blog.wpscan.com Open in urlscan Pro
192.0.78.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
Submission: On October 17 via api (October 17th 2023, 2:09:27 am UTC) from TR — Scanned from DE

Summary HTTP 57 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 4 domains to perform 57 HTTP transactions. The main IP is 192.0.78.164, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is blog.wpscan.com.
TLS certificate: Issued by R3 on September 13th 2023. Valid for: 3 months.

This is the only time blog.wpscan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	192.0.78.164 192.0.78.164	2635 (AUTOMATTIC) (AUTOMATTIC)
16	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.33 192.0.78.33	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.23 192.0.78.23	2635 (AUTOMATTIC) (AUTOMATTIC)
57	8

29 192.0.78.164 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.wpscan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

fonts-api.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.33 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

jetpack.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.23 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

public-api.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	wpscan.com blog.wpscan.com	435 KB
20	wp.com fonts-api.wp.com — Cisco Umbrella Rank: 17404 i0.wp.com — Cisco Umbrella Rank: 4163 s0.wp.com — Cisco Umbrella Rank: 8417 stats.wp.com — Cisco Umbrella Rank: 3047 fonts.wp.com — Cisco Umbrella Rank: 18381 widgets.wp.com — Cisco Umbrella Rank: 12452 pixel.wp.com — Cisco Umbrella Rank: 2968	149 KB
4	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2418 0.gravatar.com — Cisco Umbrella Rank: 8873	11 KB
2	wordpress.com jetpack.wordpress.com — Cisco Umbrella Rank: 15750 public-api.wordpress.com — Cisco Umbrella Rank: 9647	10 KB
57	4

	Domain	Requested by
29	blog.wpscan.com	blog.wpscan.com
9	s0.wp.com	blog.wpscan.com widgets.wp.com jetpack.wordpress.com public-api.wordpress.com
4	fonts.wp.com	fonts-api.wp.com
3	0.gravatar.com	secure.gravatar.com jetpack.wordpress.com 0.gravatar.com
2	pixel.wp.com	blog.wpscan.com
2	fonts-api.wp.com	blog.wpscan.com
1	public-api.wordpress.com	s0.wp.com
1	widgets.wp.com	blog.wpscan.com
1	jetpack.wordpress.com	blog.wpscan.com
1	stats.wp.com	blog.wpscan.com
1	secure.gravatar.com	blog.wpscan.com
1	i0.wp.com	blog.wpscan.com
57	12

This site contains links to these domains. Also see Links.

Domain
cve.mitre.org
wpscan.com
www.first.org
jetpack.com

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2023-09-13` - `2023-12-12`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.wordpress.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
Frame ID: F8DD34851F2632348E08442B42770EAD
Requests: 46 HTTP requests in this frame

Frame: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63
Frame ID: 94F485116764750B16CC127B782E476F
Requests: 9 HTTP requests in this frame

Frame: https://widgets.wp.com/likes/master.html?ver=202342
Frame ID: DABB4682B41D79B4F6A025C94A11C083
Requests: 3 HTTP requests in this frame

Frame: https://public-api.wordpress.com/wp-admin/rest-proxy/
Frame ID: 12D1FA7CC5EA77BD85FD9E21125CB6D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Unauthenticated File Upload Vulnerability Addressed in Royal Elementor Addons and Templates 1.3.79 - WPScan WordPress Security

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

57
Requests

96 %
HTTPS

14 %
IPv6

4
Domains

12
Subdomains

8
IPs

2
Countries

611 kB
Transfer

2075 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5360
Title: CVE-2023-5360

Search URL Search Domain Scan URL

URL: https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34/
Title: https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34/

Search URL Search Domain Scan URL

URL: https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Title: 10.0

Search URL Search Domain Scan URL

URL: https://jetpack.com/features/security/
Title: Jetpack Security

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/ 78 KB
21 KB 686ms
620ms Document
text/html 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

37789b9463d6b983f30fb771580a89ef59d205f66a684e2b18e8f9eea77283f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=300, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 02:09:21 GMT
host-header: WordPress.com
last-modified: Tue, 17 Oct 2023 02:09:21 GMT
link: <https://blog.wpscan.com/wp-json/>; rel="https://api.w.org/" <https://blog.wpscan.com/wp-json/wp/v2/posts/1512>; rel="alternate"; type="application/json" <https://wp.me/pdcgQG-oo>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding accept, content-type, cookie
x-ac: 2.hhn _atomic_ams BYPASS
x-hacker: Want root? Visit join.a8c.com and mention this header.
x-nananana: Batcache-Set

