Reactive
HTTPS
TARGET_ANALYSIS
www.reactive.live
IP: 185.199.108.153
ASN: AS54113
A comprehensive security and network analysis report for www.reactive.live. Server: GitHub.com. Hosted in US.
- Primary Port
- 443
- Scan Time
- Shareable Report Link
- https://sechttp.com/scan/www.reactive.live
Detailed Security Analysis
Attack Path & DDoS Defense Analysis
Attacker
L4 Traffic
L7 Traffic
AS54113 (GitHub.com POP)
L4 Defended
L7 Bypassed
L4 Blocked
L7 Traffic
Your Server
Defense Summary
While GitHub.com provides robust protection against Layer 4 (network-level) attacks, your server remains potentially vulnerable to sophisticated Layer 7 (application-level) attacks that can bypass standard CDN defenses. Additional WAF rules and application-side security measures are recommended.
Layer 4 Defense
GitHub.com provides robust SYN flood, UDP amplification, and volumetric attack protection at the network edge.
Layer 7 Vulnerabilities
Application-layer attacks targeting 2 exposed API endpoints require additional WAF rules and rate limiting.
Server Information Disclosure
LOWINFO-001
Description
The server is disclosing its software type: GitHub.com. This can help attackers identify potential vulnerabilities.
Recommendation
Configure your web server to hide or modify the Server header to prevent information disclosure.
Missing or Invalid HSTS Header
MEDIUMSEC-001
Description
The Strict-Transport-Security header is not properly configured, leaving the site vulnerable to man-in-the-middle attacks.
Recommendation
Implement HSTS by adding the Strict-Transport-Security header with a proper max-age value to force HTTPS connections.
Missing X-Frame-Options Header
MEDIUMSEC-002
Description
The site is not protected against clickjacking attacks.
Recommendation
Add the X-Frame-Options header with value 'DENY' or 'SAMEORIGIN' to prevent clickjacking.
Sensitive Information Exposure in JavaScript
HIGHJS-001
Description
Found 140 potentially sensitive variables exposed in client-side JavaScript code.
Recommendation
Review and remove sensitive information from client-side code. Use environment variables and server-side processing for sensitive data.
root@sechttp: /var/log/fuzz
root@sechttp : ~ $
> [Code: 200]
/api [SENSITIVE LEAK]
> [Code: 403]
/api/ [FORBIDDEN]
[+] Scan complete. Found 1 potential leaks.
root@sechttp : ~ $
Port Scan Results
| Port | Service | Status | Version |
|---|---|---|---|
| 80 | HTTP | CLOSED | - |
| 443 | HTTPS | OPEN | TLS 1.3 |
| 22 | SSH | FILTERED | - |
| 3306 | MySQL | CLOSED | - |
HTTP Headers Analysis
age:
6
via:
1.1 varnish
date:
Thu, 11 Sep 2025 16:35:51 GMT
etag:
"67c0984b-11842"
vary:
Accept-Encoding
server:
GitHub.com
expires:
Thu, 11 Sep 2025 16:45:46 GMT
x-cache:
HIT
x-timer:
S1757608552.671677,VS0,VE1
connection:
keep-alive
x-served-by:
cache-lax-kwhp1940069-LAX
content-type:
text/html; charset=utf-8
x-cache-hits:
1
accept-ranges:
bytes
cache-control:
max-age=600
last-modified:
Thu, 27 Feb 2025 16:52:27 GMT
x-proxy-cache:
MISS
content-length:
71746
x-fastly-request-id:
8775885db034566c6b8aa86d45e46c4d36326656
x-github-request-id:
4230:273A5D:129E752:1313599:68C2FA5F
access-control-allow-origin:
*
ASN Information
ASN: AS54113
IP Address: 185.199.108.153
Network Prefix: 185.199.108.0/24
Organization: FASTLY
Country:
🇺🇸 US
Name: FASTLY
Upstream Providers (91)
AS3356
LEVEL3
Level 3 Parent, LLC
🇺🇸 US
upstream
AS1299
TWELVE99
Arelion, f/k/a Telia Carrier
🇸🇪 SE
upstream
AS174
COGENT-174
Cogent Communications
🇺🇸 US
upstream
AS2914
NTT-DATA-2914
NTT America, Inc.
🇺🇸 US
upstream
AS6939
HURRICANE
Hurricane Electric LLC
🇺🇸 US
upstream
AS3257
GTT-BACKBONE
GTT
🇺🇸 US
upstream
AS7922
COMCAST-7922
Comcast Cable Communications, LLC
🇺🇸 US
upstream
AS4637
ASN-TELSTRA-GLOBAL
Telstra Global
🇭🇰 HK
upstream
AS55836
RELIANCEJIO-IN
Reliance Jio Infocomm Limited
🇮🇳 IN
upstream
AS7018
ATT-INTERNET4
AT&T Enterprises, LLC
🇺🇸 US
upstream
AS5511
Opentransit
Orange S.A.
🇫🇷 FR
upstream
AS3491
CONSOLE-CONNECT-ASN
PCCW Global, Inc.
🇺🇸 US
upstream
AS9498
BBIL-AP
BHARTI Airtel Ltd.
🇮🇳 IN
upstream
AS2497
IIJ
Internet Initiative Japan Inc.
🇯🇵 JP
upstream
AS9002
RETN-AS
RETN Limited
🇬🇧 GB
upstream
AS1221
ASN-TELSTRA
Telstra Limited
🇦🇺 AU
upstream
AS4755
TATACOMM-AS
TATA Communications formerly VSNL is Leading ISP
🇮🇳 IN
upstream
AS6762
SEABONE-NET
TELECOM ITALIA SPARKLE S.p.A.
