prophaze.com Open in urlscan Pro
43.204.233.120  Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 126

• https://web.facebook.com/v2.10/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7cdcc6efaab35b7%26domain%3Dprophaze.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprophaze.com%252Ff7a89819630a869cd%26relation%3Dparent.parent&container_width=313&height=220&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fprophazetech&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs=&width=500px HTTP 302
• https://www.facebook.com/v2.10/plugins/page.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7cdcc6efaab35b7%26domain%3Dprophaze.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprophaze.com%252Ff7a89819630a869cd%26relation%3Dparent.parent&container_width=313&height=220&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fprophazetech&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs&width=500px&_rdc=1&_rdr

Request Chain 128

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3199476&time=1716878391980&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3199476&time=1716878391980&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&e_ipv6=AQJ3y4iKXMOqcQAAAY-97TtLFX8fi7Uq7ilLtij-snLADg0LUuY5PXHNcirS4k0b

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/	173 KB 30 KB	2928ms 2542ms	Document text/html	43.204.233.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.204.233.120 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-204-233-120.ap-south-1.compute.amazonaws.com Software / Resource Hash 7344e0e903a29eccc3a4160125b74a2b8b8a232ac3d462e7233b0ce5a2c9f408 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 28 May 2024 06:39:46 GMT Link <https://prophaze.com/wp-json/>; rel="https://api.w.org/" <https://prophaze.com/wp-json/wp/v2/posts/7729>; rel="alternate"; type="application/json" <https://prophaze.com/?p=7729>; rel=shortlink Referrer-Policy same-origin Transfer-Encoding chunked X-Content-Type-Options nosniff X-Permitted-Cross-Domain-Policies master-only X-XSS-Protection 1; mode=block
GET H2	200	style.min.css prophaze.b-cdn.net/wp-includes/css/dist/block-library/	81 KB 13 KB	758ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/css/dist/block-library/style.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 83419 cdn-edgestorageid 1079 cdn-cachedat 05/27/2024 09:04:29 cdn-pullzone 486879 x-bo-server DE-261 last-modified Mon, 20 May 2024 21:59:08 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1023 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 27dd814ad1e1bbb0065204ac39924fcf cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	slick.css prophaze.b-cdn.net/wp-content/plugins/blog-designer-pack/assets/css/	1 KB 1 KB	735ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/blog-designer-pack/assets/css/slick.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash af7ec644b63e5c991e970d2e2f0f4e1ff30dddfe5797d0027b9877bcb64639de Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 1574 cdn-edgestorageid 1080 x-bo-processingtime 1 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-260 last-modified Mon, 20 May 2024 21:59:08 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1023 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid d006ce82fcd0cca7f03bc573ef8619e5 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	bdp-public.css prophaze.b-cdn.net/wp-content/plugins/blog-designer-pack/assets/css/	19 KB 5 KB	742ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/blog-designer-pack/assets/css/bdp-public.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 73b1235e18aa117904c5ecfd75792799a09198cc7b889107d87a1456caaf907b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 25678 cdn-edgestorageid 1080 x-bo-processingtime 5 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-233 last-modified Mon, 20 May 2024 21:59:10 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1015 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid f5aef8ece877cd15924f87586c3f6c77 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	styles.css prophaze.b-cdn.net/wp-content/plugins/contact-form-7/includes/css/	2 KB 2 KB	769ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/contact-form-7/includes/css/styles.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 53157d7e282fffcf8d6e1fcffbc5ec9c441f48c9609b8108e1090e2d9b2561a4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 2731 cdn-edgestorageid 1080 x-bo-processingtime 2 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-136 last-modified Sat, 04 May 2024 09:34:20 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1449 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 87724691ab4987f1c8d1b7de0e9fdcc9 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ivory-search.min.css prophaze.b-cdn.net/wp-content/plugins/add-search-to-menu/public/css/	7 KB 3 KB	738ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 6811 cdn-edgestorageid 1082 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-228 last-modified Sun, 12 May 2024 16:47:47 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1452 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid a47d9c5946c57c6a37471ef83b386175 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	header-footer-elementor.css prophaze.b-cdn.net/wp-content/plugins/header-footer-elementor/assets/css/	489 B 972 B	733ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash f7122c82a9b1486b5b0cfaaa2a086dd233a956c0a15feed29b66ace34ff563b8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 776 cdn-edgestorageid 1081 x-bo-processingtime 1 cdn-cachedat 05/16/2024 12:30:42 cdn-pullzone 486879 x-bo-server DE-235 last-modified Fri, 26 Apr 2024 09:19:27 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1528 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 14f8eaee2132d165d1d2e65551ebc441 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	elementor-icons.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/eicons/css/	19 KB 5 KB	625ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 19443 cdn-edgestorageid 1081 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-139 last-modified Sun, 05 May 2024 04:27:44 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1524 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid dc2eecfdc3de6bf6a4853ef7f1c7913d cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend-legacy.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/css/	10 KB 1 KB	697ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash fca5eb2f7f0e369ce02c777e7c947f792a56d9cd843b274e5a535da2dc7211c8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 9921 cdn-edgestorageid 1082 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-235 last-modified Tue, 14 May 2024 22:15:49 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1013 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 80ca8df03742c5ad0b0aebf29f1d8968 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/css/	153 KB 23 KB	706ms 7ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/css/frontend.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 2a39504ff0e8230cff9511b4027a386c4b2a54601d27524c751e7dc6f0a6e6f9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 157039 cdn-edgestorageid 1080 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-269 last-modified Sat, 04 May 2024 14:49:48 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1954 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 6091d202839128a702fe1e3acc1f693d cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	swiper.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/swiper/css/	13 KB 3 KB	626ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 12876 cdn-edgestorageid 1080 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-224 last-modified Mon, 20 May 2024 21:59:10 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1018 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 7c5d4b8f9277e27586d8737554ea9763 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css prophaze.b-cdn.net/wp-content/plugins/deo-elementor/assets/css/	19 KB 6 KB	707ms 8ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/deo-elementor/assets/css/style.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash dd623f40ea7e90d787c30fdf6f831d34bfbac9f3c83ea4c6b3c96b10e4e0b1d5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 28290 cdn-edgestorageid 1080 x-bo-processingtime 6 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-139 last-modified Thu, 25 Apr 2024 04:33:55 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1517 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 054165efcb46299725d0aee7f24a4624 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend.min.css prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/css/	437 KB 50 KB	681ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/css/frontend.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 3963b8591050c4af2f0edf8a96662113f01900444868e6936c5d192bc44dfe6d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 447842 cdn-edgestorageid 1082 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-269 last-modified Tue, 14 May 2024 17:59:29 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1839 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid db6fbdebcac399570753600380f9f04b cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	bootstrap.min.css prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/	27 KB 6 KB	690ms 8ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/bootstrap.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a859b79bf3c89b50d4398b00b98ef08908533d57e6f819d763846bcdf259fa55 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 27329 cdn-edgestorageid 1081 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-224 last-modified Sat, 04 May 2024 09:34:20 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1503 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 08092f8a8874b92da93b74bec9da647a cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	font-icons.css prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/	3 KB 2 KB	608ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/font-icons.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 3a0f860b4692ba4d9ff2b0ba0d9314c35e45d08f323252ec3945df914d873532 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 4718 cdn-edgestorageid 1079 x-bo-processingtime 2 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-224 last-modified Thu, 25 Apr 2024 04:33:53 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1545 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 4db080f0d2dd76de27803434765993bf cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cookieconsent.min.css prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/	4 KB 2 KB	600ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/cookieconsent.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 4064 cdn-edgestorageid 1081 cdn-cachedat 05/02/2024 10:37:22 cdn-pullzone 486879 x-bo-server DE-259 last-modified Wed, 01 May 2024 05:44:20 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1276 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 2ff1e8f632ee5f766da4efd62209c564 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	style.css prophaze.b-cdn.net/wp-content/themes/emaus/	57 KB 14 KB	674ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/style.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash f6672cb055a7b64a0cc175f33770b2be6993478fb8152495503c9dd49c76ddc5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 80998 cdn-edgestorageid 1079 x-bo-processingtime 14 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-224 last-modified Wed, 01 May 2024 05:44:20 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1374 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 34104e64f7d8652c5cfed4b8be040db4 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend.css prophaze.b-cdn.net/wp-content/plugins/header-footer-elementor/inc/widgets-css/	63 KB 9 KB	673ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e8e02235e040fa6a98c491cc5ae68c630f499d0de5cbba7ef5624b6228483003 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 75684 cdn-edgestorageid 1079 x-bo-processingtime 27 cdn-cachedat 05/27/2024 09:04:29 cdn-pullzone 486879 x-bo-server DE-229 last-modified Fri, 17 May 2024 12:14:53 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1025 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid bba68bec696e06c65f3750d513dec6c7 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ekiticons.css prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/	122 KB 14 KB	683ms 8ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d11938e0b05ca7f61cfcc7cf9e43a3862e04f43be1d9209d191eda0782792bbb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 124837 cdn-edgestorageid 1082 x-bo-processingtime 31 cdn-cachedat 05/02/2024 10:37:22 cdn-pullzone 486879 x-bo-server DE-137 last-modified Sun, 28 Apr 2024 08:00:27 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1519 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid fc1905daa23e3ddde8ab96a6f6736423 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	rtbs_style.min.css prophaze.b-cdn.net/wp-content/plugins/responsive-tabs/inc/css/	2 KB 1 KB	682ms 7ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/responsive-tabs/inc/css/rtbs_style.