thespanner.co.uk

The Spanner

Javascript blog with messed up syntax inside. New IE mutation vector. Wednesday, 17 June 2015. I was messing around with a filter that didn’t correctly filter attribute names and allowed a blank one which enabled me to bypass it. I thought maybe IE had similar issues when rewriting innerHTML. Yes it does of course. The filter bypass worked like this:. Img = script alert(1) /script. Div='/x="'>'. IE renders the entities inside the x attribute and therefore breaks out of the attr...</p> <p class="top-url" property="url">http://thespanner.co.uk/</p> <div class="share-box d-block d-xl-none clearfix"> <p>SHARE</p> <div class="share-items clearfix"> <div class="addthis_inline_share_toolbox"></div> </div> </div> </div> </div> <div class="col-md-auto share-box white-box d-none d-xl-block"> <div class="right-column"> <p>SHARE</p> <div class="share-items clearfix"> <div class="addthis_inline_share_toolbox"></div> </div> </div> </div> </div> <div class="row headline-row"> <div class="col content-overview white-box clearfix"> <h2>OVERVIEW OF thespanner.co.uk</h2> <div class="row max-width"> <div class="col-md-6"> <div class="item clearfix"> <a href="#traffic"> <span class="title"><i class="sp sp-icon-traffic"></i> TRAFFIC RANK</span> <div class="value"> >1,000,000 </div> </a> </div> <div Class="item clearfix"> <a href="#customerReviews"> <span Class="title"><i class="sp sp-icon-reviews"></i> REVIEWS</span> <div Class="value"><span class="blue">0</span></div> </a> </div> <div class="item clearfix"> <a href="#internalPages"> <span class="title two-lines"><i class="sp sp-icon-pages"></i> PAGES IN THIS WEBSITE</span> <div class="value"><span class="yellow">23</span></div> </a> </div> <div class="item clearfix"> <a href="#linksToWebsite"> <span class="title two-lines"><i class="sp sp-icon-links"></i> LINKS TO THIS WEBSITE</span> <div class="value"><span class="yellow">465</span></div> </a> </div> </div> <div class="col-md-6"> <div class="item clearfix"> <a href="#contacts"> <span class="title"><i class="sp sp-icon-phone"></i> CONTACTS</span> <div Class="value"><span class="blue">0</span></div> </a> </div> <div Class="item clearfix"> <a href="#contacts"> <span class="title"><i class="sp sp-icon-addresses"></i> ADDRESSES</span> <div Class="value"><span class="blue">0</span></div> </a> </div> <div Class="item clearfix"> <a href="#socialEngagement"> <span class="title"><i class="sp sp-icon-social"></i> SOCIAL LINKS</span> <div Class="value"><span class="blue">3</span></div> </a> </div> <div Class="item clearfix"> <a href="#whois"> <span class="title"><i class="sp sp-icon-online"></i> ONLINE SINCE</span> <div Class="value"> <div class="value"><span class="bg bg-light-gray">n/a</span></div> </div> </a> </div> </div> </div> </div> <div Class="col-md-auto white-box right-ad d-xl-block"> <div class="right-column"> <ins class="adsbygoogle" style="display:block;width:336px;height:280px" data-ad-client="ca-pub-8923588662491284" data-ad-slot="6540919649"></ins> <script>(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> </div> </div> </div> <div class="contentRight"> <div id="tabmenuanchor"></div> <div class="row" id="tabmenu"> <div id="tabLEFT" class="col-md-auto"></div> <div id="tabWEBSITEDETAILS" onclick="tabClick('WEBSITE DETAILS')" class="col selected">WEBSITE DETAILS</div> <div id="tabSEO" onclick="tabClick('SEO')" class="col">SEO</div> <div id="tabPAGES" onclick="tabClick('PAGES')" class="col">PAGES</div> <div id="tabSIMILARSITES" onclick="tabClick('SIMILAR SITES')" class="col">SIMILAR SITES</div> </div> </div> <div class="contentRight" style="margin-bottom: 20px;"> <ins class="adsbygoogle" style="display:block; margin-right: -15px;" data-ad-client="ca-pub-8923588662491284" data-ad-slot="4121444500" data-ad-format="auto" data-full-width-responsive="true"></ins> <script>(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> <div class="contentRight"> <div class="row" id="traffic"> <div class="col-12 white-box double-column traffic-overview no-padding"> <div class="row"> <div class="col border-right content-border-bottom"> <h2>TRAFFIC RANK FOR THESPANNER.CO.UK</h2> <div class="row max-width"> <div class="col-8 col-md-10"> <canvas id="trafficOverviewCanvas" height="230"></canvas> </div> <div class="col-4 col-md-2 filterWrapper"> <p class="gray-title">Date Range</p> <ul class="chart-filter" data-target="trafficOverviewCanvas"> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/linegraph/week" class="active">1 week</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/linegraph/month">1 month</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/linegraph/threemonths">3 months</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/linegraph/thisyear">This Year</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/linegraph/lastyear">Last Year</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/linegraph/all">All time</a></li> </ul> </div> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30 content-border-bottom"> <div class="right-column"> <p class="gray-title text-center">TODAY'S RATING</p> <p class="big-blue"> >1,000,000 </p> </div> </div> </div> <div class="row"> <div class="col border-right content-border-bottom"> <h3>TRAFFIC RANK - AVERAGE PER MONTH</h3> <div class="row max-width"> <div class="col-8 col-md-10"> <canvas id="trafficMonthAverageCanvas" height="230"></canvas> </div> <div class="col-4 col-md-2 filterWrapper"> <p class="gray-title">Date Range</p> <ul class="chart-filter" data-target="trafficMonthAverageCanvas"> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/bymonth/all" class="active">All