GET
H2 200 /
blog.wpscan.com/_jb_static/ 848 KB
122 KB 186ms
184ms Stylesheet
text/css 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJydU9FuwjAM/Js9LWRMgmkPaC9I+4B9AHITLzVNkypOYf37uUARMLWgPTV27q7nc7tvlIkhY8i68a2jwNq1UhaYnC5a8lYXPppKeSoSpE5z7jzODPPz/i/VQxfbrFwiew2kYHxrkfWWdY2WAD3WPfOyaISOSXl0YLpZTeEuW+4u60vOrTUTD3OwtsT5aE4NPTX/Fwt/BMsUA4/Rb6M0sW5iEARP53h+7XnyNTYYLAZDUnzGNVjb6a9eg0/aHjJyHlPcYm7AVLqOtu05niocMZFLCVPuEK3H/BBGbMouZDo1OdZg4vTc7GSkmDS0OdaQM5nhRjFCMqXmJLpkHUpgoqmPbXVsqe900Ldj5hpBlwhW7yARFDL240hlIVV34ZPZnFEBduQgy4fy6Ha4hIT2sOP+SMHdY276FXA0BF756CJfFVM/xqDQ53s699CPejVfvr+9LF4Xy+WTKVbzX/sKmM8=

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

181ef29887c4cfd83795d80626ebc2b5e159fc627c7d41597092646ad3527cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"cef1d1a5a93fa3c5592dfbce4c91517c"
vary: Accept-Encoding, Cookie
content-type: text/css;charset=utf-8
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 print.css
blog.wpscan.com/wp-content/themes/seedlet/assets/css/ 4 KB
1 KB 158ms
156ms Stylesheet
text/css 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/themes/seedlet/assets/css/print.css?m=1603804565

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

96f2da12c025e217eabfa01ae7ccbc6d77b593da8795b4a266d35280d89215d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 27 Oct 2020 13:16:05 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"5f981d95-f34"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dashicons.min.css
blog.wpscan.com/wp-includes/css/ 58 KB
35 KB 285ms
284ms Stylesheet
text/css 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-includes/css/dashicons.min.css?ver=6.3.2

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"603ffca6-e688"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts-api.wp.com/ 11 KB
1 KB 110ms
41ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts-api.wp.com/css?family=Fira+Sans%3Aital%2Cwght%400%2C400%3B0%2C500%3B1%2C400%7CPlayfair+Display%3Aital%2Cwght%400%2C400%3B0%2C700%3B1%2C400&subset=latin%2Clatin-ext

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

cf3b7fc1bf1c6cacd9f0a3129726f06d283879ea9eaec98af09232e71543adc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
x-nc: BYPASS hhn 2
last-modified: Tue, 17 Oct 2023 00:36:56 GMT
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 css2
fonts-api.wp.com/ 11 KB
1 KB 115ms
46ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts-api.wp.com/css2?family=Libre+Franklin:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=IBM+Plex+Mono:wght@400;700&display=swap

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2425528f81ecc3d4fa8d5328e623743c92d2c2c699aa4a89dcb8b9e75c06aad8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
x-xss-protection: 0
x-nc: BYPASS hhn 2
last-modified: Tue, 17 Oct 2023 02:09:21 GMT
server: nginx
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 30 KB
11 KB 164ms
163ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJyNzb0OQDAUQOG3ManGgBoaz0J7yW36l9vSeHsGg0Vi/05OiQy9sruGxE3iGlPmB3gdiJfIYrDnitbeBig3Dn1jUl2+G4INbjrnQIx2n9HBj+p1evTkZNuLQQyd6MZKLbK9AGFrPiA=

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dd8a1654dae6031222f2bd26cfe7d4130b967175ad59817f89e12e5cfa0be7b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Tue, 27 Jun 2023 14:24:19 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"e6fa617229673a8cd840fdaef05c9b64"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 react.min.js Show response
blog.wpscan.com/wp-content/plugins/gutenberg/build/vendors/ 10 KB
4 KB 159ms
157ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/gutenberg/build/vendors/react.min.js?ver=18

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a851ac2edc584a3b08c0a057bb2d0c08ac95c4de2cc453e22a2c83305cce3694

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 21 Dec 2022 17:24:44 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"63a3415c-2884"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 27 KB
9 KB 182ms
179ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJydzMsOwiAQheG3cSXFmhTjovFZuIw4FmYIDKnx6e3WlanLkz/fWYvyTAIkuqQekZqOfZsOatSuYwraduGikQK8how0PNtx/a1cYvcP8otqUNEmfFtBJhXgbnsSVWzdwu7LB/PSdqsApYK3AmE/5fxlbnkezfVyms6TMQfv5vEDQI+MRQ==

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

f11700b6abea83acfdc10fcd06b75704fc86a251e4b720125c9e02506f2a3726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"d905ebf4ecdcb31a0c9049ce5cb27877"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 react-dom.min.js Show response
blog.wpscan.com/wp-content/plugins/gutenberg/build/vendors/ 126 KB
42 KB 300ms
298ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/gutenberg/build/vendors/react-dom.min.js?ver=18

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

dbba6c1c59954873629e196b8009f0a8256e66d755f889cf6c8ac4f1164d10c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 14 Jun 2023 12:06:14 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6489ad36-1f878"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 14 KB
6 KB 174ms
172ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJyVjUEOgjAQAH/jybJCQo0H4lvasilrtkt125Tno0dueJxMJtOyCasUlAKZayRRiPWLHj8RfCWeATW4jGYpiYFkxq1LJN1Lr+1Ey5h+/t+O1OjimNdm8F3dcfxMU28f99s4jNZegp/6HYVcSVs=