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash da69b99dee8744ba9d038c8d0a06148045cc358df5621e6d682c530a15280a28 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 1717 cdn-edgestorageid 1079 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-260 last-modified Sun, 14 Apr 2024 17:17:12 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1168 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 53fc05c620b164da2c835d582ab44285 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	widget-styles.css prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/css/	433 KB 59 KB	683ms 8ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e9ecbc77ba59280718ede3639bf56fb70431b4610d4617b56225a30a79c562b4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 445429 cdn-edgestorageid 1079 x-bo-processingtime 111 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-153 last-modified Sun, 28 Apr 2024 08:00:27 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1799 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid d8263a7c145dfa320e14669483045aff cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	responsive.css prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/css/	30 KB 5 KB	1046ms 372ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 5a0256a59e8c56d91e525136b8d24dfbb5d5375b2a3b8d96891c44e8a6b6ae95 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 30299 cdn-edgestorageid 1081 x-bo-processingtime 25 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-185 last-modified Mon, 29 Apr 2024 10:16:10 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1527 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid db18fe8ec3f17b8424824850eabd2355 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	general.min.css prophaze.b-cdn.net/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/	3 KB 2 KB	811ms 137ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 3e584003b5c6df9bc2854b2775e527ef7240f3d1cae4047e9aa504cdfbc109f9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 3443 cdn-edgestorageid 1081 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-223 last-modified Tue, 14 May 2024 17:22:21 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1461 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid a37a2d5ac4c04fa9a373ae3c4a1926e5 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response prophaze.b-cdn.net/wp-includes/js/jquery/	87 KB 33 KB	673ms 9ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/js/jquery/jquery.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 89521 cdn-edgestorageid 1080 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-261 last-modified Mon, 13 May 2024 10:29:44 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1862 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 11c7565dc07ebcbcf73fc46040334d8a cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	scripts.js Show response prophaze.b-cdn.net/wp-content/plugins/deo-elementor/assets/js/	4 KB 2 KB	672ms 9ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/deo-elementor/assets/js/scripts.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 87e5842c9ef278a5a10a59f0644035acad3dd98f1a84affadaf6465c7c02dcd9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 6815 cdn-edgestorageid 1079 x-bo-processingtime 3 cdn-cachedat 05/27/2024 09:04:29 cdn-pullzone 486879 x-bo-server DE-233 last-modified Mon, 13 May 2024 09:26:49 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1446 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 384db73bf8e398b2fadb5d1c3a47e7aa cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	v4-shims.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/js/	15 KB 5 KB	671ms 8ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 15055 cdn-edgestorageid 1082 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-227 last-modified Thu, 25 Apr 2024 06:20:45 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1524 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid eae1818c4d47f99d56bf95687aa5edfe cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	isotope.pkgd.min.js Show response prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/	35 KB 11 KB	794ms 131ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/isotope.pkgd.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 35445 cdn-edgestorageid 1079 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-259 last-modified Fri, 26 Apr 2024 09:35:11 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1527 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 97885992f608e3258850dfd5523c43e5 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	rtbs.min.js Show response prophaze.b-cdn.net/wp-content/plugins/responsive-tabs/inc/js/	4 KB 1 KB	793ms 131ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/responsive-tabs/inc/js/rtbs.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 35e2e71f5813f085dcea3427d1a5bd85a7ffbe6303d5b010b8fc822a5ea9e136 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 4552 cdn-edgestorageid 1081 cdn-cachedat 05/26/2024 14:55:26 cdn-pullzone 486879 x-bo-server DE-259 last-modified Fri, 10 May 2024 08:11:08 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1536 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 5f784265fd012c22cf4e66c6e221984f cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css-lazy-load.min.js Show response prophaze.b-cdn.net/wp-content/plugins/wp-disable/js/	1 KB 1 KB	670ms 9ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/wp-disable/js/css-lazy-load.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 253d8b908a5d3770fce2e7a9c469dd59cd4a341c0b7185d428030a879d02036d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:47 GMT content-encoding br x-downloadsize 1278 cdn-edgestorageid 1080 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-243 last-modified Mon, 13 May 2024 10:29:46 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1434 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 1a3686a86754a092bb64037eadcf2ee4 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	200 OK	Prophaze_latest_logo-v1.png prophaze.com/wp-content/uploads/2021/03/	7 KB 7 KB	1357ms 854ms	Image image/png	43.204.233.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.com/wp-content/uploads/2021/03/Prophaze_latest_logo-v1.png Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.204.233.120 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-204-233-120.ap-south-1.compute.amazonaws.com Software / Resource Hash 80528b4407891366f962e83d9cfee99d069aebe8435ebae25f739c072ca304fd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 06:39:48 GMT X-Content-Type-Options nosniff Referrer-Policy same-origin Last-Modified Sun, 12 Feb 2023 08:36:53 GMT X-Permitted-Cross-Domain-Policies master-only ETag "63e8a525-1b17" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 6935 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	Prophaze_210x60.png prophaze.com/wp-content/uploads/2021/03/	8 KB 8 KB	1357ms 854ms	Image image/png	43.204.233.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.com/wp-content/uploads/2021/03/Prophaze_210x60.png Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.204.233.120 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-204-233-120.ap-south-1.compute.amazonaws.com Software / Resource Hash a5a7b2fa94f03c81b1946e883846d9639307931bb4f7815b85f5ef32e05307a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 06:39:48 GMT X-Content-Type-Options nosniff Referrer-Policy same-origin Last-Modified Tue, 23 Nov 2021 05:36:43 GMT X-Permitted-Cross-Domain-Policies master-only ETag "619c7deb-1e13" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 7699 X-XSS-Protection 1; mode=block
GET H2	200	fontawesome.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/	57 KB 13 KB	222ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:48 GMT content-encoding br x-downloadsize 57912 cdn-edgestorageid 1082 cdn-cachedat 05/19/2024 05:54:15 cdn-pullzone 486879 x-bo-server DE-263 last-modified Fri, 10 May 2024 11:04:45 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1442 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid b1afade68064e5658562c34ca3602701 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	regular.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/	677 B 1 KB	223ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:48 GMT content-encoding br x-downloadsize 677 cdn-edgestorageid 1081 cdn-cachedat 05/21/2024 07:01:15 cdn-pullzone 486879 x-bo-server DE-243 last-modified Fri, 10 May 2024 11:04:45 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1483 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid acbaf5285cc1928fe330f233c288764a cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	solid.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/	669 B 1 KB	237ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 669 cdn-edgestorageid 1081 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-133 last-modified Fri, 10 May 2024 19:07:32 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1518 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 6f481d2d5306ec4d3fd1b07cd80173e7 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	brands.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/	675 B 1 KB	234ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 675 cdn-edgestorageid 1081 cdn-cachedat 05/21/2024 07:01:15 cdn-pullzone 486879 x-bo-server DE-136 last-modified Tue, 21 May 2024 00:26:17 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1022 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid e7d81077ce1b638081ed7d33fd9c07f1 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend.min.css prophaze.b-cdn.net/wp-content/plugins/bravepopup-pro/assets/css/	89 KB 13 KB	221ms 6ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/bravepopup-pro/assets/css/frontend.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a41ed369c9b22dd258e06819b9e9f5aa62196747e45a1412d11afe06c6188fbf Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 91032 cdn-edgestorageid 1082 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-138 last-modified Mon, 13 May 2024 10:29:47 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1466 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 094651c1b4053e916a44ae20e2b1812e cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	animations.min.css prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/animations/	18 KB 4 KB	289ms 0ms	Stylesheet text/css	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/animations/animations.min.css Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 18468 cdn-edgestorageid 1082 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-137 last-modified Thu, 09 May 2024 04:40:03 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1495 content-type text/css access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 2e3b80b1972f1baae8e1627dcee43e91 cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	regenerator-runtime.min.js Show response prophaze.b-cdn.net/wp-includes/js/dist/vendor/	6 KB 3 KB	295ms 6ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 6494 cdn-edgestorageid 1079 cdn-cachedat 05/27/2024 09:04:31 cdn-pullzone 486879 x-bo-server DE-260 last-modified Sat, 04 May 2024 13:12:52 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1158 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 3c06050b44e1f7fd9af395d18e6f4866 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	wp-polyfill.min.js Show response prophaze.b-cdn.net/wp-includes/js/dist/vendor/	19 KB 8 KB	298ms 10ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/js/dist/vendor/wp-polyfill.