🇮🇹 IT
upstream
AS6830
LibertyGlobal
Liberty Global (formerly UPC Broadband Holding, aka AORTA)
🇳🇱 NL
upstream
AS37271
Workonline
Workonline Communications Ltd
🇿🇦 ZA
upstream
AS6453
AS6453
TATA COMMUNICATIONS (AMERICA) INC
🇺🇸 US
upstream
AS7195
EDGEUNO S.A.S
EDGEUNO S.A.S
🇨🇴 CO
upstream
AS3320
DTAG
Internet service provider operations
🇩🇪 DE
upstream
AS4648
SPARK-NZ
Global-Gateway Internet
🇳🇿 NZ
upstream
AS577
BACOM
Bell Canada
🇨🇦 CA
upstream
AS9583
SIFY-AS-IN
Sify Limited
🇮🇳 IN
upstream
AS4826
VOCUS-BACKBONE-AS
Vocus Connect International Backbone
🇦🇺 AU
upstream
AS37100
SEACOM-AS
SEACOM Limited
🇲🇺 MU
upstream
AS21859
ZEN-ECN
Zenlayer Inc
🇺🇸 US
upstream
AS12956
TELXIUS
TELXIUS Cable
🇪🇸 ES
upstream
AS6461
ZAYO-6461
Zayo Bandwidth
🇺🇸 US
upstream
AS22381
Megatelecom Telecomunicacoes Ltda
Megatelecom Telecomunicacoes Ltda
🇧🇷 BR
upstream
AS7474
OPTUSCOM-AS01-AU
SingTel Optus Pty Ltd
🇦🇺 AU
upstream
AS8966
Etisalat-AS
P.O. Box 1150, Dubai, UAE
🇦🇪 AE
upstream
AS12271
TWC-12271-NYC
Charter Communications Inc
🇺🇸 US
upstream
AS9299
IPG-AS-AP
Philippine Long Distance Telephone Company
🇵🇭 PH
upstream
AS7473
SINGTEL-AS-AP
Singapore Telecommunications Ltd
🇸🇬 SG
upstream
AS9957
KINX-AS
KINX
🇰🇷 KR
upstream
AS18678
INTERNEXA S.A. E.S.P
INTERNEXA S.A. E.S.P
🇨🇴 CO
upstream
AS32098
TRANSTELCO-INC
Transtelco Inc
🇺🇸 US
upstream
AS63927
RISE-HK
RISE
🇵🇭 PH
upstream
AS262589
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
🇧🇷 BR
upstream
AS9318
SKB-AS
SK Broadband Co Ltd
🇰🇷 KR
upstream
AS37662
WIOCC-AS
West Indian Ocean Cable Company
🇲🇺 MU
upstream
AS4775
GLOBE-TELECOM-AS
Globe Telecoms
🇵🇭 PH
upstream
AS3356
LEVEL3
Level 3 Parent, LLC
🇺🇸 US
upstream
AS1299
TWELVE99
Arelion, f/k/a Telia Carrier
🇸🇪 SE
upstream
AS174
COGENT-174
Cogent Communications
🇺🇸 US
upstream
AS2914
NTT-DATA-2914
NTT America, Inc.
🇺🇸 US
upstream
AS6939
HURRICANE
Hurricane Electric LLC
🇺🇸 US
upstream
AS3257
GTT-BACKBONE
GTT
🇺🇸 US
upstream
AS7922
COMCAST-7922
Comcast Cable Communications, LLC
🇺🇸 US
upstream
AS4637
ASN-TELSTRA-GLOBAL
Telstra Global
🇭🇰 HK
upstream
AS55836
RELIANCEJIO-IN
Reliance Jio Infocomm Limited
🇮🇳 IN
upstream
AS7018
ATT-INTERNET4
AT&T Enterprises, LLC
🇺🇸 US
upstream
AS5511
Opentransit
Orange S.A.
🇫🇷 FR
upstream
AS3491
CONSOLE-CONNECT-ASN
PCCW Global, Inc.
🇺🇸 US
upstream
AS9498
BBIL-AP
BHARTI Airtel Ltd.
🇮🇳 IN
upstream
AS2497
IIJ
Internet Initiative Japan Inc.
🇯🇵 JP
upstream
AS9002
RETN-AS
RETN Limited
🇬🇧 GB
upstream
AS1221
ASN-TELSTRA
Telstra Limited
🇦🇺 AU
upstream
AS4755
TATACOMM-AS
TATA Communications formerly VSNL is Leading ISP
🇮🇳 IN
upstream
AS6762
SEABONE-NET
TELECOM ITALIA SPARKLE S.p.A.