Time</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/bymonth/thisyear">This Year</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/bymonth/lastyear">Last Year</a></li> </ul> </div> </div> </div> <div class="col-md-auto right-ad d-none d-xl-block padding-30 content-border-bottom"> <div class="right-column"> <p class="gray-title text-center">BEST MONTH</p> <p class="big-blue">September</p> </div> </div> </div> <div class="row"> <div class="col border-right content-border-bottom"> <h3> AVERAGE PER DAY Of THE WEEK</h3> <div class="row max-width"> <div class="col-8 col-md-10"> <canvas id = "trafficWeekdayAverageCanvas" height="230"></canvas> </div> <div class="col-4 col-md-2 filterWrapper"> <p class="gray-title">Date Range</p> <ul class="chart-filter" data-target="trafficDayAverageCanvas"> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/bydow/all" class="active">All Time</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/bydow/thisyear">This Year</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/bydow/lastyear">Last Year</a></li> <li><a href="#" ajaxdata="/traffic-rank/thespanner.co.uk/bydow/lastmonth">Last Month</a></li> </ul> </div> </div> </div> <div Class="col-md-auto right-ad d-none d-xl-block padding-30 content-border-bottom"> <div Class="right-column"> <p Class="gray-title text-center">HIGHEST TRAFFIC ON</p> <p Class="big-blue">Sunday</p> </div> </div> </div> <div class="row"> <div class="col clearfix border-right"> <h3> TRAFFIC BY CITY</h3> <div class="max-width" href="#signup" data-rel="modal"> <a href="#signup" data-rel="modal" class="map max-width sp sp-map"></a> </div> </div> <div class="col-md-auto right-ad d-none d-xl-block padding-30"> <div class="right-column"> <a href="#login" class="button upgrade light-blue upgrade-button" data-rel="modal">Sign up</a> </div> </div> </div> </div> </div> <script async> // traffic chart var config = { type: 'line', data: { labels: ["MAY 1", "APR 30", "APR 29", "APR 28", "APR 27", "APR 26", "APR 25"], datasets: [{ label: "Traffic", backgroundColor: '#4d95c9', borderColor: '#4d95c9', data: [7369700, 3276893, 6135100, 6152529, 7375184, 3348122, 7181544], fill: false }] }, options: { responsive: true, maintainAspectRatio: false, title: { display: false }, animation: { duration: 0, }, hover: { animationDuration: 0, }, responsiveAnimationDuration: 0, elements: {line: {tension: 0, }}, tooltips: {mode: 'index',intersect: false}, hover: {mode: 'nearest',intersect: true}, scales: { xAxes: [{ display: true, scaleLabel: { display: true, labelString: '' } }], yAxes: [{ display: true, scaleLabel: { display: true, labelString: '' }, ticks: { beginAtZero: false, callback: function (value) { if (Number.isInteger(value)) { return value; } }, reverse: true, suggestedMin: 1000000 } }] }, legend: { display: false } } }; window.addEventListener('DOMContentLoaded', function () { var ctx = document.getElementById("trafficOverviewCanvas").getContext("2d"); window.trafficOverviewCanvas = new Chart(ctx, config); }); </script> <script async> window.addEventListener('DOMContentLoaded', function () { var ctx = document.getElementById("trafficMonthAverageCanvas").getContext("2d"); window.trafficMonthAverageCanvas = new Chart(ctx, { type: 'bar', ticks: {reverse: true}, data: { labels: ['JAN', 'FEB', 'MAR', 'APR', 'MAY', 'JUN', 'JUL', 'AUG', 'SEP', 'OCT', 'NOV', 'DEC'], datasets: [{ data: [490856,596350,668061,651190,774524,601811,492948,664402,350399,690773,711063,760434], backgroundColor: ['#56a0d5','#ecbf37','#ecbf37','#ecbf37','#b93a25','#ecbf37','#56a0d5','#ecbf37','#56a0d5','#ecbf37','#b93a25','#b93a25'] }] }, options: { scales: { yAxes: [{ ticks: { beginAtZero: false, callback: function (value) { if (Number.isInteger(value)) { return value; } }, suggestedMin: 175200 } }] }, animation: { duration: 0, }, hover: { animationDuration: 0, }, responsiveAnimationDuration: 0, maintainAspectRatio: false, legend: { display: false }, title: { display: false } } }); }); </script> <script async> window.addEventListener('DOMContentLoaded', function () { var ctx = document.getElementById("trafficWeekdayAverageCanvas").getContext("2d"); window.trafficDayAverageCanvas = new Chart(ctx, { type: 'bar', data: { labels: ['SUN', 'MON', 'TUE', 'WED', 'THU', 'FRI', 'SAT'], datasets: [{ data: [544083,611482,611481,675505,673660,596866,631857], backgroundColor: ['#56a0d5','#ecbf37','#56a0d5','#b93a25','#ecbf37','#56a0d5','#ecbf37'], }] }, options: { scales: { yAxes: [{ ticks: { beginAtZero: false, callback: function (value) { if (Number.isInteger(value) && value == Math.abs(value)) { return value; } }, suggestedMin: 272042 } }] }, responsive: true, animation: { duration: 0, }, hover: { animationDuration: 0, }, responsiveAnimationDuration: 0, maintainAspectRatio: false, legend: { display: false }, title: { display: false } } }); }); </script> <a name="write-review" href="#"></a> <div class="row margin-top white-box double-column no-padding" id="customerReviews"> <div class="col customerReviews border-right"> <h2>CUSTOMER REVIEWS</h2> <div class="row max-width" id="reviewbars" property="aggregateRating" typeof="AggregateRating"> <div class="col-9 col-md-10"> <span style="margin: 0 0 8px 5px; display: inline-block;">Average Rating: <span property="ratingValue" style="font-weight:700;">4.8</span> out of <span property="bestRating">5</span> with <b><span property="ratingCount">8</span> reviews</b></span> <div class="rating-bars"> <div class="row"> <div class="col-auto">5 star</div> <div class="col progress"><div style="width: 87.5%"></div></div> <div class="col-auto">7</div> </div> <div class="row"> <div class="col-auto">4 star</div> <div