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 19261 cdn-edgestorageid 1082 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-138 last-modified Tue, 14 May 2024 15:06:47 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1483 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 6d8a6b2acb13db9548001b69bcf73356 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	index.js Show response prophaze.b-cdn.net/wp-content/plugins/contact-form-7/includes/js/	11 KB 4 KB	297ms 9ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/contact-form-7/includes/js/index.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a5939b9afea506141007d9c9910b37c645f4a4af80b88be3728f6770340a611f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 11862 cdn-edgestorageid 1082 x-bo-processingtime 5 cdn-cachedat 05/19/2024 05:54:16 cdn-pullzone 486879 x-bo-server DE-268 last-modified Fri, 26 Apr 2024 09:35:11 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1514 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid f09247833a870348708b43484fa1364e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	8418714.js Show response js.hs-scripts.com/	2 KB 1 KB	828ms 211ms	Script application/javascript	2606:4700::6810:8dd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-scripts.com/8418714.js?integration=WordPress&ver=10.1.28 Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:8dd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8924aa88e93bc164c8943c4ed40244b289380c44eba06ee55c3887e8f300ff22 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status EXPIRED x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 76936db9-006b-47fe-99be-f98701a9ba92 x-envoy-upstream-service-time 22 content-length 684 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 76936db9-006b-47fe-99be-f98701a9ba92 last-modified Tue, 28 May 2024 06:23:05 GMT server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-4ldzq cache-control public, max-age=90 access-control-allow-credentials true accept-ranges bytes cf-ray 88ac3ff109999b67-FRA expires Tue, 28 May 2024 06:41:20 GMT
GET H2	200	bootstrap.min.js Show response prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/	21 KB 7 KB	276ms 0ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/bootstrap.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 14a95bff7c7129a6366cb44975f2f0404e45458431256a0dca7cc4e7e39e3e61 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 21674 cdn-edgestorageid 1080 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-224 last-modified Thu, 25 Apr 2024 09:51:54 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1518 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid dd9ae89bc0dceeb0ee7bc25ea8012c73 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	modernizr.js Show response prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/	5 KB 3 KB	283ms 7ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/modernizr.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 36feb89db6e011895268a0e823ef684cd998b26517713a056d1f75b4ea53fd8d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 5328 cdn-edgestorageid 1079 x-bo-processingtime 4 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-266 last-modified Sun, 28 Apr 2024 11:51:40 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1253 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 9ea2c9a72c5dbc02278e64fcf6e89147 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	imagesloaded.min.js Show response prophaze.b-cdn.net/wp-includes/js/	5 KB 3 KB	283ms 8ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/js/imagesloaded.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 5629 cdn-edgestorageid 1079 cdn-cachedat 05/27/2024 09:04:31 cdn-pullzone 486879 x-bo-server DE-223 last-modified Mon, 29 Apr 2024 19:18:19 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1493 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 4f74824118957c83b03b602c8775be6f cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	scripts.js Show response prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/	4 KB 2 KB	567ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/scripts.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 76d1daa80ada5f418274978cffc50c285593baa8634098720799db53eb500706 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 5871 cdn-edgestorageid 1081 x-bo-processingtime 2 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-185 last-modified Mon, 13 May 2024 08:38:23 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1452 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 0ddbee88309d0c8e1d5f9c2171430d16 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cookieconsent.min.js Show response prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/	20 KB 8 KB	284ms 9ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/cookieconsent.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 20808 cdn-edgestorageid 1080 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-269 last-modified Fri, 24 May 2024 04:41:46 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1014 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid af84336b15c767554847b957978e8c9e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	cookies.js Show response prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/	414 B 820 B	286ms 11ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/js/cookies.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a8a532f86af8ea05d655d3fa1ee9174b423767b509c83e405767cd17b363f0b6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 600 cdn-edgestorageid 1081 x-bo-processingtime 19 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-269 last-modified Fri, 10 May 2024 08:11:10 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1446 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid e6d2db417dd78cf227779b1831551608 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend-script.js Show response prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/libs/framework/assets/js/	37 B 557 B	485ms 210ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash aaa3a7e71fb89d594543a4e2bc3e5cd02b992770755558c6c17f452c73c2c42f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-downloadsize 40 cdn-edgestorageid 1081 x-bo-processingtime 2 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 content-length 37 x-bo-server DE-223 last-modified Sun, 14 Apr 2024 14:47:30 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1164 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 1b8a4a6c0f4a4e979026262288cbe47f accept-ranges bytes cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	widget-scripts.js Show response prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/js/	132 KB 39 KB	286ms 11ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 01a83f9b87440828c97f8badf143e41c947385d5f8cf2598cdefbb78541a95dc Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 137549 cdn-edgestorageid 1080 x-bo-processingtime 58 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-137 last-modified Fri, 26 Apr 2024 09:19:28 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1951 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 9d516b2db804a0e1851e2791bf07239e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET		api.js www.google.com/recaptcha/	0 0
GET H2	200	index.js Show response prophaze.b-cdn.net/wp-content/plugins/contact-form-7/modules/recaptcha/	919 B 1 KB	285ms 11ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/contact-form-7/modules/recaptcha/index.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 897e7de3d3fc02cca32c6b92cb01c1e312f279e7808bfe3710b010224d69cb61 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 934 cdn-edgestorageid 1080 x-bo-processingtime 1 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-268 last-modified Mon, 13 May 2024 08:22:12 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1447 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 205c45059df9d6303004baa9bdae4d69 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	general.min.js Show response prophaze.b-cdn.net/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/	9 KB 4 KB	286ms 12ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 3f9de756b0ed57cc0baffd54c3b4f6d038179760f5090d0d2ff6eab693eb46e6 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 9055 cdn-edgestorageid 1080 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-234 last-modified Fri, 03 May 2024 15:14:11 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1524 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 87849b053d8f3d06f457de082e0fbf1c cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ivory-search.min.js Show response prophaze.b-cdn.net/wp-content/plugins/add-search-to-menu/public/js/	4 KB 2 KB	482ms 209ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 4591 cdn-edgestorageid 1079 cdn-cachedat 05/27/2024 09:04:35 cdn-pullzone 486879 x-bo-server DE-227 last-modified Thu, 02 May 2024 02:25:14 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1024 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid d5a76d949fc30fe8da9c1ae1a4f1fd01 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	brave.js Show response prophaze.b-cdn.net/wp-content/plugins/bravepopup-pro/assets/frontend/	55 KB 16 KB	286ms 13ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/bravepopup-pro/assets/frontend/brave.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 24decd38fa21feef718a3f2b527d8d988d2d3cc92e8f2390b0c5024e1ffc52cd Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 110829 cdn-edgestorageid 1080 x-bo-processingtime 19 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-228 last-modified Fri, 26 Apr 2024 09:19:30 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1917 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 65f054e761c6ccf6bf8aa8b77a89bc20 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	webpack-pro.runtime.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/js/	5 KB 3 KB	284ms 12ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash c2ed4b80cc0bfd8b35c13b9becb418d96d58f9f44048b24d6e45dba4938cac69 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 5561 cdn-edgestorageid 1082 cdn-cachedat 05/25/2024 18:26:25 cdn-pullzone 486879 x-bo-server DE-266 last-modified Sat, 25 May 2024 07:56:29 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1017 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 77a0745e9c4e900b9dfa695dd845eee0 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	webpack.runtime.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/	5 KB 3 KB	482ms 210ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 4958 cdn-edgestorageid 1079 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-235 last-modified Thu, 02 May 2024 04:04:22 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1454 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 7032a283a4d436c13ba91667586c016a cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend-modules.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/	52 KB 17 KB	565ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/frontend-modules.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 52861 cdn-edgestorageid 1079 cdn-cachedat 05/27/2024 09:04:35 cdn-pullzone 486879 x-bo-server DE-260 last-modified Fri, 17 May 2024 10:15:14 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1155 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 2fb3c634a38f027a82497b68d66ecb0c cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	hooks.min.js Show response prophaze.b-cdn.net/wp-includes/js/dist/	6 KB 2 KB	481ms 209ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/js/dist/hooks.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 5690 cdn-edgestorageid 1080 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-152 last-modified Sat, 04 May 2024 13:12:50 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1460 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 5e76dee97929e6a55a0b76c35f31e67d cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	i18n.min.js Show response prophaze.b-cdn.net/wp-includes/js/dist/	10 KB 5 KB	563ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/js/dist/i18n.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 10407 cdn-edgestorageid 1079 cdn-cachedat 05/27/2024 09:04:35 cdn-pullzone 486879 x-bo-server DE-234 last-modified Tue, 14 May 2024 15:06:47 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1438 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid ec017cb530ce8213efe464ecb2ee626f cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/js/	24 KB 8 KB	565ms 293ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/js/frontend.