🇮🇹 IT
upstream
AS6830
LibertyGlobal
Liberty Global (formerly UPC Broadband Holding, aka AORTA)
🇳🇱 NL
upstream
AS37271
Workonline
Workonline Communications Ltd
🇿🇦 ZA
upstream
AS6453
AS6453
TATA COMMUNICATIONS (AMERICA) INC
🇺🇸 US
upstream
AS7195
EDGEUNO S.A.S
EDGEUNO S.A.S
🇨🇴 CO
upstream
AS3320
DTAG
Internet service provider operations
🇩🇪 DE
upstream
AS4648
SPARK-NZ
Global-Gateway Internet
🇳🇿 NZ
upstream
AS577
BACOM
Bell Canada
🇨🇦 CA
upstream
AS9583
SIFY-AS-IN
Sify Limited
🇮🇳 IN
upstream
AS4826
VOCUS-BACKBONE-AS
Vocus Connect International Backbone
🇦🇺 AU
upstream
AS37100
SEACOM-AS
SEACOM Limited
🇲🇺 MU
upstream
AS21859
ZEN-ECN
Zenlayer Inc
🇺🇸 US
upstream
AS12956
TELXIUS
TELXIUS Cable
🇪🇸 ES
upstream
AS6461
ZAYO-6461
Zayo Bandwidth
🇺🇸 US
upstream
AS22381
Megatelecom Telecomunicacoes Ltda
Megatelecom Telecomunicacoes Ltda
🇧🇷 BR
upstream
AS701
UUNET
Verizon Business
🇺🇸 US
upstream
AS7474
OPTUSCOM-AS01-AU
SingTel Optus Pty Ltd
🇦🇺 AU
upstream
AS8966
Etisalat-AS
P.O. Box 1150, Dubai, UAE
🇦🇪 AE
upstream
AS12271
TWC-12271-NYC
Charter Communications Inc
🇺🇸 US
upstream
AS9299
IPG-AS-AP
Philippine Long Distance Telephone Company
🇵🇭 PH
upstream
AS7473
SINGTEL-AS-AP
Singapore Telecommunications Ltd
🇸🇬 SG
upstream
AS9957
KINX-AS
KINX
🇰🇷 KR
upstream
AS18678
INTERNEXA S.A. E.S.P
INTERNEXA S.A. E.S.P
🇨🇴 CO
upstream
AS32098
TRANSTELCO-INC
Transtelco Inc
🇺🇸 US
upstream
AS63927
RISE-HK
RISE
🇵🇭 PH
upstream
AS212250
HORIZON-SCOPE
HORIZON-SCOPE
🇮🇶 IQ
upstream
AS262589
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
SAMM TECNOLOGIA E TELECOMUNICACOES S.A
🇧🇷 BR
upstream
AS9318
SKB-AS
SK Broadband Co Ltd
🇰🇷 KR
upstream
AS37662
WIOCC-AS
West Indian Ocean Cable Company
🇲🇺 MU
upstream
Internet Exchange Points (260)
🇧🇬
BIX.BG
BG
100 Gbps
Bandwidth
🇧🇬
BIX.BG
BG
100 Gbps
Bandwidth
🇦🇺
Equinix Melbourne
AU
100 Gbps
Bandwidth
🇦🇺
Equinix Melbourne
AU
100 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) São Paulo
BR
600 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) São Paulo
BR
600 Gbps
Bandwidth
🇦🇺
MegaIX Melbourne
AU
10 Gbps
Bandwidth
🇦🇺
MegaIX Melbourne
AU
10 Gbps
Bandwidth
🇦🇺
MegaIX Sydney
AU
20 Gbps
Bandwidth
🇦🇺
MegaIX Sydney
AU
20 Gbps
Bandwidth
🇦🇺
Equinix Sydney
AU
100 Gbps
Bandwidth
🇦🇺
Equinix Sydney
AU
100 Gbps
Bandwidth
🇺🇸
Equinix Ashburn
US
300 Gbps
Bandwidth
🇺🇸
Equinix Ashburn
US
300 Gbps
Bandwidth
🇺🇸
Equinix Chicago
US
200 Gbps
Bandwidth
🇺🇸
Equinix Dallas
US
200 Gbps
Bandwidth
🇺🇸
Equinix Dallas
US
200 Gbps
Bandwidth
🇺🇸
Equinix Los Angeles
US
100 Gbps
Bandwidth
🇺🇸
Equinix Los Angeles
US
100 Gbps
Bandwidth
🇺🇸
Equinix San Jose
US
100 Gbps
Bandwidth
🇺🇸
Equinix San Jose
US
100 Gbps
Bandwidth
🇺🇸
Equinix New York
US
100 Gbps
Bandwidth
🇺🇸
Equinix New York
US
100 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇺🇸
Equinix Chicago
US
200 Gbps
Bandwidth
🇭🇰
Equinix Hong Kong
HK
100 Gbps
Bandwidth
🇭🇰
Equinix Hong Kong
HK
100 Gbps
Bandwidth
🇦🇺
QLD-IX
AU
100 Gbps
Bandwidth
🇦🇺
QLD-IX
AU
100 Gbps
Bandwidth
🇺🇸
SIX Seattle
US
200 Gbps
Bandwidth
🇺🇸
SIX Seattle
US
200 Gbps
Bandwidth
🇬🇧
LONAP
GB
200 Gbps
Bandwidth
🇬🇧
LONAP
GB
200 Gbps
Bandwidth
🇸🇬
Equinix Singapore
SG
400 Gbps
Bandwidth
🇸🇬
Equinix Singapore
SG
400 Gbps
Bandwidth
🇦🇺
VIC-IX
AU
100 Gbps
Bandwidth
🇦🇺
VIC-IX
AU
100 Gbps
Bandwidth
🇦🇺
NSW-IX
AU
200 Gbps
Bandwidth
🇦🇺
NSW-IX
AU
200 Gbps
Bandwidth
🇩🇪
MegaIX Frankfurt
DE
100 Gbps
Bandwidth
🇩🇪
MegaIX Frankfurt
DE
100 Gbps
Bandwidth
🇳🇱
AMS-IX
NL
400 Gbps
Bandwidth
🇳🇱
AMS-IX
NL
400 Gbps
Bandwidth
🇺🇸
Boston Internet Exchange
US
100 Gbps
Bandwidth
🇺🇸
Boston Internet Exchange
US
100 Gbps
Bandwidth
🇨🇦
TorIX
CA
200 Gbps
Bandwidth
🇨🇦
TorIX
CA
200 Gbps
Bandwidth
🇺🇸
DE-CIX New York
US
100 Gbps
Bandwidth
🇺🇸
DE-CIX New York
US
100 Gbps
Bandwidth
🇩🇪
DE-CIX Frankfurt
DE
600 Gbps
Bandwidth
🇩🇪
DE-CIX Frankfurt
DE
600 Gbps
Bandwidth
🇦🇪
SH-IX
AE
100 Gbps
Bandwidth
🇺🇸
MICE
US
100 Gbps
Bandwidth
🇺🇸
MICE
US
100 Gbps
Bandwidth
🇺🇸
FL-IX
US
100 Gbps
Bandwidth
🇺🇸
FL-IX
US
100 Gbps