class="col progress"><div style="width: 0%"></div></div> <div class="col-auto">0</div> </div> <div class="row"> <div class="col-auto">3 star</div> <div class="col progress"><div style="width: 12.5%"></div></div> <div class="col-auto">1</div> </div> <div class="row"> <div class="col-auto">2 star</div> <div class="col progress"><div style="width: 0%"></div></div> <div class="col-auto">0</div> </div> <div class="row"> <div class="col-auto">1 star</div> <div class="col progress"><div style="width: 0%"></div></div> <div class="col-auto">0</div> </div> </div> </div> <div class="col-3 col-md-2 filterWrapper"> <p class="gray-title">Date Range</p> <ul> <li><a href="#" class="active">1 week</a></li> <li><a href="#">1 month</a></li> <li><a href="#">3 months</a></li> <li><a href="#">1 year</a></li> <li><a href="#">All time</a></li> </ul> </div> </div> <div class="row review write-review max-width"> <div class="col-3"> <div class="row"> <div class="col-md-auto no-padding"> <span class="sp sp-i-profileempty"></span> </div> <div class="col no-padding d-none d-md-block"> <p class="name none"></p> <p class="location none"></p> <p class="review-count none"></p> </div> </div> </div> <div class="col-9"> <textarea disabled="disabled"></textarea> <div class="textarea-overlay"> <p>Hey there! Start your review of <b>thespanner.co.uk</b></p> <span class="clickable-stars" data-callback="starReviewCallback" data-url="/write-review/thespanner.co.uk" data-class-default="sp sp-s-big-gray" data-class-active="sp sp-s-big-sel" data-class-sm-default="sp sp-s-g" data-class-sm-active="sp sp-s-y"> <span class="sp sp-s-big-gray"></span><span class="sp sp-s-big-gray"></span><span class="sp sp-s-big-gray"></span><span class="sp sp-s-big-gray"></span><span class="sp sp-s-big-gray"></span> </span> </div> </div> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30"> <div class="average-rating right-column clearfix"> <p class="gray-title mt-1 text-center">AVERAGE USER RATING</p> <p class="text-center"> <span class="sp sp-s-big-sel"></span> <span class="sp sp-s-big-sel"></span> <span class="sp sp-s-big-sel"></span> <span class="sp sp-s-big-sel"></span> <span class="sp sp-s-big-gray"></span> </p> <a href="/write-review/thespanner.co.uk?rating=5" class="button light-blue upgrade-button">Write a Review</a> </div> </div> </div> <div class="row margin-top" id="websitePreview"> <div class="col-12 white-box double-column websitePreview no-padding"> <div class="row"> <div class="col border-right content-border-bottom"> <h2>WEBSITE PREVIEW</h2> <div class="max-width" style="text-align:center;"> <span class="sp sp-preview-d"><img src="//screenshot.cln.bz/1jcf131au2gvnphrbx6ogajj/desktop/thespanner.co.uk.png" alt="Desktop Preview" /></span> <span class="sp sp-preview-t"><img src="//screenshot.cln.bz/1jcf131au2gvnphrbx6ogajj/tablet/thespanner.co.uk.png" alt="Tablet Preview" /></span> <span class="sp sp-preview-m"><img src="//screenshot.cln.bz/1jcf131au2gvnphrbx6ogajj/mobile/thespanner.co.uk.png" alt="Mobile Preview" /></span> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30"> <div class="right-column"> <p class="gray-title mt-1 text-center">LOAD TIME</p> <p class="big-blue two-lines"> 3.5 <small>seconds</small> </p> </div> </div> </div> </div> </div> <div class="row margin-top white-box double-column no-padding" id="contacts"> <div class="col contacts border-right"> <h2> CONTACTS AT THESPANNER.CO.UK</h2> <div class="row"> <div class="col-md-5 contact-box new-contact"> <a href="#login" data-rel="modal"> <i class="sp sp-contacts-add"></i><b>ADD CONTACT</b> </a> </div> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30"> <div class="right-column Ifearfix"> <a href="#login" class="button light-blue upgrade-button" data-rel="modal">Login</a> <p class="gray-description">TO VIEW CONTACTS</p> <a href="#login" class="button red" id="removeContacts" data-rel="modal">Remove Contacts</a> <p class="gray-description">FOR PRIVACY ISSUES</p> </div> </div> </div> <div class="row margin-top" id="domainContent"> <div class="col-12 white-box double-column domainContent no-padding"> <div class="row"> <div class="col border-right content-border-bottom"> <h2>CONTENT</h2> <div class="row content-info max-width"> <div class="col-md-6"> <p class="title clearfix two-lines"><i class="sp sp-icon-pages"></i>PAGES IN<br /> THIS WEBSITE</p> <p class="value clearfix"><span class="bg bg-yellow float-left">23</span></p> </div> <div class="col-md-6"> <p class="title clearfix"><i class="sp sp-icon-ssl"></i>SSL</p> <p Class="value"><i class="sp sp-icon-no"></i></p> </div> <div Class="col-md-6"> <p Class="title clearfix"><i class="sp sp-icon-links"></i>EXTERNAL LINKS</p> <p Class="value"><span class="bg bg-yellow">465</span></p> </div> <div class="col-md-6"> <p class="title clearfix"><i class="sp sp-icon-ip"></i>SITE IP</p> <p class="value"><span class="bg bg-blue">212.227.71.28</span></p> </div> <div class="col-md-6"> <p class="title clearfix"><i class="sp sp-icon-load"></i>LOAD TIME</p> <p class="value"><span class="bg bg-blue">3.484 sec</span></p> </div> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30 content-border-bottom"> <div class="right-column text-center"> <p class="gray-title mt-1">SCORE</p> <p class="circle-score">6.2</p> </div> </div> </div> <div class="row"> <div class="col border-right content-border-bottom"> <dl class="content-properties max-width clearfix"> <dt>PAGE TITLE</dt> <dd><b>The Spanner | thespanner.co.uk Reviews</b></dd> <dt><META><br /> DESCRIPTION</dt> <dd>Javascript blog with messed up syntax inside. New IE mutation vector. Wednesday, 17 June 2015. I was messing around with a filter that didn’t correctly filter attribute names and allowed a blank one which enabled me to bypass it. I thought maybe IE had similar issues when rewriting innerHTML. Yes it does of course. The filter bypass worked like this:. Img = script alert(1) /script. Div='/x=&#39><iframe/onload=alert(1)>'. IE renders the entities inside the x attribute and therefore breaks out of the attr...