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 51187f64d3c89b9bba020ac511217aed3ea94cfc82aa3c5450b6132cfab4c039 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 24380 cdn-edgestorageid 1080 cdn-cachedat 05/04/2024 06:21:21 cdn-pullzone 486879 x-bo-server DE-225 last-modified Thu, 02 May 2024 04:04:24 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1429 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 90f08dbb944d827a7fc0c59bb3212f3f cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	waypoints.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/waypoints/	12 KB 4 KB	482ms 211ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 12198 cdn-edgestorageid 1082 cdn-cachedat 05/27/2024 09:04:36 cdn-pullzone 486879 x-bo-server DE-269 last-modified Thu, 02 May 2024 04:04:24 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1446 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 1975ada187cb80790792ceb5d16dd73a cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	core.min.js Show response prophaze.b-cdn.net/wp-includes/js/jquery/ui/	20 KB 8 KB	564ms 293ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-includes/js/jquery/ui/core.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 9d7da1b980a95ff3d31d0bb8733cbabd1d210ec601d15a1aac2b67394a33191d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 20714 cdn-edgestorageid 1081 cdn-cachedat 05/25/2024 18:26:25 cdn-pullzone 486879 x-bo-server DE-261 last-modified Sat, 04 May 2024 14:49:53 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1203 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 02961b0e29c28a91f7788c0bb0ed3e14 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	swiper.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/swiper/	136 KB 39 KB	562ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 139153 cdn-edgestorageid 1079 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-243 last-modified Sat, 04 May 2024 13:12:50 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1803 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid b15028d8586f8f72d4c3e440221bfb54 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	share-link.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/share-link/	3 KB 2 KB	562ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 138154c0deed3326477b9b4909175101070a5a3a95342291b53d8cc9879a5f47 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 2620 cdn-edgestorageid 1079 cdn-cachedat 05/27/2024 09:04:36 cdn-pullzone 486879 x-bo-server DE-227 last-modified Mon, 13 May 2024 10:29:49 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1447 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 1dac56ae58ab3c3741b7d3f6beb5412e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	dialog.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/dialog/	10 KB 4 KB	562ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash e9ba3d0c5d5408e00becd36ad394fa9ad9c0616741ebdd6dddc8e837db3605ba Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 10749 cdn-edgestorageid 1081 cdn-cachedat 05/25/2024 18:26:25 cdn-pullzone 486879 x-bo-server DE-223 last-modified Sat, 25 May 2024 14:01:26 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1011 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 04d0e1672fbb411d3e02f727a6464938 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	frontend.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/	40 KB 14 KB	562ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/frontend.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 40814 cdn-edgestorageid 1082 cdn-cachedat 05/25/2024 18:26:25 cdn-pullzone 486879 x-bo-server DE-243 last-modified Mon, 13 May 2024 09:26:49 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1440 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 989d805abf4849e03dc8ea4ed3f49b7f cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	preloaded-elements-handlers.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/js/	164 KB 43 KB	481ms 212ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 2fdaf549542c19d303a61dd53d8558a115ff3a1296d974b3392f9e47cb64fd5f Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 167426 cdn-edgestorageid 1081 cdn-cachedat 05/24/2024 07:17:38 cdn-pullzone 486879 x-bo-server DE-266 last-modified Sat, 04 May 2024 13:12:50 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1878 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 42071c87dd23844d566fc98233a9c2b9 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	animate-circle.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/js/	681 B 957 B	562ms 293ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a8642bcd147ba3528345f5bd17f788cd524931e093255b2c1c8344677a1ab505 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 681 cdn-edgestorageid 1081 cdn-cachedat 05/25/2024 18:26:25 cdn-pullzone 486879 x-bo-server DE-136 last-modified Sat, 25 May 2024 12:20:24 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1004 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid be3f59400a417eaed21c20876816a497 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	elementor.js Show response prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/js/	18 KB 6 KB	562ms 293ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 91e41cfbdd244e15cab09ea725d9d74fcf3f82965be5bf578d6d2827791b11af Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 18458 cdn-edgestorageid 1081 x-bo-processingtime 8 cdn-cachedat 05/25/2024 18:26:25 cdn-pullzone 486879 x-bo-server DE-226 last-modified Mon, 13 May 2024 10:29:49 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 vary Accept-Encoding x-bo-origindownloadtime 1445 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid da94636a86232277d83ed95697316b84 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	preloaded-modules.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/	41 KB 14 KB	562ms 292ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash af0b0dbfec18aecd0518daf2ae4b6d60b0b148de91978fd182e2831ce659b5a2 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 42061 cdn-edgestorageid 1081 cdn-cachedat 05/25/2024 18:26:25 cdn-pullzone 486879 x-bo-server DE-233 last-modified Sun, 05 May 2024 04:27:49 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1454 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid b30811e2961095d11102ec5ea6e6fbdf cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.sticky.min.js Show response prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/lib/sticky/	4 KB 2 KB	561ms 293ms	Script application/javascript	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 34bbd1c367ffc7d80fcff86c7e5f8777e70f4911bb324e8ecfc7dd3604a96e68 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding br x-downloadsize 3721 cdn-edgestorageid 1079 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 x-bo-server DE-235 last-modified Sat, 04 May 2024 14:49:54 GMT server BunnyCDN-DE1-1080 cdn-requestpullcode 200 cdn-proxyver 1.04 vary Accept-Encoding x-bo-origindownloadtime 1456 content-type application/javascript cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 cdn-requestid 6745bc65cfc06b07ad4f082084feb37f cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	600ms 0ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 28 May 2024 06:29:08 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 641 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 28 May 2024 08:29:08 GMT
GET H3	200	63ab2170849ad2028db8b3f3 Show response ws.zoominfo.com/pixel/	3 KB 2 KB	756ms 475ms	Script text/javascript	104.16.117.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/63ab2170849ad2028db8b3f3 Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 510595fa2b7c783bb8ee597c73b13c1a6ffcd6cc5261f2a7987297eeae35dd2b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url alt-svc h3=":443"; ma=86400 cf-ray 88ac3fef2b29382e-FRA
GET H2	200	lftracker_v1_p1e024BvyBW4GB6d.js Show response sc.lfeeder.com/	30 KB 11 KB	608ms 0ms	Script application/javascript	2600:9000:26da:3a00:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_p1e024BvyBW4GB6d.js Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:26da:3a00:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c51fa9ffc6936bf0aeb1a628f63bb1376dcfb136c7450e37f7dcf842a3f08c4c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id CTw4atWBsKDldhUnvWUPQof.fDdoT2GE content-encoding gzip via 1.1 6da146f012af036eaa9002470b7d7c54.cloudfront.net (CloudFront) date Tue, 28 May 2024 06:23:06 GMT last-modified Tue, 21 May 2024 07:32:23 GMT server AmazonS3 x-amz-cf-pop MUC50-P4 age 1004 x-amz-server-side-encryption AES256 etag W/"b1a87fb9581947340d79b34187b65905" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id V4duSBYADL-fe_f3wFGN7o7PjQVMAZ5hJZzpvXjC1lshNvQnNQOl7Q==
GET H2	200	iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkaVN.woff prophaze.b-cdn.net/wp-content/fonts/rubik/	23 KB 24 KB	391ms 0ms	Font application/font-woff	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkaVN.woff Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 49fb1225a6fd2508ca9c0f270081a7c1cad0aed04207bd8573d999215fe1950c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-content-type-options nosniff x-permitted-cross-domain-policies master-only cdn-edgestorageid 1081 cdn-cachedat 05/12/2024 07:14:53 cdn-pullzone 486879 content-length 24000 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 18 Jul 2023 11:58:53 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "64b67e7d-5dc0" content-type application/font-woff access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 4ad1b6d27806a0e74471a928fea08976 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	ui-icons.woff2 prophaze.b-cdn.net/wp-content/themes/emaus/assets/fonts/	14 KB 15 KB	369ms 0ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/fonts/ui-icons.woff2?47252675 Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/font-icons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 51ece5c2576888e20eab3a357e50ca51a901f6aa6cc84f5b8c668da6b960ee35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.b-cdn.net/wp-content/themes/emaus/assets/css/font-icons.css Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-content-type-options nosniff x-permitted-cross-domain-policies master-only cdn-edgestorageid 1082 cdn-cachedat 10/25/2023 07:08:54 cdn-pullzone 486879 content-length 14420 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sat, 07 Aug 2021 12:53:47 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "610e825b-3854" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid ca1955df89f393dcc83d1d1bb606d23d accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0UzdYPFkaVN.woff prophaze.b-cdn.net/wp-content/fonts/rubik/	24 KB 25 KB	509ms 108ms	Font application/font-woff	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0UzdYPFkaVN.woff Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 472faa56da6137ad4f3b5b776a3b8dad1f2347982ce7d61d9dd30037f5671a6d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-content-type-options nosniff x-permitted-cross-domain-policies master-only cdn-edgestorageid 1082 cdn-cachedat 03/31/2024 19:58:55 cdn-pullzone 486879 content-length 24316 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 18 Jul 2023 11:58:53 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "64b67e7d-5efc" content-type application/font-woff access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 63366d016745e8f6235990cfe112fb4d accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0UzdYPFkaVN.woff prophaze.b-cdn.net/wp-content/fonts/rubik/	24 KB 25 KB	400ms 0ms	Font application/font-woff	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0UzdYPFkaVN.woff Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 816187850ec88cc625dec1da659e0e9baefc4de4878979b4c055434f9335871d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-content-type-options nosniff x-permitted-cross-domain-policies master-only cdn-edgestorageid 1082 cdn-cachedat 05/24/2024 18:53:30 cdn-pullzone 486879 content-length 24308 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Tue, 18 Jul 2023 11:58:54 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "64b67e7e-5ef4" content-type application/font-woff access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 952981f94c7d29d1f0cd47efbc117c93 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	373fc7db62d84caefa2a67786a9be1a0 secure.gravatar.com/avatar/	1 KB 2 KB	624ms 0ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://secure.gravatar.com/avatar/373fc7db62d84caefa2a67786a9be1a0?s=96&d=mm&r=g Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 54ee9bbe2550cd9323f302ba77e47d14fcb84cec7c628521b9f19cd52ce37cef Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-nc HIT hhn 2 date Tue, 28 May 2024 06:39:50 GMT last-modified Wed, 11 Jan 1984 08:00:00 GMT server nginx content-type image/jpeg access-control-allow-origin * cache-control max-age=300 content-disposition inline; filename="373fc7db62d84caefa2a67786a9be1a0.png" accept-ranges bytes link <https://gravatar.com/avatar/373fc7db62d84caefa2a67786a9be1a0?s=96&d=mm&r=g>; rel="canonical" content-length 1447 alt-svc h3=":443"; ma=86400 expires Tue, 28 May 2024 06:44:50 GMT