Bandwidth
🇸🇪
STHIX - Stockholm
SE
100 Gbps
Bandwidth
🇸🇪
STHIX - Stockholm
SE
100 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Johannesburg
ZA
100 Gbps
Bandwidth
🇳🇿
MegaIX Auckland
NZ
10 Gbps
Bandwidth
🇳🇿
MegaIX Auckland
NZ
10 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇯🇵
JPIX OSAKA
JP
400 Gbps
Bandwidth
🇯🇵
JPIX OSAKA
JP
400 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Rio de Janeiro
BR
400 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Rio de Janeiro
BR
400 Gbps
Bandwidth
🇺🇸
NYIIX New York
US
100 Gbps
Bandwidth
🇺🇸
Databank IX Houston
US
10 Gbps
Bandwidth
🇺🇸
Databank IX Houston
US
10 Gbps
Bandwidth
🇺🇸
Any2West
US
200 Gbps
Bandwidth
🇺🇸
Any2West
US
200 Gbps
Bandwidth
🇸🇰
NIX.SK
SK
200 Gbps
Bandwidth
🇯🇵
Equinix Tokyo
JP
200 Gbps
Bandwidth
🇯🇵
Equinix Tokyo
JP
200 Gbps
Bandwidth
🇬🇧
LINX LON1
GB
400 Gbps
Bandwidth
🇬🇧
LINX LON1
GB
400 Gbps
Bandwidth
🇺🇸
MASS-IX
US
10 Gbps
Bandwidth
🇮🇳
Extreme IX Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
Extreme IX Mumbai
IN
100 Gbps
Bandwidth
🇺🇸
Any2Denver
US
200 Gbps
Bandwidth
🇺🇸
Any2Denver
US
200 Gbps
Bandwidth
🇯🇵
JPNAP Tokyo
JP
200 Gbps
Bandwidth
🇯🇵
JPNAP Tokyo
JP
200 Gbps
Bandwidth
🇺🇸
Digital Realty Atlanta
US
100 Gbps
Bandwidth
🇺🇸
Digital Realty Atlanta
US
100 Gbps
Bandwidth
🇮🇳
Extreme IX Kolkata
IN
10 Gbps
Bandwidth
🇳🇿
APE
NZ
10 Gbps
Bandwidth
🇳🇿
APE
NZ
10 Gbps
Bandwidth
🇺🇸
DET-iX
US
200 Gbps
Bandwidth
🇳🇿
WIX-NZ
NZ
10 Gbps
Bandwidth
🇳🇿
WIX-NZ
NZ
10 Gbps
Bandwidth
🇨🇿
NIX.CZ
CZ
200 Gbps
Bandwidth
🇨🇿
NIX.CZ
CZ
200 Gbps
Bandwidth
🇯🇵
BBIX Tokyo
JP
500 Gbps
Bandwidth
🇯🇵
BBIX Tokyo
JP
500 Gbps
Bandwidth
🇯🇵
JPIX TOKYO
JP
600 Gbps
Bandwidth
🇯🇵
JPIX TOKYO
JP
600 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) São Paulo
BR
600 Gbps
Bandwidth
🇳🇱
NL-ix
NL
400 Gbps
Bandwidth
🇸🇬
SGIX
SG
200 Gbps
Bandwidth
🇸🇬
SGIX
SG
200 Gbps
Bandwidth
🇺🇸
DE-CIX Dallas
US
200 Gbps
Bandwidth
🇺🇸
DE-CIX Dallas
US
200 Gbps
Bandwidth
🇮🇹
MIX-IT
IT
300 Gbps
Bandwidth
🇮🇹
MIX-IT
IT
300 Gbps
Bandwidth
🇮🇳
Extreme IX Delhi
IN
100 Gbps
Bandwidth
🇮🇳
Extreme IX Delhi
IN
100 Gbps
Bandwidth
🇳🇿
AKL-IX (Auckland NZ)
NZ
100 Gbps
Bandwidth
🇳🇿
AKL-IX (Auckland NZ)
NZ
100 Gbps
Bandwidth
🇨🇦
QIX Montreal
CA
200 Gbps
Bandwidth
🇸🇬
BBIX Singapore
SG
100 Gbps
Bandwidth
🇪🇸
ESpanix Madrid Lower LAN
ES
100 Gbps
Bandwidth
🇪🇸
ESpanix Madrid Upper LAN
ES
100 Gbps
Bandwidth
🇬🇧
Equinix London
GB
100 Gbps
Bandwidth
🇬🇧
Equinix London
GB
100 Gbps
Bandwidth
🇳🇱
NL-ix
NL
200 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Johannesburg
ZA
100 Gbps
Bandwidth
🇺🇸
NYIIX New York
US
100 Gbps
Bandwidth
🇬🇧
LINX Manchester
GB
100 Gbps
Bandwidth
🇬🇧
LINX Manchester
GB
100 Gbps
Bandwidth
🇮🇪
INEX LAN1
IE
200 Gbps
Bandwidth
🇮🇪
INEX LAN1
IE
200 Gbps
Bandwidth
🇺🇸
Ohio IX
US
100 Gbps
Bandwidth
🇺🇸
Ohio IX
US
100 Gbps
Bandwidth
🇮🇳
Extreme IX Kolkata
IN
10 Gbps
Bandwidth
🇦🇹
VIX
AT
100 Gbps
Bandwidth
🇦🇹
VIX
AT
100 Gbps
Bandwidth
🇦🇪
UAE-IX
AE
200 Gbps
Bandwidth
🇺🇸
Digital Realty Dallas
US
10 Gbps
Bandwidth
🇺🇸
Digital Realty Dallas
US
10 Gbps
Bandwidth
🇺🇸
☀✪⌁KCIX⌁✪☀
US
100 Gbps
Bandwidth
🇺🇸
Equinix Miami
US
100 Gbps
Bandwidth
🇮🇳
DE-CIX Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
DE-CIX Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
Extreme IX Chennai
IN
10 Gbps
Bandwidth
🇮🇳
Extreme IX Chennai
IN
10 Gbps
Bandwidth
🇺🇸
☀✪⌁STLIX⌁✪☀
US
100 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Cape Town
ZA
100 Gbps
Bandwidth
🇿🇦
NAPAfrica IX Cape Town
ZA
100 Gbps
Bandwidth
🇺🇸
☀✪⌁KCIX⌁✪☀
US
100 Gbps
Bandwidth
🇳🇱
NL-ix
NL
100 Gbps
Bandwidth
🇺🇸
SFMIX
US
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Sydney
AU
400 Gbps
Bandwidth
🇺🇸
CIX-ATL
US
200 Gbps
Bandwidth
🇧🇷
Equinix São Paulo
BR
100 Gbps
Bandwidth
🇮🇳
NIXI Chennai
IN
10 Gbps
Bandwidth
🇮🇳
NIXI Chennai
IN
10 Gbps
Bandwidth
🇪🇸
DE-CIX Madrid
ES
100 Gbps
Bandwidth
🇪🇸
DE-CIX Madrid
ES
100 Gbps
Bandwidth
🇯🇵
JPNAP Osaka
JP
200 Gbps
Bandwidth
🇯🇵
JPNAP Osaka
JP
200 Gbps
Bandwidth
🇵🇪
PIT - Peru - Lima
