriptURL
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_AMP
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_MAIN
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_WEBPACK
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_MAIN_APP
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_POLYFILLS
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_REACT_REFRESH
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_POLYFILLS_SYMBOL
function
Risk: Information disclosure via client-side exposure
Total: 140 exposed variables found
Analyse des domaines API
External API domains discovered in client-side code
EXTERNAL_API_DOMAIN
static.hotjar.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
avantlink.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
reactjs.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
nextjs.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
fonts.googleapis.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
fonts.gstatic.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
use.typekit.net
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.reactive.live
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
git.io
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
github.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
browserstrangeness.bitbucket.io
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
sibforms.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
tally.so
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
calendly.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
assets.calendly.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
classic.avantlink.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
cdn01.basis.net
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.apache.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
twitter.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
snook.ca
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.drupal.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.phpied.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.sanbeiji.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
css-discuss.incutio.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
weblog.west-wind.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
youtu.be
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
angel.co
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.facebook.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.linkedin.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
wa.me
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
Points d'accès API découverts
API endpoints identified through static analysis of client-side code
GET
/api
Active
Endpoint discovered via client-side code analysis
GET
/api/
Active
Endpoint discovered via client-side code analysis
Ressources JavaScript
JavaScript files loaded by the application
JS
/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
JS
https://classic.avantlink.com/affiliate_app_confirm.php?mode=js&authResponse=42dee5ffd15069c40406a8cc1e4271378c89a463
JS
/_next/static/chunks/webpack-a3cb6e92ee9779eb.js
JS
/_next/static/chunks/framework-ca706bf673a13738.js
JS
/_next/static/chunks/main-ac067cb8f94e1673.js
JS
/_next/static/chunks/pages/_app-35e06bd1b995bfb6.js
JS
/_next/static/chunks/7531-4366632c2cf23a67.js
JS
/_next/static/chunks/758-40fb0cf94b1cdcbd.js
JS
/_next/static/chunks/5409-684da7548e63339a.js
JS
/_next/static/chunks/1167-0e458f33516e45f5.js
JS
/_next/static/chunks/pages/index-64e0f8419422b0b7.js
JS
/_next/static/t4T7qBQ1aIrQkdLCRjodr/_buildManifest.js
JS
/_next/static/t4T7qBQ1aIrQkdLCRjodr/_ssgManifest.js
JS
"/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js"
JS
"https://classic.avantlink.com/affiliate_app_confirm.php?mode=js&authResponse=42dee5ffd15069c40406a8cc1e4271378c89a463"
JS
"/_next/static/chunks/webpack-a3cb6e92ee9779eb.js"
JS
"/_next/static/chunks/framework-ca706bf673a13738.js"
JS
"/_next/static/chunks/main-ac067cb8f94e1673.js"
JS
"/_next/static/chunks/pages/_app-35e06bd1b995bfb6.js"
JS
"/_next/static/chunks/7531-4366632c2cf23a67.js"
JS
"/_next/static/chunks/758-40fb0cf94b1cdcbd.js"
JS
"/_next/static/chunks/5409-684da7548e63339a.js"
JS
"/_next/static/chunks/1167-0e458f33516e45f5.js"
JS
"/_next/static/chunks/pages/index-64e0f8419422b0b7.js"
JS
"/_next/static/t4T7qBQ1aIrQkdLCRjodr/_buildManifest.js"
JS
"/_next/static/t4T7qBQ1aIrQkdLCRjodr/_ssgManifest.js"
Recommandations de sécurité
- • Avoid exposing sensitive variables in client-side code
- • Implement proper API authentication and rate limiting
- • Use environment variables for sensitive configuration
- • Regularly audit client-side code for information leaks
- • Minimize the amount of sensitive data processed on the client side
Historique des scans (1)
Reach millions. Sell more with shoppable live events and video. Transform ordinary browsing into interactive shopping experiences, driving your sales and site traffic.
65/100
4 issues