GET H2	200	ccode-1.png prophaze.b-cdn.net/wp-content/uploads/2020/07/	56 KB 57 KB	1946ms 1609ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2020/07/ccode-1.png Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash fb3065f1e6587b0161f556be514d9771c8907e7f656d06e9fc841438b6d7c031 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT x-downloadsize 14263 cdn-edgestorageid 1079 x-bo-processingtime 1 cdn-cachedat 05/28/2024 06:39:51 cdn-pullzone 486879 content-length 57854 x-bo-server DE-266 last-modified Tue, 28 May 2024 06:39:49 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 1142 content-type image/webp cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 0% cdn-requestid 1755359f6b9e098dcff04873e833a715 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	CVE-2023-21515.jpg prophaze.b-cdn.net/wp-content/uploads/2023/05/	98 KB 98 KB	977ms 640ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2023/05/CVE-2023-21515.jpg Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d7b3531a143ef8731a64bda5d5c2c9590283e06b4b3286f6e6b71873511a9189 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-downloadsize 181826 cdn-edgestorageid 1081 x-bo-processingtime 13 cdn-cachedat 05/28/2024 06:39:49 cdn-pullzone 486879 content-length 100214 x-bo-server DE-243 last-modified Sun, 26 May 2024 23:11:06 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 1616 content-type image/webp cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 44.88% cdn-requestid 1ac8bd6c9497ece787fffc267ba70a0e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	What-Is-An-HTTP-Flood-DDoS-Attack.jpg prophaze.b-cdn.net/wp-content/uploads/2023/05/	85 KB 86 KB	683ms 347ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2023/05/What-Is-An-HTTP-Flood-DDoS-Attack.jpg Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash c2241d3f75d7df28869d019b6c9feb645c8be8432dc00bef321b94b87def3769 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-downloadsize 150211 cdn-edgestorageid 1079 x-bo-processingtime 12 cdn-cachedat 05/28/2024 06:39:49 cdn-pullzone 486879 content-length 87456 x-bo-server DE-227 last-modified Sun, 26 May 2024 23:11:06 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 1615 content-type image/webp cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 41.78% cdn-requestid 62a8bebbc9a0fe110d3209960f012d5b cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	What-Is-OWASP-Describe-The-OWASP-Top-10.jpg prophaze.b-cdn.net/wp-content/uploads/2023/05/	82 KB 83 KB	977ms 640ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2023/05/What-Is-OWASP-Describe-The-OWASP-Top-10.jpg Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash a30a11441d22f5733e100f354b65512fa14081398d48efee05f02f410c0d654b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-downloadsize 139996 cdn-edgestorageid 1082 x-bo-processingtime 13 cdn-cachedat 05/28/2024 06:39:49 cdn-pullzone 486879 content-length 84154 x-bo-server DE-153 last-modified Mon, 27 May 2024 09:05:59 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 1553 content-type image/webp cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 39.89% cdn-requestid eabf273c61df1eb9991deb6a58125d6e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	fa-solid-900.woff2 prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/	76 KB 77 KB	276ms 109ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-content-type-options nosniff x-permitted-cross-domain-policies master-only cdn-edgestorageid 1079 cdn-cachedat 03/31/2024 19:59:19 cdn-pullzone 486879 content-length 78196 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 23 Jul 2023 00:07:05 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "64bc6f29-13174" content-type application/octet-stream access-control-allow-origin * cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 58f5825588278ce0ee56c503d3b45e46 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	fa-regular-400.woff2 prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/	13 KB 14 KB	482ms 316ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-content-type-options nosniff x-permitted-cross-domain-policies master-only cdn-edgestorageid 1080 cdn-cachedat 05/28/2024 06:39:49 cdn-pullzone 486879 content-length 13276 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 23 Jul 2023 00:07:05 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "64bc6f29-33dc" content-type application/octet-stream access-control-allow-origin * cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 6f608da914cef51c9a87b070d0907d77 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
GET H2	200	fa-brands-400.woff2 prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/	75 KB 76 KB	405ms 316ms	Font application/octet-stream	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.b-cdn.net/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:49 GMT x-content-type-options nosniff x-permitted-cross-domain-policies master-only cdn-edgestorageid 1080 cdn-cachedat 05/28/2024 06:39:49 cdn-pullzone 486879 content-length 76764 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 23 Jul 2023 00:07:05 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 etag "64bc6f29-12bdc" content-type application/octet-stream access-control-allow-origin * cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=2592000 cdn-requestid 7e08a3096b41f2c329fdba85f73eb499 accept-ranges bytes cdn-requestcountrycode DE access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-status 200 cdn-requestpullsuccess True
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 220 B	358ms 0ms	XHR text/plain	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1800269615&t=pageview&_s=1&dl=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&ul=de-de&de=UTF-8&dt=Tracking%20Down%20New%20Wordpress%20Popup%20Injection%20Malware%20-%20Cloud%20WAF&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=270550859&gjid=341576670&cid=600904966.1716878390&tid=UA-51873533-1&_gid=1351003596.1716878390&_r=1&_slc=1&z=1236886157 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8698931013f703df2aefeb859ca253ec994f4bee25bdcdda3da926749cb1d1ec Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 28 May 2024 06:39:50 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prophaze.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ tr-rc.lfeeder.com/	43 B 293 B	664ms 47ms	Image image/gif	18.173.187.83 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr-rc.lfeeder.com/?sid=p1e024BvyBW4GB6d&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTUxODczNTMzLTEiXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbIjYwMDkwNDk2Ni4xNzE2ODc4MzkwIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjIuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9wcm9waGF6ZS5jb20vd2ViLWFwcGxpY2F0aW9uLWZpcmV3YWxsL3RyYWNraW5nLWRvd24tbmV3LXdvcmRwcmVzcy1wb3B1cC1pbmplY3Rpb24tbWFsd2FyZS8iLCJwYWdlVGl0bGUiOiJUcmFja2luZyBEb3duIE5ldyBXb3JkcHJlc3MgUG9wdXAgSW5qZWN0aW9uIE1hbHdhcmUgLSBDbG91ZCBXQUYiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6ImU3ZGUwZjU5MzA4YjdlM2YiLCJzY3JpcHRJZCI6InAxZTAyNEJ2eUJXNEdCNmQiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjI3OTBlY2U4NGYwODJlMjYuMTcxNjg3ODM5MDA5MyIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJzcGEifQ== Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-83.muc50.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT via 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P4 x-cache LambdaGeneratedResponse from cloudfront content-type image/gif content-length 43 x-amz-cf-id L7q6FHC9J5xLUSG6P8mH6Fc7UOsG-aTJMvxMxfTvlwra86HrpwF6XA==
GET H2	200	/ tr-rc.lfeeder.com/	43 B 294 B	583ms 12ms	Image image/gif	18.173.187.83 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr-rc.lfeeder.com/?sid=p1e024BvyBW4GB6d&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTUxODczNTMzLTEiXSwiZ2FNZWFzdXJlbWVudElkcyI6W10sImdhQ2xpZW50SWRzIjpbIjYwMDkwNDk2Ni4xNzE2ODc4MzkwIl0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjIuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9wcm9waGF6ZS5jb20vd2ViLWFwcGxpY2F0aW9uLWZpcmV3YWxsL3RyYWNraW5nLWRvd24tbmV3LXdvcmRwcmVzcy1wb3B1cC1pbmplY3Rpb24tbWFsd2FyZS8iLCJwYWdlVGl0bGUiOiJUcmFja2luZyBEb3duIE5ldyBXb3JkcHJlc3MgUG9wdXAgSW5qZWN0aW9uIE1hbHdhcmUgLSBDbG91ZCBXQUYiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6IjAyY2Y1ZGYzNTYwYzk0OTciLCJzY3JpcHRJZCI6InAxZTAyNEJ2eUJXNEdCNmQiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLjI3OTBlY2U4NGYwODJlMjYuMTcxNjg3ODM5MDA5MyIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJzcGEifQ== Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.83 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-83.muc50.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT via 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P4 x-cache LambdaGeneratedResponse from cloudfront content-type image/gif content-length 43 x-amz-cf-id 0tvG7lf1fPZBmArsRY6u4k3xDxcGM2hZzNUbtxxRbQFV3SivPFXKmQ==
GET H2	200	collectedforms.js Show response js.hscollectedforms.net/	69 KB 24 KB	876ms 150ms	Script application/javascript	2606:4700::6810:6ffe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hscollectedforms.net/collectedforms.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8418714.js?integration=WordPress&ver=10.1.28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT x-amz-version-id WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W content-encoding gzip x-content-type-options nosniff via 1.1 9d2dee9b44718f249b789987d2cbe62c.cloudfront.net (CloudFront) cf-cache-status EXPIRED x-amz-cf-pop IAD12-P3 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id f0889b1b-97bd-4377-9d4d-123c2a25e4af content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=88ac3ff70d7e1b9f-FRA x-cache Hit from cloudfront cache-tag staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id f0889b1b-97bd-4377-9d4d-123c2a25e4af last-modified Wed, 15 May 2024 14:34:44 UTC server cloudflare etag W/"7d377a186677c174f204d466b8fa5fdb" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all x-hs-cache-status HIT cache-control s-maxage=600, max-age=300 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-w988t cf-ray 88ac3ff70d7e1b9f-FRA x-amz-cf-id Yi8jRx5OxicxmhmmyD9wszJuY6_a_8u_Ft4K_q3cqJkzCoNvMhDKzA== x-hs-target-asset collected-forms-embed-js/static-1.503/bundles/project.js
GET H2	200	banner.js Show response js.hs-banner.com/v2/8418714/	71 KB 26 KB	992ms 265ms	Script text/javascript	2606:4700:4400::ac40:991b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/8418714/banner.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8418714.js?integration=WordPress&ver=10.1.28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8778d014db7fa6fb0fa0e68ccee22fb0795803ec744fb2e941d7bf8b026cdaa8 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT x-amz-version-id Va76WC_hknlTS6bVnMGtPe.mS9EBbBh1 content-encoding gzip cf-cache-status REVALIDATED x-amz-request-id 32Y6J27ZMZ0TVQ09 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id d8c0e6ee-b87b-463d-8eac-b7b4035399d9 x-envoy-upstream-service-time 37 x-amz-id-2 6Eg1Vo9uZyJMvEuQ/myTYEx3vzkeeegA4XkYAPOvFOz3OYKcMfOccn6uuUxU3uQ04vPNILLrTDA= x-evy-trace-listener listener_https x-request-id d8c0e6ee-b87b-463d-8eac-b7b4035399d9 x-evy-trace-route-configuration listener_https/all last-modified Mon, 15 Apr 2024 15:12:55 GMT server cloudflare etag W/"a86435d9f05a19ba170135362e671630" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://landing.prophaze.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 88ac3ff709793655-FRA expires Tue, 28 May 2024 06:44:51 GMT