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5a72818cfa74e5ea7f2b573b1ec52ae09539f5d29e7f888e37b06f6df738a9b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"70b4a52b830e4021a7fab27b60a3ac49"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 index.min.js Show response
blog.wpscan.com/wp-content/plugins/gutenberg/build/i18n/ 9 KB
4 KB 166ms
164ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/gutenberg/build/i18n/index.min.js?ver=f5a63315d8d2f363ce59

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9ddaa48947691f4edbd85d83e34061cdf5eaabf0b10b59b3922d95233b8950ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6526f796-23b2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 index.min.js Show response
blog.wpscan.com/wp-content/plugins/gutenberg/build/keycodes/ 4 KB
2 KB 165ms
163ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/gutenberg/build/keycodes/index.min.js?ver=8030aaaf7773139022ac

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c506955486d1c56997b4f43122dee131bb3d8331331822506eb841c2a116b439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6526f796-1088"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 52 KB
17 KB 189ms
187ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJyVzTEOwjAMQNHbMJGGIjWIoeIsTWJFRo0THJuW29O1U9XxD09/qSYUEiCxddaE1GzSLT1wsl5xjrYyFkb5mY+CgkWKsHYZqXu363LMQ8m1tPNu234nATNVbKcxQ9TVcFFB2q9feezd83Eb7oNzl+DH/g/aOmFg

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2109deb16b0b4f004df7bc39c54c80d71fe824c86439903238f2e2c09488c31b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"6973deb6010e66774502c6c5f1023d55"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 index.min.js Show response
blog.wpscan.com/wp-content/plugins/gutenberg/build/data/ 26 KB
9 KB 183ms
181ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/gutenberg/build/data/index.min.js?ver=9855a0f7bc9043bd90fe

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7f58942bd0934177b36584e0b032962db761bdf9fcd2ddca6792beb33162cf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6526f796-68d9"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 4 KB
2 KB 187ms
186ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJyFyzEOgCAMQNHbOIlVEzAOxrsADdZAMVKix9fVyfEn/12HcpkFWeCINRAXCPVNi2cAWyl62CRF9Q4khAWIPd5dIu720l7/umz5FJc9fuSalsHMU69HbUzj7DI8PNYyWA==

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

bcf1c6ec021a410037904996737e24a187e498715661986261edd2e8579b4873

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"08dce870dea87b8dd7bc8251db77654e"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 index.min.js Show response
blog.wpscan.com/wp-content/plugins/gutenberg/build/blocks/ 163 KB
51 KB 184ms
182ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/gutenberg/build/blocks/index.min.js?ver=57e94d9cfe18d4dff19a

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6d67d5437efcaeb86333f29af323a4f6ee186f8e9704c06416e1e17161293311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6526f796-28a56"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cropped-wpscan-avatar-transparent.png
i0.wp.com/blog.wpscan.com/wp-content/uploads/2022/02/ 2 KB
2 KB 85ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/blog.wpscan.com/wp-content/uploads/2022/02/cropped-wpscan-avatar-transparent.png?w=240&ssl=1

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

27006ef8b518c425fe38cb7edfe82df352c92e706fa577f5304901466b69f703

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 17 Oct 2023 02:09:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 14 Feb 2022 23:36:38 GMT
server: nginx
etag: "48f2d3ca06015c90"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://blog.wpscan.com/wp-content/uploads/2022/02/cropped-wpscan-avatar-transparent.png>; rel="canonical"
content-length: 2008
expires: Thu, 15 Feb 2024 11:36:38 GMT

GET
H2 200 bilmur.min.js Show response
s0.wp.com/wp-content/js/ 7 KB
3 KB 35ms
20ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/bilmur.min.js?m=202342
Requested by: Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: e0f724e7902c0b2186d8395984c312696dc8be9ae0c187792f032fb0955fcf9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw MISS
last-modified: Thu, 29 Jun 2023 15:07:20 GMT
server: nginx
etag: W/"649d9e28-1bf2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 15 Oct 2024 00:00:01 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 29 KB
11 KB 195ms
193ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJwrL9BNzs8rSc0r0S/IKU3PzCvWL67MK0msyMhMz8gB4pLUIkwRY/3i5KLMghKg4gzn/KJUvaxinXKKTXIqKi3OCMgoAJpmn2traGZqZG5samZmrpacZGsIAEJLQEY=

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

82efa5ebcafe210348241ac49249149b0a159641842881ddbf069518060e224d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Mon, 16 May 2022 21:14:27 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"5c301eed8543033e370c5bd7672acfc0"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 thickbox.css
blog.wpscan.com/wp-includes/js/thickbox/ 3 KB
1 KB 182ms
181ms Stylesheet
text/css 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-includes/js/thickbox/thickbox.css?m=1603679109

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:21 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 26 Oct 2020 02:25:09 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"5f963385-a63"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 25 KB
8 KB 167ms
166ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJyVjksOwjAMRG/DihAq1IhNxVFQ6kSV08SJapcITs+nKizYwGpkj994alGQSTyJLnEekFgHL8XCuOr54snlSdtZcrIiCKujMNnBK3CkHbLo97gLvK3fwZD7mGHk5Tp8FsrSgxXMP5NLJ9aCdFVcsfjp76dPdkEVEgraiLdXzCl1jTkeWtPujdlA3zV3RPRvDw==