</dd> <dt><META><br /> KEYWORDS</dt> <dd class="keywords"> <div class="row"> <div class="col-sm-6"> <span class="number">1</span> the spanner </div> <div class="col-sm-6"> <span class="number">2</span> posted in javascript </div> <div class="col-sm-6"> <span class="number">3</span> security </div> <div class="col-sm-6"> <span class="number">4</span> mentaljs vuln writeup </div> <div class="col-sm-6"> <span class="number">5</span> fixed now </div> <div class="col-sm-6"> <span class="number">6</span> wrecking the parser </div> <div class="col-sm-6"> <span class="number">7</span> object prototype </div> <div class="col-sm-6"> <span class="number">8</span> rules = { </div> <div class="col-sm-6"> <span class="number">9</span> are implicitly </div> <div class="col-sm-6"> <span class="number">10</span> undefined </div> </div> </dd> <dt>CONTENT</dt> <dd>Page content here</dd> <dt>KEYWORDS ON<br /> PAGE</dt> <dd>the spanner,posted in javascript,security,mentaljs vuln writeup,fixed now,wrecking the parser,object prototype,rules = {,are implicitly,undefined,with,the following code,alert,3/ alert location /1,eval,this post,element prototype innerhtml$,innerhtml$</dd> <dt>SERVER</dt> <dd Class="clearfix"><i class="sp sp-server-apache"></i> Apache</dd> <dt>POWERED BY</dt> <dd Class="clearfix"><i class="sp sp-poweredby-php"></i> PHP/5.5.26</dd> <dt>CONTENT-TYPE</dt> <dd Class="clearfix"><i class="sp sp-content-content-type"></i> utf-8</dd> <dt>GOOGLE PREVIEW</dt> <dd class="preview"> <p class="title clearfix">The Spanner | thespanner.co.uk Reviews</p> <p class="url">https://thespanner.co.uk</p> <p class="description">Javascript blog with messed up syntax inside. New IE mutation vector. Wednesday, 17 June 2015. I was messing around with a filter that didn’t correctly filter attribute names and allowed a blank one which enabled me to bypass it. I thought maybe IE had similar issues when rewriting innerHTML. Yes it does of course. The filter bypass worked like this:. Img = script alert(1) /script. Div='/x="&#39><iframe/onload=alert(1)>'. IE renders the entities inside the x attribute and therefore breaks out of the attr...</p> </dd> </dl> </div> <div class="col-md-auto white-box no-border right-ad d-none d-xl-block"> <div class="right-column"> <ins class="adsbygoogle" style="display:block;width:336px;height:280px" data-ad-client="ca-pub-8923588662491284" data-ad-slot="6540919649"></ins> <script>(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> </div> </div> </div> </div> <div class="row margin-top" id="internalPages"> <div class="col-12 white-box double-column internalPages no-padding"> <div class="row"> <div class="col internalPages domains border-right"> <h2> INTERNAL PAGES</h2> <div class="max-width"> <div class="top-domain"> <img src="//fav.cln.bz/1jcf131au2gvnphrbx6ogajj/32/thespanner.co.uk.png" onerror="this.style.visibility = 'hidden';this.style.display = 'inline-block';" alt="thespanner.co.uk" /> <span class="bg bg-light-gray">thespanner.co.uk</span> </div> <div class="row"> <div class="col-md-6 domain"> <div class="row"> <div class="col-2 col-lg-1"> <span class="circle">1</span> </div> <div class="col-10 col-lg-11"> <p class="sub-title">HTML scriptless attacks</p> <p class="url">http://www.thespanner.co.uk/2011/12/21/html-scriptless-attacks</p> <p class="description">Javascript blog with messed up syntax inside. Wednesday, 21 December 2011. Following up on @lcamtuf’s. Post about a “post xss” world. I thought I’d chip in with some vectors he missed. The textarea consumption technique he mentioned isn’t new and wasn’t invented by “Eric Y. Chen, Sergey Gorbaty, Astha Singhal, and Colin Jackson.” it was openly discussed on sla.ckers for many years (as usual) but anyway lets discuss vectors. Button as a scriptless vector. Option as a scriptless vector. Another interesting...</p> </div> </div> </div> <div class="col-md-6 domain"> <div class="row"> <div class="col-2 col-lg-1"> <span class="circle">2</span> </div> <div class="col-10 col-lg-11"> <p class="sub-title">IFrames security summary</p> <p class="url">http://www.thespanner.co.uk/2007/10/24/iframes-security-summary</p> <p class="description">Javascript blog with messed up syntax inside. Wednesday, 24 October 2007. I’ve decided to collect the various proof of concepts I’ve done and summarise why iframes are a security risk. Here are the top reasons:-. 1 Browser cross domain exploits. Because you can embed another web site inside your page, you can exploit that page and perform actions as that user and doing anything on a chosen web site. Safari beta 3.03 zero day. 2 XSS/CSRF reflection attacks. 4 LAN scanning with Javascript and iframes. </p> </div> </div> </div> <div class="col-md-6 domain"> <div class="row"> <div class="col-2 col-lg-1"> <span class="circle">3</span> </div> <div class="col-10 col-lg-11"> <p class="sub-title">Detecting browsers javascript hacks</p> <p class="url">http://www.thespanner.co.uk/2009/01/29/detecting-browsers-javascript-hacks</p> <p class="description">Javascript blog with messed up syntax inside. Detecting browsers javascript hacks. Thursday, 29 January 2009. I enjoyed my last experiment to create tiny browser detection hacks, so I thought I’d try and do some more in other browsers. I’ve found these while testing Hackvertor and writing the inspection functions. The rules are simple if you want to post your own:-. 