GET H2	200	conversations-embed.js Show response js.usemessages.com/	86 KB 24 KB	692ms 0ms	Script application/javascript	2606:4700::6810:4e8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8418714.js?integration=WordPress&ver=10.1.28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fcc2d62aa56006d7087b11b473c6f12aa61eab39d385475bf68cd96391ffcb4 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT x-amz-version-id .qDGC7zo0zmijZixEpdNGhvW8Rd7SOzn content-encoding gzip x-content-type-options nosniff via 1.1 36b04143ac1626bb30bb225fb2cccb1e.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 69 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16462/bundles/project.js&cfRay=88ac3e42bd783a90-FRA x-cache Hit from cloudfront x-hubspot-correlation-id b4ba2017-2a9b-4ec6-8efe-452c46f69231 cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 6 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id b4ba2017-2a9b-4ec6-8efe-452c46f69231 last-modified Thu, 23 May 2024 14:37:23 UTC server cloudflare etag W/"725a8590d0b92cb071bed0679fb11bd0" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status MISS x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-9c6mc cf-ray 88ac3ff70a8e4d88-FRA x-amz-cf-id pnnmzwTSZeyLCQsipbfaOure8OcEniDSNOuXQrjEeIeWPR47lMRyNA== x-hs-target-asset conversations-embed/static-1.16462/bundles/project.js
GET H2	200	fb.js Show response js.hsadspixel.net/	6 KB 4 KB	696ms 0ms	Script application/javascript	2606:4700::6811:80ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hsadspixel.net/fb.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8418714.js?integration=WordPress&ver=10.1.28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 081cf70b8e6c0d1d978f810f4537e84501c1940d54cd19aee0b065fb8fea3c5b Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT x-amz-version-id 3uRfq0xkxtJ5qmNotyFivu_Hfg8U.PRS content-encoding gzip x-content-type-options nosniff via 1.1 c3d335addde48969fafe25d4064cee80.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 191 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.562/bundles/pixels-release.js&cfRay=88ac3b47fcdf4db0-FRA x-cache Hit from cloudfront x-hubspot-correlation-id 1d868c3f-c903-438f-a071-7fb4d2a696ab cache-tag staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod x-envoy-upstream-service-time 0 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 1d868c3f-c903-438f-a071-7fb4d2a696ab last-modified Thu, 23 May 2024 14:45:23 UTC server cloudflare etag W/"8c40e1f5f100c96c8a0884459629fdec" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status HIT x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7 cf-ray 88ac3ff70dec2bc2-FRA x-amz-cf-id hauBSA_21lJezNsFtsZTmxlimFKyVt9gHcdQ0vaC5YnEa7GMxwheRw== x-hs-target-asset adsscriptloaderstatic/static-1.562/bundles/pixels-release.js
GET H2	200	8418714.js Show response js.hs-analytics.net/analytics/1716878100000/	67 KB 24 KB	846ms 122ms	Script text/javascript	2606:4700::6811:afc9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1716878100000/8418714.js Requested by Host: js.hs-scripts.com URL: https://js.hs-scripts.com/8418714.js?integration=WordPress&ver=10.1.28 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4baa0f4811bcaa1a980c79ef2ba6d4acb5b6683f5702342495b8300641407b3d Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT x-amz-version-id null content-encoding gzip cf-cache-status MISS x-amz-request-id 13RK7PPM37WS5SW4 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 1bd4e4d1-9f8d-4f24-9e68-b59333a4054a x-envoy-upstream-service-time 59 x-amz-id-2 3IyfhuZFg7CX3abDgcMBRcym3WaA3WJ+ge5WKlQ6mdOCpYuiFY9brh76f1O8d4yi/jvNX9c+64k= x-evy-trace-listener listener_https x-request-id 1bd4e4d1-9f8d-4f24-9e68-b59333a4054a x-evy-trace-route-configuration listener_https/all last-modified Fri, 24 May 2024 16:00:16 GMT server cloudflare etag W/"8c678fc49063edee6df36d7c439e2a06" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh cache-control max-age=300,public access-control-allow-credentials false cf-ray 88ac3ff70bc29f33-FRA expires Tue, 28 May 2024 06:44:50 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 347 B	682ms 0ms	XHR text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-51873533-1&cid=600904966.1716878390&jid=270550859&gjid=341576670&_gid=1351003596.1716878390&_u=IEBAAEAAAAAAACAAI~&z=1306554515 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 28 May 2024 06:39:51 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prophaze.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	263 KB 93 KB	648ms 0ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-QZ6EVPX2B1&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 4be89e81ed972f72a60a857f80ca8a7799271f5958c9d885e19612e6ca67e8e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 94844 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 28 May 2024 06:39:51 GMT
GET H/1.1	200 OK	brands.min.css prophaze.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/	675 B 1 KB	825ms 756ms	Stylesheet text/css	43.204.233.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prophaze.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-content/plugins/wp-disable/js/css-lazy-load.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.204.233.120 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-204-233-120.ap-south-1.compute.amazonaws.com Software / Resource Hash 9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 06:39:51 GMT X-Content-Type-Options nosniff Referrer-Policy same-origin Last-Modified Sun, 23 Jul 2023 00:07:05 GMT X-Permitted-Cross-Domain-Policies master-only ETag "64bc6f29-2a3" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 675 X-XSS-Protection 1; mode=block
GET H2	200	css fonts.googleapis.com/	60 KB 2 KB	608ms 0ms	Stylesheet text/css	2a00:1450:4001:80f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto%20Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Merriweather:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-content/plugins/wp-disable/js/css-lazy-load.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 51ac7c689e6e8bdaf1df38ae8a69f671c2ef48cc3f83ca21453edf87ddf82317 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Tue, 28 May 2024 06:39:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 28 May 2024 06:34:06 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 May 2024 06:39:51 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 4 KB	526ms 0ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-includes/js/jquery/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8215cf53b7729d85b8d00c04f25759e817897c2fe09c54b94413f743c4c786d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 28 May 2024 06:39:51 GMT content-md5 UEl/dKt6hoObBkNG+/2M1A== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1689 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=6, rtx=0, c=15, mss=1294, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=-1 x-fb-debug h/3p+sikBLZNbwR/UPAtourxnma7dZS1xMOmlMXa61Ajr7I0S+oKxwht88aSMgCOUtVC9UYDN/Njo6kDZ20XZQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 c51e2647159bf0ccc2aa21b697b85a0b cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "433a69e7dc39fae8fa04049a8d69ee35" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * expires Tue, 28 May 2024 06:43:24 GMT
GET H2	200	Zyxel-Prophaze-300x157.jpg prophaze.b-cdn.net/wp-content/uploads/2021/07/	10 KB 10 KB	267ms 55ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2021/07/Zyxel-Prophaze-300x157.jpg Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-includes/js/imagesloaded.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash c92384eb2f0d6515eba08b1cedc46d3ed66b6e7f1a4490d27a0660eec37ba68c Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT x-downloadsize 10727 cdn-edgestorageid 1079 x-bo-processingtime 1 cdn-cachedat 05/21/2024 07:01:17 cdn-pullzone 486879 content-length 9894 x-bo-server DE-264 last-modified Mon, 20 May 2024 07:10:15 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 1008 content-type image/webp cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 7.77% cdn-requestid e09631ce93774144db923fe7a3f8af55 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	487ms 0ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-includes/js/jquery/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 658c3743e102acb9742575ae382021f1480d52325368c632f3ea7c7137b1ba01 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Tue, 28 May 2024 06:39:51 GMT
GET H2	200	CVE-2024-35395.jpg prophaze.b-cdn.net/wp-content/uploads/2024/05/	96 KB 97 KB	501ms 290ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2024/05/CVE-2024-35395.jpg Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-includes/js/imagesloaded.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash c170cbaad0e222519850eb546de27068dd1706ccfa08a15380416cacdd423c1b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT x-downloadsize 511240 cdn-edgestorageid 1082 x-bo-processingtime 15 cdn-cachedat 05/28/2024 06:39:50 cdn-pullzone 486879 content-length 98752 x-bo-server DE-136 last-modified Mon, 27 May 2024 10:09:28 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 2376 content-type image/webp cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 80.68% cdn-requestid 03736cdca3f20865b0d4dc8c6fcf8e63 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	CVE-2024-5400.jpg prophaze.b-cdn.net/wp-content/uploads/2024/05/	90 KB 90 KB	267ms 55ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2024/05/CVE-2024-5400.jpg Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-includes/js/imagesloaded.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 42c605fcf4d96296bce4ee5fdd35a2301257a9f125fc5bf98bfe2c3810edb87b Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT x-downloadsize 509116 cdn-edgestorageid 1079 x-bo-processingtime 16 cdn-cachedat 05/28/2024 06:39:50 cdn-pullzone 486879 content-length 91862 x-bo-server DE-266 last-modified Mon, 27 May 2024 10:09:28 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 2242 content-type image/webp cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 81.96% cdn-requestid 66a59def98fe287f1da23234679c3f33 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	CVE-2024-26289.jpg prophaze.b-cdn.net/wp-content/uploads/2024/05/	93 KB 94 KB	501ms 290ms	Image image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://prophaze.b-cdn.net/wp-content/uploads/2024/05/CVE-2024-26289.jpg Requested by Host: prophaze.b-cdn.net URL: https://prophaze.b-cdn.net/wp-includes/js/imagesloaded.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 9a4ab88cd62b0189bd768d58f695a86a6d2d82592af83a7cddcc2ab69886166e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:50 GMT x-downloadsize 503076 cdn-edgestorageid 1081 x-bo-processingtime 13 cdn-cachedat 05/28/2024 06:39:50 cdn-pullzone 486879 content-length 95668 x-bo-server DE-268 last-modified Mon, 27 May 2024 09:48:37 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 2227 content-type image/webp cdn-cache MISS cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 80.98% cdn-requestid 0df101701551a99e41292cfeb7c6a7a4 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	public Show response api.hubspot.com/livechat-public/v1/message/	3 KB 2 KB	358ms 199ms	XHR application/json	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=8418714&conversations-embed=static-1.16462&mobile=false&messagesUtk=e1acc105c6624736a233f8d1ec1373da&traceId=e1acc105c6624736a233f8d1ec1373da Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cff4ebccde289667b597326e6ea5f1e4b11a0109b20bed8b7537ebbe96803d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 X-HubSpot-Messages-Uri https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:52 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c07fa75e-380f-43ea-9353-a783853e4a2d x-envoy-upstream-service-time 95 content-length 1481 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c07fa75e-380f-43ea-9353-a783853e4a2d server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://prophaze.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-pqqjf cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMS8tfnayXb%2FeMSN4pROemm4vzOo6ccTxtPgr7Se5wIou2Ai231ZPsm4wNL4HJHAAjCSsIafrgqyPn1raYwwtOe5cqI7oZfWxt%2BX6K0BG8bcOcjeEZe06%2BpExq%2Bw7MpPuN4A%2F5pCNwv6tfyUvQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 88ac3ffcdb755d9c-FRA access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