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c6eabf851fcaa8822cdfec99a84a52966bdea05fe3ae4970db03c53b50bb6230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Mon, 08 May 2023 16:57:46 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"615fb1360f4e3484625ce031ea4e7aeb"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 13 KB
5 KB 75ms
20ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.gravatar.com/js/gprofiles.js?ver=202342

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

aeb24331352c11f5446dd670d75325a3c4e3b8a6bd7f92ee1c88f8b8636d4d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
last-modified: Tue, 15 Aug 2023 17:32:05 GMT
server: nginx
etag: W/"64dbb695-32aa"
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 24 Oct 2023 02:09:22 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 8 KB
3 KB 165ms
165ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??wp-content/plugins/jetpack/modules/wpgroho.js,wp-includes/js/comment-reply.min.js,wp-content/themes/seedlet/assets/js/primary-navigation.js?m=1649448438&cb=1

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

32819a89311ae2e027b8ad82d6b1489ecdcbcab34dc1880d5fe97663325cd266

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"c9645319756d99d9d3f6db6333f69f32"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 search-widget.js Show response
blog.wpscan.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/src/widgets/js/ 1 KB
898 B 157ms
157ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/jetpack/jetpack_vendor/automattic/jetpack-search/src/widgets/js/search-widget.js?minify=false&ver=1645029952

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5cdb1cad298e924cb4a212a8884ff50f3edc8a98ac8ad80d76d9de8eb16be69e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 16 Feb 2022 16:45:52 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"620d2a40-5d0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 queuehandler.min.js Show response
blog.wpscan.com/wp-content/plugins/jetpack/_inc/build/likes/ 6 KB
2 KB 160ms
158ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/jetpack/_inc/build/likes/queuehandler.min.js?m=1694471420

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8426d756ed594ad34a87dd4c16f2abbea33c2967d67698dbb17577d085aabb1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 11 Sep 2023 22:30:20 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"64ff94fc-17ca"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 e-202342.js Show response
stats.wp.com/ 7 KB
3 KB 74ms
21ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202342.js
Requested by: Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/13576-1684460848292.3706
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Mon, 14 Oct 2024 06:44:06 GMT

GET
H2 200 akismet-frontend.js Show response
blog.wpscan.com/wp-content/plugins/akismet/_inc/ 10 KB
3 KB 164ms
163ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/akismet/_inc/akismet-frontend.js?m=1666634240

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 24 Oct 2022 17:57:20 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6356d200-29ed"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
blog.wpscan.com/wp-includes/js/jquery/ 85 KB
31 KB 164ms
163ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6470990f-155ba"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
blog.wpscan.com/_jb_static/ 30 KB
11 KB 167ms
166ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/_jb_static/??-eJxdjcsKwkAMRf/GlW2s0IqL4qfITCaMaeflPGz7986iiAqBmwvnJEto2KEpihJMdZ6F4rZHY1lHkam17NopHZdfNj8YZ+nXz7Iz6F0mlyGYotkl0KVWSVGDLGwUKG+bSEJtwE7R+nX935woB4Ez3OtbkMbjnCAVmTByyOwr8WJaqnyzYzdcL6f+3A/DAeXYvQEUPFB+

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6f49b91306b4d9571d8e27641cdb8efe175cbc2f7eb91b1aa83523c886905d13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nananana: Batcache-Hit
date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com and mention this header.
last-modified: Wed, 11 Oct 2023 19:29:26 GMT
server: nginx
content-encoding: br
x-page-optimize: uncached
etag: W/"f0187648b6d1fd43e4fd50c64c7bd760"
vary: Accept-Encoding, Cookie
content-type: application/javascript
x-ac: 2.hhn _atomic_ams BYPASS
cache-control: max-age=31536000
host-header: WordPress.com

GET
H2 200 sharing.min.js Show response
blog.wpscan.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/ 9 KB
3 KB 165ms
164ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/jetpack/_inc/build/sharedaddy/sharing.min.js?ver=12.7-beta

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 07 Mar 2023 19:14:38 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"64078d1e-2259"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK f6f45a9d-593b-4749-aef3-e759715da218
https://blog.wpscan.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://blog.wpscan.com/f6f45a9d-593b-4749-aef3-e759715da218
Requested by: Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 / Show response
jetpack.wordpress.com/jetpack-comment/ Frame 94F4 17 KB
6 KB 308ms
246ms Document
text/html 192.0.78.33
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.33 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5875b95fcd195d069bd0e5dad6e6c9e91e2a154908eef51684736011d14cd1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://blog.wpscan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 17 Oct 2023 02:09:22 GMT
host-header: WordPress.com
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding accept, content-type
x-ac: 2.hhn _dfw MISS
x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.