1 The variable assignment must be the abbreviation of the browser. E.g. FF, IE, Op, Saf, Chr. 3 Small and as fast as possible please. Was po...</p> </div> </div> </div> <div class="col-md-6 domain"> <div class="row"> <div class="col-2 col-lg-1"> <span class="circle">4</span> </div> <div class="col-10 col-lg-11"> <p class="sub-title">RPO</p> <p class="url">http://www.thespanner.co.uk/2014/03/21/rpo</p> <p class="description">Javascript blog with messed up syntax inside. Friday, 21 March 2014. Https:/ hackvertor.co.uk/public. Link href=styles.css rel=stylesheet type=text/css /. The link element above references style.css using a relative URL, depending where in the sites directory structure you are it will load the style sheet based on that. For example if you were in a directory called xyz then the style sheet would be loaded from xyz/style.css . I noticed something interesting with relative styles, manipulating the path of ...</p> </div> </div> </div> <div class="col-md-6 domain"> <div class="row"> <div class="col-2 col-lg-1"> <span class="circle">5</span> </div> <div class="col-10 col-lg-11"> <p class="sub-title">Online Javascript LAN scanner</p> <p class="url">http://www.thespanner.co.uk/2007/07/28/online-javascript-lan-scanner</p> <p class="description">Javascript blog with messed up syntax inside. Online Javascript LAN scanner. Saturday, 28 July 2007. I’ve really enjoyed making this tool, it started off as a port scanner then it evolved into a router scanner and now I’ve decided to accept any device on a LAN. The code now works on Firefox and IE7 (which was a pain), I haven’t managed to test it on any other browser so please leave a comment if you find any problems. IE7 is super quick to scan, I think this is because timed out connections don’t a...</p> </div> </div> </div> </div> <a href="#login" class="button lighter-blue d-block">UPGRADE TO PREMIUM TO VIEW 18 MORE</a> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30"> <div class="right-column text-center"> <p class="gray-title mt-1">TOTAL PAGES IN THIS WEBSITE</p> <p class="big-blue">23</p> </div> </div> </div> </div> </div> <div class="row margin-top" id="linksToWebsite"> <div class="col-12 white-box double-column subDomains no-padding"> <div class="row"> <div class="col domains border-right"> <h2> LINKS TO THIS WEBSITE</h2> <div class="max-width"> <div class="row"> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/oekaiyanfmjx534om7d6xgjj/32/websec.wordpress.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="websec.wordpress.com" /> <a href="/websec.wordpress.com"><span class="bg bg-blue">websec.wordpress.com</span></a> </p> <p class="sub-title">Papers | Reiners' Weblog</p> <p class="url">https://websec.wordpress.com/papers</p> <p class="description">Anything about Web Security. Code Reuse Attacks in PHP: Automated POP Chain Generation. Johannes Dahse, Nikolai Krein, Thorsten Holz. 21st ACM Conference on Computer and Communications Security (CCS). Scottsdale, Arizona, USA, November 2014. Best Student Paper Award *. Static Detection of Second-Order Vulnerabilities in Web Applications. Johannes Dahse, Thorsten Holz. 23rd USENIX Security Symposium. San Diego, CA, USA, August 2014. Internet Defense Prize *. Johannes Dahse, Thorsten Holz. </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/efrfaqlaeanhvokh96dmkajj/32/blog.7-a.org.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="blog.7-a.org" /> <a href="/blog.7-a.org"><span class="bg bg-blue">blog.7-a.org</span></a> </p> <p class="sub-title">Abraham Aranguren's blog: January 2014</p> <p class="url">http://blog.7-a.org/2014_01_01_archive.html</p> <p class="description">Infosec blog about anything security-related I get my hands on :). Monday, 13 January 2014. OWTF 0.45.0 "Winter Blizzard" released! OWASP OWTF is always looking for contributors, feedback and new ideas. If you find a bug or have an idea about what OWTF could do, please tell us in our github issue tracker. This is another a very significant release which includes the continued outstanding work of:. The 4 x OWASP OWTF GSoC 2013 projects -including post-GSoC improvements- (Sponsored by Google. WARNING: This...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/efrfaqlaeanhvokh96dmkajj/32/blog.7-a.org.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="blog.7-a.org" /> <a href="/blog.7-a.org"><span class="bg bg-blue">blog.7-a.org</span></a> </p> <p class="sub-title">Abraham Aranguren's blog: August 2013</p> <p class="url">http://blog.7-a.org/2013_08_01_archive.html</p> <p class="description">Infosec blog about anything security-related I get my hands on :). Sunday, 25 August 2013. AppSec EU: OWASP OWTF Summer Storm slides, demos and Plug-n-Hack support! UPDATE 04/09/2013: Added link to AppSec EU video. UPDATE 26/08/2013: Added Plug-n-Hack support link. OWASP AppSec EU 2013. Were both a blast this week:. I would like to use this opportunity to let you know that:. Is always actively looking for contributors. Bug reports / ideas. OWASP OWTF supports the Plug-n-Hack mozilla standard now. This is...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/ykcmtfogf9ehccrjkv43fqjj/32/maliciousmarkup.blogspot.