OPTIONS H2	200	public api.hubspot.com/livechat-public/v1/message/ Frame	0 0	610ms 116ms	Preflight text/plain	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubspot.com/livechat-public/v1/message/public?portalId=8418714&conversations-embed=static-1.16462&mobile=false&messagesUtk=e1acc105c6624736a233f8d1ec1373da&traceId=e1acc105c6624736a233f8d1ec1373da Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers x-hubspot-messages-uri Access-Control-Request-Method GET Origin https://prophaze.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers access-control-allow-credentials false access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://prophaze.com allow HEAD,GET,OPTIONS cf-cache-status DYNAMIC cf-ray 88ac3ffab95f5d9c-FRA content-length 18 content-type text/plain; charset=utf-8 date Tue, 28 May 2024 06:39:51 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NcimzDRz6Ti6uM1fjrR7LYWJ5wRb7w6aPkBSlSkTPZvMyvIP0UqDr5r5awGSlKaAS9tDT6emEG1LxT05Wevcb8IDRg7OBb5DwAg8godBf%2BpPmoB8HF4YNd0SJuOt425JrCdjei9uAaEUr9%2F8IA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding x-content-type-options nosniff x-envoy-upstream-service-time 4 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-k9jtd x-evy-trace-virtual-host all x-hubspot-correlation-id 14f0ce91-1eb3-4df2-9597-948289455c9d x-request-id 14f0ce91-1eb3-4df2-9597-948289455c9d
GET H2	200	json Show response forms.hscollectedforms.net/collected-forms/v1/config/	134 B 448 B	416ms 66ms	XHR application/json	2606:4700::6810:6ffe CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=8418714&utk= Requested by Host: js.hscollectedforms.net URL: https://js.hscollectedforms.net/collectedforms.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:6ffe , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2e4b7e886b6ac1d881d013c818867027c05acfea7b4f2e3520df01a9b7701bed Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept application/json, text/plain, */* Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT content-encoding br x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 12b7400b-1e1e-4232-8e24-e78ce007043d x-envoy-upstream-service-time 12 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 12b7400b-1e1e-4232-8e24-e78ce007043d server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://prophaze.com x-evy-trace-virtual-host all cache-control max-age=0 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-sc4vs access-control-max-age 180 x-robots-tag none access-control-allow-headers * cf-ray 88ac3ffb19941b9f-FRA
GET H2	200	json Show response api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/	180 B 1 KB	519ms 94ms	XHR application/json	2606:4700::6812:f46c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=8418714 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c79a30df46a34de2840044f697f0c607a3c5ed83c1368c9f9fed985304d11ecc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c50a82cd-44d7-49b2-bac7-c0c3a48ff86f content-encoding br x-envoy-upstream-service-time 13 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c50a82cd-44d7-49b2-bac7-c0c3a48ff86f server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 access-control-allow-origin https://prophaze.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-j8hrk access-control-max-age 180 access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FoFrs1khTnRCw6H6yLEs4hdAs5Hlx1dhjSoSsyMapZ%2BX871BUjCPFOoRJcEJW0B7zxHo%2BSipMIbI2azsFX8rU8txI1CZIJs%2BI9jy38jGOy1oAw7j8daf%2Bu%2FM%2BZAIWjMfm%2B9eCNLVh52pkff4"}],"group":"cf-nel","max_age":604800} cf-ray 88ac3ffbe9912c2b-FRA access-control-allow-headers *
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	166ms 74ms	Image image/gif	142.250.184.196 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51873533-1&cid=600904966.1716878390&jid=270550859&_u=IEBAAEAAAAAAACAAI~&z=82254267 Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 28 May 2024 06:39:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	188ms 72ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-51873533-1&cid=600904966.1716878390&jid=270550859&_u=IEBAAEAAAAAAACAAI~&z=82254267 Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 28 May 2024 06:39:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	289ms 0ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto%20Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Merriweather:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 02:42:57 GMT x-content-type-options nosniff age 446214 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 May 2025 02:42:57 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	290ms 0ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto%20Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Merriweather:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 02:44:31 GMT x-content-type-options nosniff age 446120 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 May 2025 02:44:31 GMT
GET H2	200	u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 fonts.gstatic.com/s/merriweather/v30/	19 KB 20 KB	220ms 0ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto%20Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Merriweather:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 02:47:41 GMT x-content-type-options nosniff age 445930 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19740 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:38 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 May 2025 02:47:41 GMT
GET H2	200	u-440qyriQwlOrhSvowK_l5-fCZM.woff2 fonts.gstatic.com/s/merriweather/v30/	20 KB 20 KB	229ms 0ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto%20Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Merriweather:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 23 May 2024 02:58:07 GMT x-content-type-options nosniff age 445304 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20028 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:41:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 May 2025 02:58:07 GMT
GET H2	200	KFOkCnqEu92Fr1Mu51xIIzI.woff2 fonts.gstatic.com/s/roboto/v30/	17 KB 17 KB	230ms 0ms	Font font/woff2	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto%20Slab:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Merriweather:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=auto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://fonts.googleapis.com/ Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 04:13:04 GMT x-content-type-options nosniff age 8807 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17368 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 May 2025 04:13:04 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	299 KB 86 KB	104ms 44ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=e87432935d1c6ebf5df8b4fc39663e35 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash c17e4b19e4ba1565a909b39050096d65035903a2c6270c9bcf62c941615f817d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 28 May 2024 06:39:51 GMT content-md5 ORzCKEf2Csfvt3MZZbSEfg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87618 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4597, tp=11, tpl=0, uplat=1, ullat=-1 x-fb-debug GkLrPsZFqU1ZvPJKZo06eH0RSmBTy/IYtfczenzUxjMw4QKGj6TkGxXlUIah4lcPcL3yLiQeWwIOhHjXucrD6w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 6ee7aebcc72a6283d6568706dc6cc721 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "1ebbab849f76a4ae4fab1e14154b0f59" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * priority u=3,i expires Wed, 28 May 2025 06:00:04 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/bc657243/www-widgetapi.vflset/	42 KB 14 KB	131ms 0ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/bc657243/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fb0d349ee03cd9050679f9a9ba37a1062086645c1adb782dfd0d78152222ea6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 05:34:23 GMT content-encoding br x-content-type-options nosniff age 3928 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13986 x-xss-protection 0 last-modified Wed, 22 May 2024 04:17:26 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 28 May 2025 05:34:23 GMT
GET H/1.1	200 OK	fa-brands-400.woff2 prophaze.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/	75 KB 75 KB	1232ms 1180ms	Font application/octet-stream	43.204.233.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prophaze.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 Requested by Host: prophaze.com URL: https://prophaze.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 43.204.233.120 Mumbai, India, ASN16509 (AMAZON-02, US), Reverse DNS ec2-43-204-233-120.ap-south-1.compute.amazonaws.com Software / Resource Hash 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://prophaze.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css Origin https://prophaze.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Tue, 28 May 2024 06:39:52 GMT X-Content-Type-Options nosniff Referrer-Policy same-origin Last-Modified Sun, 23 Jul 2023 00:07:05 GMT X-Permitted-Cross-Domain-Policies master-only ETag "64bc6f29-12bdc" Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes Content-Length 76764 X-XSS-Protection 1; mode=block
POST H2	204	collect region1.analytics.google.com/g/	0 243 B	292ms 0ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-QZ6EVPX2B1&gtm=45je45m0v9125666450za200&_p=1716878390595&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&ul=de-de&sr=1600x1200&cid=600904966.1716878390&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&dt=Tracking%20Down%20New%20Wordpress%20Popup%20Injection%20Malware%20-%20Cloud%20WAF&sid=1716878391&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7896 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QZ6EVPX2B1&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 28 May 2024 06:39:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prophaze.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 47 B	143ms 0ms	Ping text/plain	2a00:1450:400c:c06::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QZ6EVPX2B1&cid=600904966.1716878390&gtm=45je45m0v9125666450za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QZ6EVPX2B1&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 28 May 2024 06:39:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://prophaze.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	162ms 102ms	Image image/gif	172.217.18.3 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QZ6EVPX2B1&cid=600904966.1716878390&gtm=45je45m0v9125666450za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0&z=1989073034 Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.3 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s22-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Tue, 28 May 2024 06:39:51 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 884 B	402ms 314ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2 Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:52 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c54aff65-948e-4e10-a560-43ebc2828869 x-envoy-upstream-service-time 4 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id c54aff65-948e-4e10-a560-43ebc2828869 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-xkc98 access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 88ac3ffc6d282bd5-FRA
GET H2	200	xlRzl9qHhFI www.youtube.com/embed/ Frame 0162	0 0	463ms 75ms	Document text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/xlRzl9qHhFI?controls=1&rel=0&playsinline=0&modestbranding=0&autoplay=0&enablejsapi=1&origin=https%3A%2F%2Fprophaze.com&widgetid=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/bc657243/www-widgetapi.vflset/www-widgetapi.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://prophaze.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding br content-type text/html; charset=utf-8 cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" cross-origin-resource-policy cross-origin date Tue, 28 May 2024 06:39:52 GMT expires Mon, 01 Jan 1990 00:00:00 GMT origin-trial AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info." permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* pragma no-cache report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} server ESF strict-transport-security max-age=31536000 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-content-type-options nosniff x-xss-protection 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	234 KB 84 KB	106ms 11ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-785725291 Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 9a6ffb55f9b337d8a64d7df3cf827896d22e5fec2125710539e495a172a63d1b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85687 x-xss-protection 0 last-modified Tue, 28 May 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 28 May 2024 06:39:51 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	234 KB 84 KB	122ms 28ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-785725291&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-QZ6EVPX2B1&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a6073b2660354f46e4bfb1f34ee8b7a7a65ddb32a6183e65263fdfdbfbc9a5e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 85749 x-xss-protection 0 last-modified Tue, 28 May 2024 06:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 28 May 2024 06:39:51 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 17 KB	153ms 7ms	Script application/javascript	2a02:26f0:3500:16::215:148b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: js.hsadspixel.net URL: https://js.hsadspixel.net/fb.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 May 2024 17:20:18 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=12938 accept-ranges bytes content-length 16683