GET
H2 200 shCore.css
blog.wpscan.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/ 7 KB
2 KB 160ms
160ms Stylesheet
text/css 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/shCore.css?ver=3.0.9b

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c34f24d4dcbfa71cc3813a0c1f02b17a4845c530fa3ed087c66912ccc81255ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 16 May 2022 21:14:27 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6282beb3-1a9d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shThemeDefault.css
blog.wpscan.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/ 3 KB
942 B 158ms
158ms Stylesheet
text/css 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-content/plugins/syntaxhighlighter/syntaxhighlighter3/styles/shThemeDefault.css?ver=3.0.9b

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9718c68f663cfdcef66e2b91917e46e3b83e31c9691a2ff658f9bd55c73bc649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 16 May 2022 21:14:27 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"6282beb3-b3d"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8dbcb0d906325ea81fbaca5be475a10eaf975fa2b3c835b9860c6b3445db16e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 325 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5905c15570060e567d99ff9787345543f85fd0e82c5e15f42462d10ada386e3f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.wp.com/s/librefranklin/v14/ 28 KB
28 KB 73ms
20ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/librefranklin/v14/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css2?family=Libre+Franklin:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=IBM+Plex+Mono:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://blog.wpscan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 23:23:38 GMT
server: nginx
age: 14447
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 28224
x-xss-protection: 0

GET
H2 200 -F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2
fonts.wp.com/s/ibmplexmono/v19/ 14 KB
15 KB 93ms
43ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/ibmplexmono/v19/-F63fjptAgt5VM-kVkqdyU8n1i8q1w.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css2?family=Libre+Franklin:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=IBM+Plex+Mono:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://blog.wpscan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 27 Apr 2023 00:17:55 GMT
server: nginx
age: 15472
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 14812
x-xss-protection: 0

GET
H2 200 jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2
fonts.wp.com/s/librefranklin/v14/ 31 KB
31 KB 93ms
43ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/librefranklin/v14/jizBREVItHgc8qDIbSTKq4XkRiUa6zUTjg.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css2?family=Libre+Franklin:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=IBM+Plex+Mono:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

abe8ed84862fad2302094c2b232dc7784812f6cf819666e27fd049051b7e61f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://blog.wpscan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Sep 2023 23:20:18 GMT
server: nginx
age: 223
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 31804
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 887bace24994f330b0d0b2c01675dc8329a74fcb2dd720929dea971e0f598c94

Request headers

Referer
Origin: https://blog.wpscan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H2 200 -F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2
fonts.wp.com/s/ibmplexmono/v19/ 15 KB
15 KB 92ms
44ms Font
font/woff2 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.wp.com/s/ibmplexmono/v19/-F6qfjptAgt5VM-kVkqdyU8n3pQPwlBFgg.woff2

Requested by

Host: fonts-api.wp.com
URL: https://fonts-api.wp.com/css2?family=Libre+Franklin:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&family=IBM+Plex+Mono:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts-api.wp.com/
Origin: https://blog.wpscan.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 Apr 2023 23:36:35 GMT
server: nginx
age: 18083
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 14956
x-xss-protection: 0

GET
H2 200 master.html Show response
widgets.wp.com/likes/ Frame DABB 3 KB
1 KB 37ms
20ms Document
text/html 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.wp.com/likes/master.html?ver=202342
Requested by: Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: a9590c565025c73b60ffb2b8bb242e213355db5499a6e02b2b075ff59514eb57

Request headers

Referer: https://blog.wpscan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
content-encoding: br
content-type: text/html
date: Tue, 17 Oct 2023 02:09:22 GMT
etag: W/"650493e8-ae1"
last-modified: Fri, 15 Sep 2023 17:27:04 GMT
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
x-ac: 2.hhn _dfw MISS
x-nc: HIT hhn 2

GET
H2 200 g.gif
pixel.wp.com/ 50 B
153 B 35ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=195017074&post=1512&tz=2&srv=blog.wpscan.com&hp=atomic&ac=2&amp=0&j=1%3A12.7-beta&host=blog.wpscan.com&ref=&fcp=1503&rand=0.6587370029572666
Requested by: Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 17 Oct 2023 02:09:22 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 wp-emoji-release.min.js Show response
blog.wpscan.com/wp-includes/js/ 18 KB
5 KB 161ms
161ms Script
application/javascript 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://blog.wpscan.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: nginx
x-ac: 2.hhn _atomic_ams BYPASS
etag: W/"63db0985-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hovercards.min.css
0.gravatar.com/js/hovercards/ 3 KB
965 B 34ms
19ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://0.gravatar.com/js/hovercards/hovercards.min.css
Requested by: Host: secure.gravatar.com
URL: https://secure.gravatar.com/js/gprofiles.js?ver=202342
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 922f7310455a01a1cc789155c95eed771508f7cf31cf38b176a934147e26c7af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
last-modified: Mon, 07 Aug 2023 12:03:28 GMT
server: nginx
etag: W/"64d0dd90-d4e"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 24 Oct 2023 02:09:22 GMT

GET
H2 200 loadingAnimation.gif
blog.wpscan.com/wp-includes/js/thickbox/ 15 KB
15 KB 158ms
158ms Image
image/gif 192.0.78.164
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.wpscan.com/wp-includes/js/thickbox/loadingAnimation.gif

Requested by

Host: blog.wpscan.com
URL: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.164 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/unauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000
x-ac: 2.hhn _atomic_ams BYPASS
last-modified: Mon, 05 Nov 2012 21:00:15 GMT
server: nginx
etag: "509828df-3b86"
access-control-allow-methods: GET, HEAD
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 15238
expires: Tue, 24 Oct 2023 02:09:22 GMT