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="maliciousmarkup.blogspot.com" /> <a href="/maliciousmarkup.blogspot.com"><span class="bg bg-blue">maliciousmarkup.blogspot.com</span></a> </p> <p class="sub-title"><malicious></markup>: Nov 1, 2008: Index</p> <p class="url">http://maliciousmarkup.blogspot.com/2008_11_01_archive.html</p> <p class="description">A place where the bad guys among the tags have their home. Markup hell. November 01, 2008. For form elements are great - they tell the user what and where to click - and sometimes even why. Good thing too is that a click on a label sets the assigned form element to be focused. Great for them small check boxes - bad for submit buttons. Yes. Submit buttons. Let's have a look at the following markup:. Input tabindex="3" type="submit" id="submit" value="Go! Html body label for="submit" Lorem ipsum dolor sit ...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/qbdvxhp1vkodw4t6gwqveqjj/32/druct.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="druct.com" /> <a href="/druct.com"><span class="bg bg-blue">druct.com</span></a> </p> <p class="sub-title">Web Development | Druct</p> <p class="url">http://www.druct.com/web-development</p> <p class="description">Web Development last 24 hours. Mozilla Hacks - the Web developer blog. Mozilla Awards $585,000 to Nine Open. Mozilla Awards $585,000 to Nine Open Source Projects in Q2 2016. Exciting Improvements Delivered Today. Exciting Improvements Delivered Today in Firefox for Desktop and Android. Announcing the Second Cohort of Ford-Mozilla. Announcing the Second Cohort of Ford-Mozilla Open Web Fellows. Working for Women’s Economic Empowerment. Mozilla Delivers Improved User Experience. Websites We Like: August 2016. </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/qbdvxhp1vkodw4t6gwqveqjj/32/druct.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="druct.com" /> <a href="/druct.com"><span class="bg bg-blue">druct.com</span></a> </p> <p class="sub-title">Web Hosting | Druct</p> <p class="url">http://www.druct.com/web-hosting</p> <p class="description">Web Hosting last 24 hours. Web Hosting Talk News. DDoS Protection Provider Sharktech. DDoS Protection Provider Sharktech Announces Record Shattering Quarter. Classified Ads 2016-03-29 10:22:20. Classified Ads 2016-03-29 10:22:20. Tweakservers Offering Spring Promotion. Tweakservers Offering Spring Promotion For SmarterTools Licenses. The Future Is Already Here with Hetzner. The Future Is Already Here with Hetzner Online's New Dedicated Root Servers. ServerHub Goes Sleepless in Seattle. Friday's Five: A H...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/2sjk4lhzoa8osz0edob0qqjj/32/thinklikeninja.blogspot.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thinklikeninja.blogspot.com" /> <a href="/thinklikeninja.blogspot.com"><span class="bg bg-blue">thinklikeninja.blogspot.com</span></a> </p> <p class="sub-title">ThinkSecure - Michał Wiczyński: 2009-11-18</p> <p class="url">http://thinklikeninja.blogspot.com/2009_11_18_archive.html</p> <p class="description">ThinkSecure - Michał Wiczyński. These five heads should be familiar to every general: he who knows them will be victorious; he who knows them not will fail. Sun Tzu irytacje and przemyslenia by wheelq. Przeglądając lifehack'i, trafiłem na dosyć ciekawe zastosowanie pukania jako klucza do drzwi. Muszę przyznać, że pomysł jest naprawdę oryginalny, ale ma wiele wad i raczej nie znajdzie zastosowania jako zabezpieczenie drzwi wejsciowych od domu. Autor: Michał Wiczyński (wheelq) Michal Wiczynski. Weblogic, I...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/ykcmtfogf9ehccrjkv43fqjj/32/maliciousmarkup.blogspot.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="maliciousmarkup.blogspot.com" /> <a href="/maliciousmarkup.blogspot.com"><span class="bg bg-blue">maliciousmarkup.blogspot.com</span></a> </p> <p class="sub-title"><malicious></markup>: Nov 5, 2008: Index</p> <p class="url">http://maliciousmarkup.blogspot.com/2008_11_05_archive.html</p> <p class="description">A place where the bad guys among the tags have their home. Markup hell. November 05, 2008. Why use expression() when there's HTC. Have first time found their way into implementation with Internet Explorer 5. Since then HTC has been a topic without a lot of light being shed on - almost similar to HTA. Meanwhile this feature has been almost forgotten - which is kind of a shame since this is the second. Will have a hard time on IE8. So why not working with the alternative. That is being processed without an...</p> </div> </div> <a href="#login" class="button lighter-blue d-block">UPGRADE TO PREMIUM TO VIEW 457 MORE</a> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30"> <div class="right-column text-center"> <p class="gray-title mt-1">TOTAL LINKS TO THIS WEBSITE</p> <p class="big-blue">465</p> </div> </div> </div> </div> </div> <div class="row margin-top white-box double-column no-padding" id="socialEngagement"> <div class="col-12 border-right"> <h2>SOCIAL ENGAGEMENT</h2> <div> </div> <br /><br /> <div> <a class="twitter-timeline" href="https://twitter.com/garethheyes" data-width="340" data-height="400">garethheyes</a> <script async src="https://platform.twitter.com/widgets.js" charset="utf-8"></script> </div> </div> </div> <div class="row margin-top" id="otherSites"> <div class="col-12 white-box double-column subDomains no-padding"> <div class="row"> <div class="col domains border-right"> <h2> OTHER SITES</h2> <div class="row max-width"> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/qdkddcak3pffyejrhpkrowjj/32/thespanktank.tumblr.