PE
200 Gbps
Bandwidth
🇮🇹
MINAP Milan
IT
100 Gbps
Bandwidth
🇩🇪
DE-CIX Munich
DE
100 Gbps
Bandwidth
🇮🇹
MINAP Milan
IT
100 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇳🇱
NL-ix
NL
400 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇫🇷
DE-CIX Marseille
FR
100 Gbps
Bandwidth
🇺🇸
NWAX
US
100 Gbps
Bandwidth
🇬🇭
GIXA
GH
10 Gbps
Bandwidth
🇬🇭
GIXA
GH
10 Gbps
Bandwidth
🇵🇭
GetaFIX Manila
PH
100 Gbps
Bandwidth
🇵🇭
GetaFIX Manila
PH
100 Gbps
Bandwidth
🇲🇾
MyIX
MY
100 Gbps
Bandwidth
🇲🇾
MyIX
MY
100 Gbps
Bandwidth
🇮🇹
Namex Rome
IT
100 Gbps
Bandwidth
🇮🇹
Namex Rome
IT
100 Gbps
Bandwidth
🇫🇮
FICIX 2 (Helsinki)
FI
100 Gbps
Bandwidth
🇫🇮
FICIX 2 (Helsinki)
FI
100 Gbps
Bandwidth
🇺🇸
DRF IX
US
10 Gbps
Bandwidth
🇺🇸
DRF IX
US
10 Gbps
Bandwidth
🇳🇿
CHC-IX (Christchurch NZ)
NZ
10 Gbps
Bandwidth
🇳🇿
CHC-IX (Christchurch NZ)
NZ
10 Gbps
Bandwidth
🇦🇺
EdgeIX - Perth
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Perth
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Sydney
AU
400 Gbps
Bandwidth
🇦🇺
EdgeIX - Brisbane
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Brisbane
AU
100 Gbps
Bandwidth
🇨🇦
YYCIX
CA
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Adelaide
AU
10 Gbps
Bandwidth
🇦🇺
EdgeIX - Adelaide
AU
10 Gbps
Bandwidth
🇦🇺
EdgeIX - Melbourne
AU
100 Gbps
Bandwidth
🇦🇺
EdgeIX - Melbourne
AU
100 Gbps
Bandwidth
🇹🇭
THAILAND IX (TH-IX)
TH
10 Gbps
Bandwidth
🇹🇭
BKNIX (Thailand)
TH
100 Gbps
Bandwidth
🇹🇭
BKNIX (Thailand)
TH
100 Gbps
Bandwidth
🇳🇿
WLG-IX (Wellington NZ)
NZ
10 Gbps
Bandwidth
🇳🇿
WLG-IX (Wellington NZ)
NZ
10 Gbps
Bandwidth
🇸🇰
NIX.SK
SK
200 Gbps
Bandwidth
🇮🇳
Extreme IX Hyderabad
IN
10 Gbps
Bandwidth
🇮🇳
Extreme IX Hyderabad
IN
10 Gbps
Bandwidth
🇺🇸
Any2East
US
100 Gbps
Bandwidth
🇺🇸
Digital Realty Ashburn
US
10 Gbps
Bandwidth
🇺🇸
Digital Realty Ashburn
US
10 Gbps
Bandwidth
🇵🇹
GigaPIX - LAN 1
PT
100 Gbps
Bandwidth
🇭🇺
BiX
HU
200 Gbps
Bandwidth
🇨🇿
Peering.cz
CZ
200 Gbps
Bandwidth
🇫🇷
France-IX Paris
FR
100 Gbps
Bandwidth
🇫🇷
France-IX Paris
FR
100 Gbps
Bandwidth
🇫🇷
France-IX Marseille
FR
100 Gbps
Bandwidth
🇿🇦
CINX
ZA
100 Gbps
Bandwidth
🇿🇦
JINX
ZA
100 Gbps
Bandwidth
🇦🇺
SA-IX
AU
20 Gbps
Bandwidth
🇦🇺
SA-IX
AU
20 Gbps
Bandwidth
🇹🇭
BBIX Thailand
TH
100 Gbps
Bandwidth
🇦🇺
WA-IX
AU
100 Gbps
Bandwidth
🇦🇺
WA-IX
AU
100 Gbps
Bandwidth
🇨🇴
PIT - Colombia - Bogota
CO
200 Gbps
Bandwidth
🇳🇱
NL-ix 2
NL
400 Gbps
Bandwidth
🇳🇱
NL-ix 2
NL
400 Gbps
Bandwidth
🇬🇭
Accra Internet Exchange LBG
GH
100 Gbps
Bandwidth
🇮🇳
Equinix Mumbai
IN
100 Gbps
Bandwidth
🇵🇭
BBIX Manila
PH
100 Gbps
Bandwidth
🇵🇭
BBIX Manila
PH
100 Gbps
Bandwidth
🇮🇳
NIXI Mumbai
IN
100 Gbps
Bandwidth
🇮🇳
NIXI Delhi
IN
100 Gbps
Bandwidth
🇮🇳
NIXI Kolkata
IN
10 Gbps
Bandwidth
🇮🇳
NIXI Hyderabad
IN
10 Gbps
Bandwidth
🇰🇷
KINX
KR
100 Gbps
Bandwidth
🇰🇷
KINX
KR
100 Gbps
Bandwidth
🇺🇸
Any2Chicago
US
100 Gbps
Bandwidth
🇨🇦
VANIX
CA
100 Gbps
Bandwidth
🇺🇸
IX-Denver
US
200 Gbps
Bandwidth
🇯🇵
BBIX Tokyo
JP
500 Gbps
Bandwidth
🇨🇱
PIT Santiago - PIT Chile
CL
300 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Rio de Janeiro
BR
400 Gbps
Bandwidth
🇮🇳
Equinix Mumbai
IN
100 Gbps
Bandwidth
🇺🇸
BBIX US-West
US
100 Gbps
Bandwidth
🇺🇸
BBIX US-West
US
100 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Fortaleza
BR
200 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Fortaleza
BR
200 Gbps
Bandwidth
🇧🇷
IX.br (PTT.br) Curitiba
BR
20 Gbps
Bandwidth
🇭🇺
BiX
HU
200 Gbps
Bandwidth
🇵🇭
PhIX
PH
200 Gbps
Bandwidth
🇵🇭
PhIX
PH
200 Gbps
Bandwidth
🇮🇳
AMS-IX Kolkata
IN
10 Gbps
Bandwidth
🇮🇳
AMS-IX Kolkata
IN
10 Gbps
Bandwidth
🇮🇳
AMS-IX Hyderabad
IN
10 Gbps
Bandwidth
🇦🇪
UAE-IX
AE
200 Gbps
Bandwidth
🇮🇳
AMS-IX Hyderabad
IN
10 Gbps
Bandwidth
🇳🇿
EdgeIX - Auckland
NZ
100 Gbps
Bandwidth
🇦🇷
AR-IX Cabase - Argentina
AR
100 Gbps
Bandwidth
🇦🇷
AR-IX Cabase - Argentina
AR
100 Gbps
Bandwidth
🇳🇿
EdgeIX - Auckland
NZ
100 Gbps
Bandwidth
🇦🇷
PIT - Argentina - Buenos Aires
AR
200 Gbps
Bandwidth
🇺🇸
DE-CIX Chicago
US
100 Gbps
Bandwidth
🇺🇸
DE-CIX Chicago
US
100 Gbps