GET
H2 200 rlt-proxy.js Show response
s0.wp.com/wp-content/js/ Frame DABB 3 KB
1 KB 21ms
20ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by: Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202342
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f72ea1589b707feb0d369c239e89cc4ca754d70645c76e3a61ba0af9d69bba8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.wp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw MISS
server: nginx
x-minify: t
etag: W/7325-1684465206729.7068
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 May 2024 14:44:30 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame DABB 81 KB
21 KB 22ms
21ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20230906
Requested by: Host: widgets.wp.com
URL: https://widgets.wp.com/likes/master.html?ver=202342
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 06b3a98758f38adbd3bd2ec1f6cd55b9dec4ca16b3aabba3a3ad14739be5990c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.wp.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw MISS
last-modified: Fri, 15 Sep 2023 17:27:12 GMT
server: nginx
etag: W/"650493f0-14439"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Sat, 14 Sep 2024 17:27:19 GMT

GET
H2 200 index.css
s0.wp.com/wp-content/mu-plugins/verbum/dist/ Frame 94F4 19 KB
3 KB 23ms
21ms Stylesheet
text/css 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/verbum/dist/index.css?m=1696968382i&cssminify=yes
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 575f3ac0dc3f76d705f3e172886cb692493af915fc7e84dad188a6d9060f7d22

Request headers

Referer: https://jetpack.wordpress.com/
Origin: https://jetpack.wordpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-minify-cache: miss
x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw BYPASS
server: nginx
x-minify: t
etag: W/19544-1696968393302.638
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 09 Oct 2024 20:06:36 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame 94F4 29 KB
9 KB 24ms
22ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??-eJx9jUsOwjAMBS9EsIpQKxaIo6B8TOU2iSPHKfT2dAFIsGD55o00cC/Gc1bMClOFxI4imlZR7LgxQ/nG+6nu4NuTqKYIP9bfLzVTYhspV1hQXEsQ1mwTeRPZBpQ//oRarJ9fG2rLb3RdMAcWsE05WVXyH3mhgFwEawXXKAaI5EB5xmycUBhxC17SuetP3fEwDP1pegJ301pW
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 4ae60f968517288ca4448f0bf8fac925235ec9b2bc394ba3e6d9ff4b281e2de6

Request headers

Referer: https://jetpack.wordpress.com/
Origin: https://jetpack.wordpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw BYPASS
last-modified: Mon, 07 Aug 2023 17:02:57 GMT
server: nginx
etag: W/"64d123c1-74a6"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Wed, 09 Oct 2024 14:40:21 GMT

GET
H2 200 hovercards.min.js Show response
0.gravatar.com/js/hovercards/ Frame 94F4 13 KB
5 KB 20ms
19ms Script
application/javascript 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://0.gravatar.com/js/hovercards/hovercards.min.js?ver=202342aeb24331352c11f5446dd670d75325a3c4e3b8a6bd7f92ee1c88f8b8636d4d9c

Requested by

Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

aeb24331352c11f5446dd670d75325a3c4e3b8a6bd7f92ee1c88f8b8636d4d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
last-modified: Tue, 15 Aug 2023 17:32:05 GMT
server: nginx
etag: W/"64dbb695-32aa"
content-type: application/javascript
cache-control: max-age=604800
expires: Tue, 24 Oct 2023 02:09:22 GMT

GET
H2 200 wpgroho.js Show response
s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/ Frame 94F4 655 B
679 B 25ms
23ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1610363240i
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: b6e4492d3b8358a81b80908b1f84e6bd2f64a7a46d48793af99d27bf29f4c2e8

Request headers

Referer: https://jetpack.wordpress.com/
Origin: https://jetpack.wordpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw BYPASS
server: nginx
x-minify: t
etag: W/1125-1684460931415.6394
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 May 2024 20:22:44 GMT

GET
H2 200 / Show response
s0.wp.com/_static/ Frame 94F4 24 KB
7 KB 25ms
24ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/_static/??/wp-content/mu-plugins/likes/queuehandler.js,/wp-content/mu-plugins/akismet-3.0/_inc/akismet-frontend.js?m=1683897436j
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 780b61f483cfb44ee9881cbd362d41cf89609d401d12e9726e1471530ab14738

Request headers

Referer: https://jetpack.wordpress.com/
Origin: https://jetpack.wordpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw BYPASS
last-modified: Fri, 12 May 2023 13:17:23 GMT
server: nginx
etag: W/"645e3c63-5e76"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Sat, 11 May 2024 13:17:32 GMT

GET
BLOB 200
OK 2925f59d-327e-4d90-b22f-151510c20c52
https://jetpack.wordpress.com/ Frame 94F4 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jetpack.wordpress.com/2925f59d-327e-4d90-b22f-151510c20c52
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 / Show response
public-api.wordpress.com/wp-admin/rest-proxy/ Frame 12D1 8 KB
4 KB 220ms
155ms Document
text/html 192.0.78.23
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://public-api.wordpress.com/wp-admin/rest-proxy/