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespanktank.tumblr.com" /> <a href="/thespanktank.tumblr.com"><span class="bg bg-blue">thespanktank.tumblr.com</span></a> </p> <p class="sub-title">The Spank Tank</p> <p class="description">I love you Daddy. I love you Daddy. So many laws argue, so many sins. So many laws argue, so many sins. It is what it is.18 only NSFW. It can't rain all the time. The Belly of the Bastard. Dark Desire Wrapped in Tasty Pleasures! Wibbley Wobbley Timey Wimey. KinkyMinx - indomitably raw. Isolde Wears Her Heart On Her Sleeve. Nick Miller's Tumblr. So many laws argue, so many sins. For Shoes and Giggles (and porn and goats). For a pessimist, I'm pretty optimistic. Random Stuff from the Edge. I love you Daddy. </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/ohcq3ykugbldtddqmicqmqjj/32/thespanktuary.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespanktuary.com" /> <a href="/thespanktuary.com"><span class="bg bg-blue">thespanktuary.com</span></a> </p> <p class="sub-title">Site not found · DreamHost</p> <p class="description">Well, this is awkward. The site you're looking for is not here. Is this your site? </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/jljhjrbrzk2ukjujqqrouqjj/32/thespanky.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespanky.com" /> <a href="/thespanky.com"><span class="bg bg-blue">thespanky.com</span></a> </p> <p class="sub-title">The Spanky</p> <p class="description">Call Us Free: 1.866.MTN.MAPS. Caring For Your Spanky. Born in Crested Butte, grown in Jackson Hole, and now The Spanky, microfiber lens cloth trail map, is available to you in more than 100 resorts worldwide. More than just ski resorts! Fun and functional for all ages! Available at ski resorts worldwide! Is the Spanky available at your favorite ski resort? Check out our list here! We love hearing from Spanky enthusiasts! Are you interested in producing a custom Spanky to promote your map or company? </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/k6sylmkqpsm7kljzw72xmqjj/32/thespann.blogspot.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespann.blogspot.com" /> <a href="/thespann.blogspot.com"><span class="bg bg-blue">thespann.blogspot.com</span></a> </p> <p class="sub-title">Grimm's Fairy Tales</p> <p class="description">Saturday, May 5, 2012. But done with the garage means he has to go to work. Darn! I will miss him, I go out and hang out with him a lot and clean up and vacumm and take him refreshing beverages as he puts it. I am happy, we are happy. Saturday, April 28, 2012. Four weeks ago today Jack and I got married. What a fun day it was! Sunday, March 18, 2012. Tonight I was at Jessicas house and she was preparing a chicken for tomorrow night dinner. She had to rub some of the spice rub inside the chicken. ...We ar...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/fagv3gpprztwa3mevgr9sajj/32/thespannclan.blogspot.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespannclan.blogspot.com" /> <a href="/thespannclan.blogspot.com"><span class="bg bg-blue">thespannclan.blogspot.com</span></a> </p> <p class="sub-title">a luscious mix of words and tricks</p> <p class="description">A luscious mix of words and tricks. Tuesday, March 8, 2011. Because HR appreciates everything you do.have a payday! Did you know that National Employee Appreciation Day is always the first Friday in March? Well this year my employer celebrated! First, let me just say that I am shocked that I was allowed to proceed with this project, but so glad that we were able to do a little something. Tags/Cards printed, cut, and hold punched. Phew! So what do 600 candy bars look like? It’s surprising how quickl...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/1jcf131au2gvnphrbx6ogajj/32/thespanner.co.uk.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespanner.co.uk" /> <a href="/thespanner.co.uk"><span class="bg bg-blue">thespanner.co.uk</span></a> </p> <p class="sub-title">The Spanner</p> <p class="description">Javascript blog with messed up syntax inside. New IE mutation vector. Wednesday, 17 June 2015. I was messing around with a filter that didn’t correctly filter attribute names and allowed a blank one which enabled me to bypass it. I thought maybe IE had similar issues when rewriting innerHTML. Yes it does of course. The filter bypass worked like this:. Img = script alert(1) /script. Div='/x="&#39><iframe/onload=alert(1)>'. IE renders the entities inside the x attribute and therefore breaks out of the attr...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/lxjfljyvqb7ksy4jdegavajj/32/thespanner.net.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespanner.net" /> <a href="/thespanner.net"><span class="bg bg-blue">thespanner.net</span></a> </p> <p class="sub-title">The Spanner - A critical light in dark corners</p> <p class="description">Friday, 14 August 2015. The Spanner is a provocative newspaper in the mould of those read, argued and drafted around the punch bowls and in the coffee houses of Georgian London. The Spanner takes its lead from the pamphlets and cartoons of Georgian London. From the mideighteenth century, the new mercantile class began to question the social order and received wisdom of pre-Industrial Revolution England with increasing outrage. 2013 Spannerworks, published at 67 Dean Street, London W1D 4QH. </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/axujaczspkvpnfb3lepdxqjj/32/thespannerman.com.au.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespannerman.com.au" /> <a href="/thespannerman.com.au"><span class="bg bg-blue">thespannerman.com.au</span></a> </p> <p class="sub-title">Spannerman Car Service!