Bandwidth
🇲🇽
PIT MX
MX
100 Gbps
Bandwidth
🇲🇽
PIT MX
MX
100 Gbps
Bandwidth
🇲🇽
DE-CIX Mexico
MX
100 Gbps
Bandwidth
🇲🇽
DE-CIX Mexico
MX
100 Gbps
Bandwidth
🇺🇸
Ninja-IX Phoenix
US
100 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇯🇵
BBIX Osaka
JP
200 Gbps
Bandwidth
🇸🇬
BBIX Singapore
SG
100 Gbps
Bandwidth
🇲🇾
DE-CIX Kuala Lumpur
MY
10 Gbps
Bandwidth
🇲🇾
DE-CIX Kuala Lumpur
MY
10 Gbps
Bandwidth
🇸🇬
Equinix Singapore
SG
400 Gbps
Bandwidth
JavaScript Analysis
Security Analysis Alert
Client-side code analysis has identified potential security vulnerabilities and information disclosure risks.
Exposed JavaScript Variables
Variables exposed in client-side code that may contain sensitive information
# Security Assessment: Variable Exposure Analysis
LEAK
URL
Pc
Risk: Information disclosure via client-side exposure
LEAK
Url
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
key
getChildKey
Risk: Information disclosure via client-side exposure
LEAK
url
.concat(shareLink(e)),whatsAppShareLink=e=>
Risk: Information disclosure via client-side exposure
LEAK
_key
createKey
Risk: Information disclosure via client-side exposure
LEAK
auth
n
Risk: Information disclosure via client-side exposure
LEAK
code
ENOENT
Risk: Information disclosure via client-side exposure
LEAK
keys
function
Risk: Information disclosure via client-side exposure
LEAK
test
e
Risk: Information disclosure via client-side exposure
LEAK
Token
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
keyBy
function
Risk: Information disclosure via client-side exposure
LEAK
keyOf
function
Risk: Information disclosure via client-side exposure
LEAK
toKey
function
Risk: Information disclosure via client-side exposure
LEAK
token
e
Risk: Information disclosure via client-side exposure
LEAK
altKey
0
Risk: Information disclosure via client-side exposure
LEAK
assign
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
author
Lance Marks, Co-founder, O.school
Risk: Information disclosure via client-side exposure
LEAK
client
client
Risk: Information disclosure via client-side exposure
LEAK
codeAt
Re
Risk: Information disclosure via client-side exposure
LEAK
ctaUrl
A
Risk: Information disclosure via client-side exposure
LEAK
decode
decode
Risk: Information disclosure via client-side exposure
LEAK
domain
void
Risk: Information disclosure via client-side exposure
LEAK
encode
encode
Risk: Information disclosure via client-side exposure
LEAK
getURL
function
Risk: Information disclosure via client-side exposure
LEAK
inside
avoid
Risk: Information disclosure via client-side exposure
LEAK
keyFor
function
Risk: Information disclosure via client-side exposure
LEAK
mailto
+i),!!e.md.validateLink(s)&&(n||((o=e.push(
Risk: Information disclosure via client-side exposure
LEAK
newUrl
<empty_value>
Risk: Information disclosure via client-side exposure
LEAK
UrlNode
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
clientX
0
Risk: Information disclosure via client-side exposure
LEAK
clientY
0
Risk: Information disclosure via client-side exposure
LEAK
ctrlKey
0
Risk: Information disclosure via client-side exposure
LEAK
fastKey
function
Risk: Information disclosure via client-side exposure
LEAK
findKey
function
Risk: Information disclosure via client-side exposure
LEAK
keyCode
0
Risk: Information disclosure via client-side exposure
LEAK
mapKeys
function
Risk: Information disclosure via client-side exposure
LEAK
metaKey
0
Risk: Information disclosure via client-side exposure
LEAK
ownKeys
Et
Risk: Information disclosure via client-side exposure
LEAK
cacheKey
n
Risk: Information disclosure via client-side exposure
LEAK
charCode
function
Risk: Information disclosure via client-side exposure
LEAK
password
zc
Risk: Information disclosure via client-side exposure
LEAK
s.client
client
Risk: Information disclosure via client-side exposure
LEAK
shiftKey
0
Risk: Information disclosure via client-side exposure
LEAK
src_auth
(?:(?:(?!