Requested by

Host: s0.wp.com
URL: https://s0.wp.com/_static/??/wp-content/js/postmessage.js,/wp-content/js/tannin/compat.min.js,/wp-content/js/wpcom-proxy-request.js,/wp-content/js/likes-rest-nojquery.js?m=20230906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.23 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4b4f298a5eb39eae4292bcef72c8f484854cf331454bd142d39b08d44fada2f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://widgets.wp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 17 Oct 2023 02:09:22 GMT
p3p: CP="CAO PSA OUR"
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-ac: 1.hhn _dfw BYPASS

GET
H2 200 wp-emoji-release.min.js Show response
s0.wp.com/wp-includes/js/ Frame 94F4 18 KB
5 KB 21ms
20ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1677072837i&ver=6.3.2-alpha-56786
Requested by: Host: jetpack.wordpress.com
URL: https://jetpack.wordpress.com/jetpack-comment/?blogid=195017074&postid=1512&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=identicon&greeting=Leave+a+Reply&jetpack_comments_nonce=b87f68c23f&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=light&lang=en_US&jetpack_version=12.7-beta&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=6d1fd210dc3cd2a24ae13a979a88f8eb44ec2e63
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw MISS
last-modified: Fri, 19 May 2023 01:48:02 GMT
server: nginx
etag: W/"6466d552-4904"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Tue, 08 Oct 2024 06:58:07 GMT

GET
H2 200 hovercards.min.css
0.gravatar.com/js/hovercards/ Frame 94F4 3 KB
1021 B 19ms
19ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://0.gravatar.com/js/hovercards/hovercards.min.css?ver=202342aeb24331352c11f5446dd670d75325a3c4e3b8a6bd7f92ee1c88f8b8636d4d9c

Requested by

Host: 0.gravatar.com
URL: https://0.gravatar.com/js/hovercards/hovercards.min.js?ver=202342aeb24331352c11f5446dd670d75325a3c4e3b8a6bd7f92ee1c88f8b8636d4d9c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2bca0dae15027898dd6a7536d5b041014f928fbc60d9ce04dd2fa4c5d37d36ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://jetpack.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 02:09:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
last-modified: Wed, 11 Oct 2023 03:50:13 GMT
server: nginx
etag: W/"65261b75-d5d"
content-type: text/css
cache-control: max-age=604800
expires: Tue, 24 Oct 2023 02:09:22 GMT

GET
H2 200 rlt-proxy.js Show response
s0.wp.com/wp-content/js/ Frame 12D1 3 KB
1 KB 21ms
20ms Script
application/javascript 192.0.77.32
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/rlt-proxy.js?m=20211122
Requested by: Host: public-api.wordpress.com
URL: https://public-api.wordpress.com/wp-admin/rest-proxy/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f72ea1589b707feb0d369c239e89cc4ca754d70645c76e3a61ba0af9d69bba8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public-api.wordpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-minify-cache: hit
x-nc: HIT hhn 2
date: Tue, 17 Oct 2023 02:09:22 GMT
content-encoding: br
x-ac: 2.hhn _dfw MISS
server: nginx
x-minify: t
etag: W/7325-1684465206729.7068
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
expires: Thu, 30 May 2024 14:44:30 GMT

GET
H2 204 boom.gif
pixel.wp.com/ 0
81 B 21ms
20ms Image
text/plain 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0.016&largest_contentful_paint=1503&batcache_hit=0&provider=wordpress.com&service=atomic&custom_properties=%7B%22devicepx%22%3A%220%22%7D&effective_connection_type=4g&rtt=0&downlink=10000&host_name=blog.wpscan.com&url_path=%2Funauthenticated-file-upload-vulnerability-addressed-in-royal-elementor-addons-and-templates-1-3-79%2F&nt_fetchStart=0&nt_domainLookupStart=19&nt_domainLookupEnd=19&nt_connectStart=19&nt_connectEnd=68&nt_secureConnectionStart=41&nt_requestStart=68&nt_responseStart=688&nt_responseEnd=717&nt_domLoading=692&nt_domInteractive=1653&nt_domContentLoadedEventStart=1655&nt_domContentLoadedEventEnd=1659&nt_domComplete=2016&nt_loadEventStart=2016&nt_loadEventEnd=2031&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=1503&first_contentful_paint=1503&resource_size=1660091&resource_transferred=408772&js_size=691991&js_transferred=238760&resource_cache_percent=0&js_cache_percent=0&last_resource_end=1822
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://blog.wpscan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 17 Oct 2023 02:09:24 GMT
cache-control: no-cache
server: nginx