</p> <p class="description">FREE Wheel alignment with every four tyres purchased for this month only click here for details. Spannerman Automotive Services is the only service centre in Grenfell that can offer you car service, repairs, mufflers, tyres, rego inspections and CTP insurance. We are your one stop motoring shop. We provide a personalised quality service for all makes and models and include cars that are still within the manufacturer s warranty period. More About Spannereman here. To arrange your booking. Fax 02 6343 2213. </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/blbscedbibmuwmgfku2vfqjj/32/thespannfamily.blogspot.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespannfamily.blogspot.com" /> <a href="/thespannfamily.blogspot.com"><span class="bg bg-blue">thespannfamily.blogspot.com</span></a> </p> <p class="sub-title">The Spann Fam</p> <p class="description">Wednesday, April 24, 2013. The DOOR OF DEATH: A tribute to my husband. So, This is a picture of my latest hair brained idea come to fruition. (I wish I had a "before" picture! I thought, "Hmmm. I need a coat rack. Why not make one out of an old door? I guess what I am really trying to say is that this door represents a lot more to me than just a coat rack. It says that he loves me. He REALLY loves me. :) That's all I see when I look at it. Monday, October 17, 2011. My first big furniture project. And mak...</p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/0uinpfzwbv3edz9mvd3smwjj/32/thespanningtree.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespanningtree.com" /> <a href="/thespanningtree.com"><span class="bg bg-blue">thespanningtree.com</span></a> </p> <p class="sub-title">Price Request - BuyDomains</p> <p class="description">Url=' escape(document.location.href) , 'Chat367233609785093432', 'toolbar=0,scrollbars=0,location=0,statusbar=0,menubar=0,resizable=0,width=640,height=500');return false;". Need a price instantly? Just give us a call. Toll Free in the U.S. We can give you the price over the phone, help you with the purchase process, and answer any questions. Get a price in less than 24 hours. Fill out the form below. One of our domain experts will have a price to you within 24 business hours. United States of America. </p> </div> <div class="col-md-6 domain"> <p class="title"> <img src="//fav.cln.bz/wclhvn40c1si44gedxnvigjj/32/thespannjourney.blogspot.com.png" width="32" height="32" onerror="this.style.visibility = 'hidden'; this.style.display = 'inline-block';" alt="thespannjourney.blogspot.com" /> <a href="/thespannjourney.blogspot.com"><span class="bg bg-blue">thespannjourney.blogspot.com</span></a> </p> <p class="sub-title">Finders Keepers</p> <p class="description">Our Journey through Domestic Adoption. Monday, April 12, 2010. The Most Selfish Person Alive Is. The kids came home from their weekly visit with their Mom. As usual, I asked the CPS worker how the visit went. In the past few weeks, her reply has always been, "not good". This week however, she surprised me with "Good, much better". So why did that response make me feel resentful? And to top it off, it's time to start looking for a teaching job again. I am feeling discouraged already. There must be. To...</p> </div> </div> </div> <div class="col-md-auto d-none d-xl-block padding-30"> <div class="right-column"> <ins class="adsbygoogle" style="display:block;width:336px;height:280px" data-ad-client="ca-pub-8923588662491284" data-ad-slot="6540919649"></ins> <script>(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> </div> </div> </div> </div> <br /><br /> </div> <div class="contentRight"> <ins class="adsbygoogle" style="display:block;" data-ad-client="ca-pub-8923588662491284" data-ad-slot="4425638780" data-ad-format="auto" data-full-width-responsive="true"></ins> <script>(adsbygoogle = window.adsbygoogle || []).push({});</script> </div> </div> </div> <script src="/scrept/domainscrept.js"></script> <div class="footer"> <div class="container"> <p class="follow-us">FOLLOW US ON</p> <ul class="social-links"> </ul> <p class="sitemap-descr">SITEMAP</p> <ul class="sitemap-letters"> <li><a href="/a">a</a></li> <li><a href="/b">b</a></li> <li><a href="/c">c</a></li> <li><a href="/d">d</a></li> <li><a href="/e">e</a></li> <li><a href="/f">f</a></li> <li><a href="/g">g</a></li> <li><a href="/h">h</a></li> <li><a href="/i">i</a></li> <li><a href="/j">j</a></li> <li><a href="/k">k</a></li> <li><a href="/l">l</a></li> <li><a href="/m">m</a></li> <li><a href="/n">n</a></li> <li><a href="/o">o</a></li> <li><a href="/p">p</a></li> <li><a href="/q">q</a></li> <li><a href="/r">r</a></li> <li><a href="/s">s</a></li> <li><a href="/t">t</a></li> <li><a href="/u">u</a></li> <li><a href="/v">v</a></li> <li><a href="/w">w</a></li> <li><a href="/x">x</a></li> <li><a href="/y">y</a></li> <li><a href="/z">z</a></li> <li><a href="/0">0</a></li> <li><a href="/1">1</a></li> <li><a href="/2">2</a></li> <li><a href="/3">3</a></li> <li><a href="/4">4</a></li> <li><a href="/5">5</a></li> <li><a href="/6">6</a></li> <li><a href="/7">7</a></li> <li><a href="/8">8</a></li> <li><a href="/9">9</a></li> </ul> <p class="copyrights">Copyrights © PageGlimpse . All Rights Reserved.</p> <p class="copyrights white">By using this site, you agree to the <a href="/privacy">Privacy Policy</a> and <a href="/terms">Terms and Conditions</a></p> </div> </div> <script src="https://d3ctdq1tizxw7c.cloudfront.net/v40/content/output/domain-v2.js" async></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.2/Chart.min.js"></script> <script type="text/javascript" src="//s7.addthis.com/js/300/addthis_widget.js#pubid=ra-5afd097b1b2b9b00"></script> <script> (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','https://www.google-analytics.com/analytics.js','ga'); ga('create', 'UA-257720-18', 'auto'); ga('send', 'pageview'); </script> <script src="https://checkout.stripe.com/checkout.js"></script> </body> </html>