Risk: Information disclosure via client-side exposure
LEAK
burlywood
deb887
Risk: Information disclosure via client-side exposure
LEAK
createKey
function
Risk: Information disclosure via client-side exposure
LEAK
eE.client
client
Risk: Information disclosure via client-side exposure
LEAK
embed_url
l
Risk: Information disclosure via client-side exposure
LEAK
formatUrl
function
Risk: Information disclosure via client-side exposure
LEAK
keyPrefix
n
Risk: Information disclosure via client-side exposure
LEAK
keyframes
u
Risk: Information disclosure via client-side exposure
LEAK
mapDomain
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
routeKeys
o
Risk: Information disclosure via client-side exposure
LEAK
toUnicode
toUnicode
Risk: Information disclosure via client-side exposure
LEAK
tokenised
n
Risk: Information disclosure via client-side exposure
LEAK
updateURL
function
Risk: Information disclosure via client-side exposure
LEAK
PHASE_TEST
function
Risk: Information disclosure via client-side exposure
LEAK
PanSession
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
SideEffect
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
isAPIRoute
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
isLocalURL
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
numNumbers
n
Risk: Information disclosure via client-side exposure
LEAK
src_domain
(?:
Risk: Information disclosure via client-side exposure
LEAK
statusCode
r
Risk: Information disclosure via client-side exposure
LEAK
ucs2decode
function
Risk: Information disclosure via client-side exposure
LEAK
ucs2encode
function
Risk: Information disclosure via client-side exposure
LEAK
DecodeError
function
Risk: Information disclosure via client-side exposure
LEAK
clientLogos
t
Risk: Information disclosure via client-side exposure
LEAK
codePointAt
function
Risk: Information disclosure via client-side exposure
LEAK
credentials
same-origin
Risk: Information disclosure via client-side exposure
LEAK
getChildKey
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
numberToHex
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
responseURL
n
Risk: Information disclosure via client-side exposure
LEAK
s.burlywood
deb887
Risk: Information disclosure via client-side exposure
LEAK
DOMTokenList
1
Risk: Information disclosure via client-side exposure
LEAK
latestValues
o
Risk: Information disclosure via client-side exposure
LEAK
onSessionEnd
n
Risk: Information disclosure via client-side exposure
LEAK
prepareUrlAs
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
SVGNumberList
0
Risk: Information disclosure via client-side exposure
LEAK
domainLocales
A
Risk: Information disclosure via client-side exposure
LEAK
fromCodePoint
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
isAbsoluteUrl
function
Risk: Information disclosure via client-side exposure
LEAK
mobileNavOpen
r
Risk: Information disclosure via client-side exposure
LEAK
protectedKeys
e
Risk: Information disclosure via client-side exposure
LEAK
testValueType
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
urlObjectKeys
function
Risk: Information disclosure via client-side exposure
LEAK
ClientRectList
0
Risk: Information disclosure via client-side exposure
LEAK
onSessionStart
asyncHandler
Risk: Information disclosure via client-side exposure
LEAK
src_email_name
[\\-;:&=\\+\\$,\\.a-zA-Z0-9_][\\-;:&=\\+\\$,\\
Risk: Information disclosure via client-side exposure
LEAK
MozPrintableKey
Unidentified
Risk: Information disclosure via client-side exposure
LEAK
URLSearchParams
ys
Risk: Information disclosure via client-side exposure
LEAK
Xr.DOMTokenList
1
Risk: Information disclosure via client-side exposure
LEAK
createScriptURL
r
Risk: Information disclosure via client-side exposure
LEAK
getMetadataKeys
function
Risk: Information disclosure via client-side exposure
LEAK
getSafeRouteKey
f
Risk: Information disclosure via client-side exposure
LEAK
isIdentityScale
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
lastDevicePoint
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
src_domain_root
"(?:"+t.src_xn+"|"+t.src_pseudo_letter+"{1,63})",t.src_domain="(?:"+t.src_xn+"|(?:"+t.src_pseudo_letter+")|(?:"+t.src_pseudo_letter+"(?:-|"+t.src_pseudo_letter+"){0,61}"+t.src_pseudo_letter+"))",t.src...