GET H3	200	like.php web.facebook.com/v2.10/plugins/ Frame 3D51	0 0	74ms 39ms	Document text/html	157.240.252.10 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://web.facebook.com/v2.10/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfe70ec5feee7012e4%26domain%3Dprophaze.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprophaze.com%252Ff7a89819630a869cd%26relation%3Dparent.parent&color_scheme=dark&container_width=757&href=https%3A%2F%2Fprophaze.com%2F%3Fp%3D7729&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=false&size=small Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=e87432935d1c6ebf5df8b4fc39663e35 Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.10 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-shv-01-fra3.facebook.com Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html;charset=utf-8 cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" date Tue, 28 May 2024 06:39:51 GMT expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache priority u=0,i report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/web.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} reporting-endpoints coop_report="https://web.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://web.facebook.com/browser_reporting/coep/?minimize=0", default="https://web.facebook.com/ajax/browser_error_reports/?device_level=unknown" x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4362, tp=10, tpl=0, uplat=29, ullat=0 x-fb-debug tKbyavIbB0er5fdbMpPpRtKveC+Z2psJTzYK8IypESXZooIIZ12k9takRUwr3tNvmVjtd1LWvhJqKhuAW3MH8Q== x-xss-protection 0
GET H2	200	page.php www.facebook.com/v2.10/plugins/ Frame 2A5E Redirect Chain https://web.facebook.com/v2.10/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7cdcc6efaab35b7%26domain%3Dprophaze.com%26i... https://www.facebook.com/v2.10/plugins/page.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7cdcc6efaab35b7%26domain%3Dprophaze.com%26is...	0 0	381ms 189ms	Document text/html	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v2.10/plugins/page.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7cdcc6efaab35b7%26domain%3Dprophaze.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprophaze.com%252Ff7a89819630a869cd%26relation%3Dparent.parent&container_width=313&height=220&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fprophazetech&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs&width=500px&_rdc=1&_rdr Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js?hash=e87432935d1c6ebf5df8b4fc39663e35 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding zstd content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy unsafe-none;report-to="coop_report" cross-origin-resource-policy cross-origin date Tue, 28 May 2024 06:39:52 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v13.0 origin-agent-cluster ?0 permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" pragma no-cache report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1294, tbw=2779, tp=-1, tpl=-1, uplat=172, ullat=0 x-fb-debug 7L/mHTr0dNgmabI5Z5vE8FIaN5ONhG3TenhQgyW+S0VfpUMDWmFejVaPHOH7Xd5F5k//EsGJvWnthzXa6g+dcQ== x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=86400 content-length 0 content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none;report-to="coop_report" date Tue, 28 May 2024 06:39:52 GMT location https://www.facebook.com/v2.10/plugins/page.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff7cdcc6efaab35b7%26domain%3Dprophaze.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fprophaze.com%252Ff7a89819630a869cd%26relation%3Dparent.parent&container_width=313&height=220&hide_cover=false&hide_cta=false&href=https%3A%2F%2Fwww.facebook.com%2Fprophazetech&locale=en_US&sdk=joey&show_facepile=true&small_header=false&tabs&width=500px&_rdc=1&_rdr origin-agent-cluster ?0 priority u=0,i report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/web.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true} reporting-endpoints coop_report="https://web.facebook.com/browser_reporting/coop/?minimize=0" strict-transport-security max-age=15552000; preload x-fb-connection-quality EXCELLENT; q=0.9, rtt=9, rtx=0, c=25, mss=1232, tbw=6810, tp=13, tpl=0, uplat=206, ullat=0 x-fb-debug lEcEUPi6l9RbPQQjD3H071WCRDRUtsNqDM4tspxJroa2dXPGpB19BVYHRk28YnDir2cg7FlGD2F6aurpI4/CHA== x-fb-zr-redirect 02|1716964791|
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 1 KB	300ms 191ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=3199476&time=1716878391980&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept * Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:51 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-cache CONFIG_NOCACHE x-li-uuid AAYZfeawFsPqGVn4j2EU8g== x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 7766D859909148808615A351F1C54242 Ref B: FRAEDGE1415 Ref C: 2024-05-28T06:39:52Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-lor1 access-control-allow-origin * report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-fs-uuid 0006197de6b016c3ea1959f88f6114f2
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3199476&time=1716878391980&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3199476&time=1716878391980&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&e_i...	0 265 B	318ms 134ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3199476&time=1716878391980&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&e_ipv6=AQJ3y4iKXMOqcQAAAY-97TtLFX8fi7Uq7ilLtij-snLADg0LUuY5PXHNcirS4k0b Requested by Host: prophaze.com URL: https://prophaze.com/web-application-firewall/tracking-down-new-wordpress-popup-injection-malware/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Response headers date Tue, 28 May 2024 06:39:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: B4B1DE5E74734F0194E60C121631F935 Ref B: DUS30EDGE0316 Ref C: 2024-05-28T06:39:52Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYZfeaz2sjfCD2owDQUUA== Redirect headers date Tue, 28 May 2024 06:39:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 701695C3965F424DA564512F0701E21B Ref B: FRAEDGE1808 Ref C: 2024-05-28T06:39:52Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3199476&time=1716878391980&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&e_ipv6=AQJ3y4iKXMOqcQAAAY-97TtLFX8fi7Uq7ilLtij-snLADg0LUuY5PXHNcirS4k0b x-li-proto http/2 content-length 0 x-li-uuid AAYZfeavg6r6FL3mSv1kFQ==
GET H2	200	e1acc105c6624736a233f8d1ec1373da app.hubspot.com/conversations-visitor/8418714/threads/utk/ Frame 34D1	0 0	361ms 187ms	Document text/html	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/conversations-visitor/8418714/threads/utk/e1acc105c6624736a233f8d1ec1373da?uuid=77badd25636e488e89b6f053cb5fb489&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=prophaze.com&inApp53=false&messagesUtk=e1acc105c6624736a233f8d1ec1373da&url=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=false&hideScrollToButton=true Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options no-sniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials false age 589 cache-control max-age=600 cache-tag staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod cf-cache-status DYNAMIC cf-ray 88ac40005ebb4d68-FRA content-encoding gzip content-security-policy-report-only script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18914/html/index.html&cfRay=88ac40005ebb4d68&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F8418714%2Fthreads%2Futk%2Fe1acc105c6624736a233f8d1ec1373da%3Fuuid%3D77badd25636e488e89b6f053cb5fb489%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dprophaze.com%26inApp53%3Dfalse%26messagesUtk%3De1acc105c6624736a233f8d1ec1373da%26url%3Dhttps%253A%252F%252Fprophaze.com%252Fweb-application-firewall%252Ftracking-down-new-wordpress-popup-injection-malware%252F%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse%26hideScrollToButton%3Dtrue&referrer=&cfenv=prod&pdt=2024-05-28&csp=ro content-type text/html; charset=utf-8 date Tue, 28 May 2024 06:39:52 GMT etag W/"57088aa078c704b74829bceda9089b8e" last-modified Thu, 23 May 2024 14:37:23 UTC report-to {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} reporting-endpoints default="https://send.hsbrowserreports.com/csp/reports?cfRay=88ac40005ebb4d68&resource=conversations-visitor-ui/static-1.18914/html/index.html" server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding via 1.1 16df6ade68382d048f8aad1f7e39da28.cloudfront.net (CloudFront) x-amz-cf-id 1s5_zgqGnR6F-pmNi44bFVmG5srbVfIKPl3tQM-clincxf4ZdRi3hQ== x-amz-cf-pop IAD12-P3 x-amz-replication-status COMPLETED x-amz-server-side-encryption AES256 x-amz-version-id vE91Sm5P_U5n4F3mU_O6sLhYDfZeYu1v x-cache Hit from cloudfront x-content-type-options no-sniff x-envoy-upstream-service-time 6 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-r5jtt x-evy-trace-virtual-host all x-hs-cache-status MISS x-hs-target-asset conversations-visitor-ui/static-1.18914/html/index.html x-hs-worker-debug-mode false x-hubspot-correlation-id 3763de5d-f880-49ab-8068-8cbcfeff481e x-request-id 3763de5d-f880-49ab-8068-8cbcfeff481e
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 191 B	212ms 106ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:52 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 2F932526C81E4128AEF32E919F15105E Ref B: FRAEDGE1808 Ref C: 2024-05-28T06:39:52Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://prophaze.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYZfea3mId6G9XbDdO2WQ==
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	173ms 139ms	Image image/gif	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=1608735010&v=1.1&a=8418714&ct=blog-post&rcu=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&pu=https%3A%2F%2Fprophaze.com%2Fweb-application-firewall%2Ftracking-down-new-wordpress-popup-injection-malware%2F&t=Tracking+Down+New+Wordpress+Popup+Injection+Malware+-+Cloud+WAF&cts=1716878393615&vi=04209055af2dede688e7877e2de2fb84&nc=true&u=113089947.04209055af2dede688e7877e2de2fb84.1716878393612.1716878393612.1716878393612.1&b=113089947.1.1716878393612&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:53 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5c138456-a4f3-483f-9011-6621b23a41fb p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 15 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5c138456-a4f3-483f-9011-6621b23a41fb server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FBeSNWzFnI44O%2Bj%2BlHl5ghqLSnYwKYBVxk2Xr%2BUmisLoxLfvHU%2FmRDqNqJUy4F7M4VbDszHmCfpt9Q1uWwfuFN79%2FK5ERanwRqHPDUBWuxtO96bRBMIBQPKkhDARBX8Hf%2BBZBbDW%2B8oUqPfr535i"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-c67ms x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 88ac400859f81d8e-FRA x-robots-tag none
GET H2	200	cropped-LOGO-PROPHAZE-1-1-32x32.png prophaze.b-cdn.net/wp-content/uploads/2021/07/	852 B 1 KB	24ms 23ms	Other image/webp	2400:52e0:1e00::1080:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://prophaze.b-cdn.net/wp-content/uploads/2021/07/cropped-LOGO-PROPHAZE-1-1-32x32.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-DE1-1080 / Resource Hash 5676132c659af22f2bc5cfbfba593a73abaebcab7209c559a60f1c45db3766ff Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 28 May 2024 06:39:53 GMT x-downloadsize 1576 cdn-edgestorageid 1079 x-bo-processingtime 0 cdn-cachedat 04/28/2024 14:43:15 cdn-pullzone 486879 content-length 852 x-bo-server DE-264 last-modified Tue, 23 Apr 2024 06:20:24 GMT server BunnyCDN-DE1-1080 cdn-proxyver 1.04 cdn-requestpullcode 200 x-bo-origindownloadtime 1540 content-type image/webp cdn-cache HIT cdn-uid 25cf7e6d-9d49-4508-8ef7-2d9809de5c69 cache-control public, max-age=2592000 x-bo-compressionratio 45.94% cdn-requestid eaf09977d787d96014bb7e1602050cb5 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google.com

URL

https://www.google.com/recaptcha/api.js?render=6LdWs6UUAAAAAMDzbyrusu-8igRC3DjOLBkbbp_5&ver=3.0