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
blog.wpscan.com
fonts-api.wp.com
fonts.wp.com
i0.wp.com
jetpack.wordpress.com
pixel.wp.com
public-api.wordpress.com
s0.wp.com
secure.gravatar.com
stats.wp.com
widgets.wp.com
192.0.76.3
192.0.77.2
192.0.77.32
192.0.78.164
192.0.78.23
192.0.78.33
2a04:fa87:fffe::c000:4902
06b3a98758f38adbd3bd2ec1f6cd55b9dec4ca16b3aabba3a3ad14739be5990c
181ef29887c4cfd83795d80626ebc2b5e159fc627c7d41597092646ad3527cbe
2109deb16b0b4f004df7bc39c54c80d71fe824c86439903238f2e2c09488c31b
2425528f81ecc3d4fa8d5328e623743c92d2c2c699aa4a89dcb8b9e75c06aad8
27006ef8b518c425fe38cb7edfe82df352c92e706fa577f5304901466b69f703
2bca0dae15027898dd6a7536d5b041014f928fbc60d9ce04dd2fa4c5d37d36ad
32819a89311ae2e027b8ad82d6b1489ecdcbcab34dc1880d5fe97663325cd266
37789b9463d6b983f30fb771580a89ef59d205f66a684e2b18e8f9eea77283f6
3c5a451f9ec27a354b0c2bcca636c6ec17a651281aabf29f8427e210a1d31e85
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4ae60f968517288ca4448f0bf8fac925235ec9b2bc394ba3e6d9ff4b281e2de6
4b4f298a5eb39eae4292bcef72c8f484854cf331454bd142d39b08d44fada2f1
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5734f1b66dcb622529d435aba20990813d43553f949bc0813719b4e7d1252527
575f3ac0dc3f76d705f3e172886cb692493af915fc7e84dad188a6d9060f7d22
5875b95fcd195d069bd0e5dad6e6c9e91e2a154908eef51684736011d14cd1f9
5905c15570060e567d99ff9787345543f85fd0e82c5e15f42462d10ada386e3f
5a72818cfa74e5ea7f2b573b1ec52ae09539f5d29e7f888e37b06f6df738a9b6
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5cdb1cad298e924cb4a212a8884ff50f3edc8a98ac8ad80d76d9de8eb16be69e
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6d67d5437efcaeb86333f29af323a4f6ee186f8e9704c06416e1e17161293311
6f49b91306b4d9571d8e27641cdb8efe175cbc2f7eb91b1aa83523c886905d13
780b61f483cfb44ee9881cbd362d41cf89609d401d12e9726e1471530ab14738
7f58942bd0934177b36584e0b032962db761bdf9fcd2ddca6792beb33162cf1d
82efa5ebcafe210348241ac49249149b0a159641842881ddbf069518060e224d
8426d756ed594ad34a87dd4c16f2abbea33c2967d67698dbb17577d085aabb1e
887bace24994f330b0d0b2c01675dc8329a74fcb2dd720929dea971e0f598c94
922f7310455a01a1cc789155c95eed771508f7cf31cf38b176a934147e26c7af
96f2da12c025e217eabfa01ae7ccbc6d77b593da8795b4a266d35280d89215d9
9718c68f663cfdcef66e2b91917e46e3b83e31c9691a2ff658f9bd55c73bc649
9ddaa48947691f4edbd85d83e34061cdf5eaabf0b10b59b3922d95233b8950ee
9e1dae23d3ad3212f67d09ca79a50003c32953c36bab976f634c9b38d8a8c6dc
a51b6594bdda5d76e047259fb1fcaf7af2eb227cac553b4eb1cffa8328784c9c
a851ac2edc584a3b08c0a057bb2d0c08ac95c4de2cc453e22a2c83305cce3694
a9590c565025c73b60ffb2b8bb242e213355db5499a6e02b2b075ff59514eb57
abe8ed84862fad2302094c2b232dc7784812f6cf819666e27fd049051b7e61f2
aeb24331352c11f5446dd670d75325a3c4e3b8a6bd7f92ee1c88f8b8636d4d9c
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
b6e4492d3b8358a81b80908b1f84e6bd2f64a7a46d48793af99d27bf29f4c2e8
bcf1c6ec021a410037904996737e24a187e498715661986261edd2e8579b4873
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c34f24d4dcbfa71cc3813a0c1f02b17a4845c530fa3ed087c66912ccc81255ed
c506955486d1c56997b4f43122dee131bb3d8331331822506eb841c2a116b439
c6eabf851fcaa8822cdfec99a84a52966bdea05fe3ae4970db03c53b50bb6230
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
cf3b7fc1bf1c6cacd9f0a3129726f06d283879ea9eaec98af09232e71543adc7
dbba6c1c59954873629e196b8009f0a8256e66d755f889cf6c8ac4f1164d10c2
dd8a1654dae6031222f2bd26cfe7d4130b967175ad59817f89e12e5cfa0be7b1
e0f724e7902c0b2186d8395984c312696dc8be9ae0c187792f032fb0955fcf9a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edbf37f6db3f632faaeeeee4aa127c204d0bcc52e940682bc5d4b0fa48ded96b
f11700b6abea83acfdc10fcd06b75704fc86a251e4b720125c9e02506f2a3726
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f72ea1589b707feb0d369c239e89cc4ca754d70645c76e3a61ba0af9d69bba8c
f8dbcb0d906325ea81fbaca5be475a10eaf975fa2b3c835b9860c6b3445db16e

blog.wpscan.com Open in urlscan Pro 192.0.78.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

96 %HTTPS

14 %IPv6

4 Domains

12 Subdomains

8 IPs

2 Countries

611 kBTransfer

2075 kBSize

0 Cookies

4 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

blog.wpscan.com Open in urlscan Pro
192.0.78.164 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

96 %
HTTPS

14 %
IPv6

4
Domains

12
Subdomains

8
IPs

2
Countries

611 kB
Transfer

2075 kB
Size

0
Cookies

57 HTTP transactions
3 data transactions