Risk: Information disclosure via client-side exposure
LEAK
tpl_email_fuzzy
(^|
Risk: Information disclosure via client-side exposure
LEAK
PAGE_SEGMENT_KEY
function
Risk: Information disclosure via client-side exposure
LEAK
Xr.SVGNumberList
<empty_value>
Risk: Information disclosure via client-side exposure
LEAK
parseRelativeUrl
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
Xr.ClientRectList
<empty_value>
Risk: Information disclosure via client-side exposure
LEAK
isKeyframesTarget
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
isValidEntityCode
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
onPanSessionStart
e
Risk: Information disclosure via client-side exposure
LEAK
detectDomainLocale
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
getOwnMetadataKeys
function
Risk: Information disclosure via client-side exposure
LEAK
nR.MozPrintableKey
Unidentified
Risk: Information disclosure via client-side exposure
LEAK
publicRuntimeConfig
u
Risk: Information disclosure via client-side exposure
LEAK
tpl_host_fuzzy_test
localhost|www\\.|\\.\\d{1,3}\\.|(?:\\.(?:%TLDS%)(?:
Risk: Information disclosure via client-side exposure
LEAK
APP_CLIENT_INTERNALS
function
Risk: Information disclosure via client-side exposure
LEAK
convertNumbersToZero
[XSS working]
Risk: Information disclosure via client-side exposure
LEAK
getSafeKeyFromSegment
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
shadowKeyUmbraOpacity
0.25
Risk: Information disclosure via client-side exposure
LEAK
getClientBuildManifest
function
Risk: Information disclosure via client-side exposure
LEAK
handleClientScriptLoad
function
Risk: Information disclosure via client-side exposure
LEAK
isWaapiSupportedEasing
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
searchParamsToUrlQuery
function
Risk: Information disclosure via client-side exposure
LEAK
stringifyUrlQueryParam
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
urlQueryToSearchParams
function
Risk: Information disclosure via client-side exposure
LEAK
DEV_MIDDLEWARE_MANIFEST
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_PUBLIC_FILES_PATH
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_PATH
function
Risk: Information disclosure via client-side exposure
LEAK
PHASE_DEVELOPMENT_SERVER
function
Risk: Information disclosure via client-side exposure
LEAK
makePublicRouterInstance
function
Risk: Information disclosure via client-side exposure
LEAK
shadowKeyPenumbraOpacity
0.14
Risk: Information disclosure via client-side exposure
LEAK
unstable_skipClientCache
o
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_REFERENCE_MANIFEST
function
Risk: Information disclosure via client-side exposure
LEAK
DEV_CLIENT_PAGES_MANIFEST
function
Risk: Information disclosure via client-side exposure
LEAK
EDGE_UNSUPPORTED_NODE_APIS
function
Risk: Information disclosure via client-side exposure
LEAK
REQUIRED_CODE_ERROR_MESSAGE
Please choose a country code
Risk: Information disclosure via client-side exposure
LEAK
__unsafeCreateTrustedScriptURL
[sechttp]
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_AMP
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_MAIN
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_WEBPACK
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_MAIN_APP
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_POLYFILLS
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_REACT_REFRESH
function
Risk: Information disclosure via client-side exposure
LEAK
CLIENT_STATIC_FILES_RUNTIME_POLYFILLS_SYMBOL
function
Risk: Information disclosure via client-side exposure
Total: 140 exposed variables found
API Domain Analysis
External API domains discovered in client-side code
EXTERNAL_API_DOMAIN
static.hotjar.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
avantlink.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
reactjs.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
nextjs.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
fonts.googleapis.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
fonts.gstatic.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
use.typekit.net
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.reactive.live
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
git.io
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
github.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
browserstrangeness.bitbucket.io
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
sibforms.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
tally.so
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
calendly.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
assets.calendly.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
classic.avantlink.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
cdn01.basis.net
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.apache.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
twitter.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
snook.ca
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.drupal.org
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.phpied.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.sanbeiji.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
css-discuss.incutio.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
weblog.west-wind.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
youtu.be
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
angel.co
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.facebook.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
www.linkedin.com
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
EXTERNAL_API_DOMAIN
wa.me
Reachable
HTTPS Enabled
Security Note:
External API domains should be validated for proper authentication and rate limiting
Discovered API Endpoints
API endpoints identified through static analysis of client-side code
GET
/api
Active
Endpoint discovered via client-side code analysis
GET
/api/
Active
Endpoint discovered via client-side code analysis
JavaScript Resources
JavaScript files loaded by the application
JS
/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js
JS
https://classic.avantlink.com/affiliate_app_confirm.php?mode=js&authResponse=42dee5ffd15069c40406a8cc1e4271378c89a463
JS
/_next/static/chunks/webpack-a3cb6e92ee9779eb.js
JS
/_next/static/chunks/framework-ca706bf673a13738.js
JS
/_next/static/chunks/main-ac067cb8f94e1673.js
JS
/_next/static/chunks/pages/_app-35e06bd1b995bfb6.js
JS
/_next/static/chunks/7531-4366632c2cf23a67.js
JS
/_next/static/chunks/758-40fb0cf94b1cdcbd.js
JS
/_next/static/chunks/5409-684da7548e63339a.js
JS
/_next/static/chunks/1167-0e458f33516e45f5.js
JS
/_next/static/chunks/pages/index-64e0f8419422b0b7.js
JS
/_next/static/t4T7qBQ1aIrQkdLCRjodr/_buildManifest.js
JS
/_next/static/t4T7qBQ1aIrQkdLCRjodr/_ssgManifest.js
JS
"/_next/static/chunks/polyfills-c67a75d1b6f99dc8.js"
JS
"https://classic.avantlink.com/affiliate_app_confirm.php?mode=js&authResponse=42dee5ffd15069c40406a8cc1e4271378c89a463"
JS
"/_next/static/chunks/webpack-a3cb6e92ee9779eb.js"
JS
"/_next/static/chunks/framework-ca706bf673a13738.js"
JS
"/_next/static/chunks/main-ac067cb8f94e1673.js"
JS
"/_next/static/chunks/pages/_app-35e06bd1b995bfb6.js"
JS
"/_next/static/chunks/7531-4366632c2cf23a67.js"
JS
"/_next/static/chunks/758-40fb0cf94b1cdcbd.js"
JS
"/_next/static/chunks/5409-684da7548e63339a.js"
JS
"/_next/static/chunks/1167-0e458f33516e45f5.js"
JS
"/_next/static/chunks/pages/index-64e0f8419422b0b7.js"
JS
"/_next/static/t4T7qBQ1aIrQkdLCRjodr/_buildManifest.js"
JS
"/_next/static/t4T7qBQ1aIrQkdLCRjodr/_ssgManifest.js"
Security Recommendations
- • Avoid exposing sensitive variables in client-side code
- • Implement proper API authentication and rate limiting
- • Use environment variables for sensitive configuration
- • Regularly audit client-side code for information leaks
- • Minimize the amount of sensitive data processed on the client side
Historical Scan Records (1)
Reach millions. Sell more with shoppable live events and video. Transform ordinary browsing into interactive shopping experiences, driving your sales and site traffic.
65/100
4 issues