Submitted URL: https://heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Effective URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Submission Tags: falconsandbox
Submission: On January 14 via api from US — Scanned from DE

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 21 HTTP transactions. The main IP is 52.38.212.97, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.heartfeltramblings.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 2nd 2021. Valid for: 3 months.
This is the only time www.heartfeltramblings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
9 typekit.net
use.typekit.net — Cisco Umbrella Rank: 455
p.typekit.net — Cisco Umbrella Rank: 565
134 KB
6 heartfeltramblings.com
heartfeltramblings.com
www.heartfeltramblings.com
579 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
36 KB
21 6
Domain Requested by
8 use.typekit.net www.heartfeltramblings.com
5 www.heartfeltramblings.com www.heartfeltramblings.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.heartfeltramblings.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 p.typekit.net www.heartfeltramblings.com
1 www.googletagmanager.com www.heartfeltramblings.com
1 heartfeltramblings.com 1 redirects
21 8

This site contains no links.

Subject Issuer Validity Valid
heartfeltramblings.com
cPanel, Inc. Certification Authority
2021-11-02 -
2022-01-31
3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2021-08-16 -
2022-08-16
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-08 -
2022-03-02
3 months crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1
2021-12-05 -
2022-12-06
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Frame ID: C84AF32B3EB467A12E4A615AD6CC024D
Requests: 21 HTTP requests in this frame

Screenshot

Page Title

Page not found ยป Heartfelt Ramblings

Page URL History Show full URLs

  1. https://heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com HTTP 301
    https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

8
Subdomains

7
IPs

2
Countries

802 kB
Transfer

1360 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com HTTP 301
    https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request lndex.php
www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/
Redirect Chain
  • https://heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
  • https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
7 KB
3 KB
Document
General
Full URL
https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.38.212.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
sputnik.designkh.com
Software
Apache /
Resource Hash
df5f45ae73633d44b56ec605685e465d1e3fc712bbb55b70be477cc2324fd5df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 14 Jan 2022 09:33:58 GMT
Server
Apache
vary
X-Forwarded-Protocol,Accept-Encoding,User-Agent
cache-control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Fri, 14 Jan 2022 09:33:57 GMT
Server
Apache
vary
X-Forwarded-Protocol,Accept-Encoding,User-Agent
cache-control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
location
https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Content-Length
20
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
mtx6vlb.js
use.typekit.net/
18 KB
7 KB
Script
General
Full URL
https://use.typekit.net/mtx6vlb.js
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9a629a82c10f91910ca9c25315f6822c124bf08d36b9c7f7bf34d73ae3ad3abf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Fri, 14 Jan 2022 09:33:59 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6949
js
www.googletagmanager.com/gtag/
91 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-45072804-1
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0eeff9c37a4b478acddf34a34af6c3197f1e3a9d34a03ef2e8fb9d0337f19d3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:33:59 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36463
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 14 Jan 2022 09:33:59 GMT
pagecss-b5f646c.css
www.heartfeltramblings.com/assets/_combinedfiles/
355 KB
51 KB
Stylesheet
General
Full URL
https://www.heartfeltramblings.com/assets/_combinedfiles/pagecss-b5f646c.css
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.38.212.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
sputnik.designkh.com
Software
Apache /
Resource Hash
f89466a468c3043e84baf0a92afdfb7794ea1158492b12fcb0fb19a328bf9609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 09:33:58 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Sep 2019 15:57:20 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
52367
heartfeltramblingslogotype.svg
www.heartfeltramblings.com/assets/SiteLogos/2311e3cea1/
23 KB
7 KB
Image
General
Full URL
https://www.heartfeltramblings.com/assets/SiteLogos/2311e3cea1/heartfeltramblingslogotype.svg
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.38.212.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
sputnik.designkh.com
Software
Apache /
Resource Hash
922992aef2396afe6b47c572ded7f9289793ea59e07b4645fc24839400b94983

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 09:33:59 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Aug 2019 00:15:24 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
7304
AdobeStock_213444057__FocusFillWzI1NjAsNzUwLCJ5Iiw2MTVd.jpg
www.heartfeltramblings.com/assets/HomeBackgrounds/7a9e75015a/
458 KB
459 KB
Image
General
Full URL
https://www.heartfeltramblings.com/assets/HomeBackgrounds/7a9e75015a/AdobeStock_213444057__FocusFillWzI1NjAsNzUwLCJ5Iiw2MTVd.jpg
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.38.212.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
sputnik.designkh.com
Software
Apache /
Resource Hash
aebe2badac29838aa214795d5d991f97e6f7632d5023454215b2758f30515605

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 09:33:59 GMT
Last-Modified
Tue, 20 Aug 2019 22:47:10 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
469326
pagejs-748bec8.js
www.heartfeltramblings.com/assets/_combinedfiles/
184 KB
59 KB
Script
General
Full URL
https://www.heartfeltramblings.com/assets/_combinedfiles/pagejs-748bec8.js
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.38.212.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
sputnik.designkh.com
Software
Apache /
Resource Hash
1c469c7abd182c631fbb3b7f13047e7a04c03b01299ed0ffd24d9eca352801eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Fri, 14 Jan 2022 09:33:59 GMT
Content-Encoding
gzip
Last-Modified
Tue, 03 Sep 2019 19:09:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
59718
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-45072804-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7145
date
Fri, 14 Jan 2022 07:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 14 Jan 2022 09:34:54 GMT
collect
www.google-analytics.com/j/
1 B
214 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1256808402&t=pageview&_s=1&dl=https%3A%2F%2Fwww.heartfeltramblings.com%2Fwp-content%2Fplugins%2Fjs_compresor_wp%2Flndex.php%3F0%2540%3DVendorgateway%2540cantire.com&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%C2%BB%20Heartfelt%20Ramblings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2092846768&gjid=991483162&cid=1198773176.1642152839&tid=UA-45072804-1&_gid=1693016318.1642152839&_r=1&gtm=2ou1c0&z=446444390
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.heartfeltramblings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 14 Jan 2022 09:33:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.heartfeltramblings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rochester|Source+Sans+Pro:400,400i,600&display=swap
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/assets/_combinedfiles/pagecss-b5f646c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6fe226d147ba2ebec80eaaccd7518ea1cc3c3db57b80fdf6bcdb620cc0e476c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:33:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 09:33:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 09:33:59 GMT
css
fonts.googleapis.com/
12 KB
933 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/assets/_combinedfiles/pagecss-b5f646c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9b5bf1aba58d4ede76a4d2fc7d87059a0fc86f0d662761c43db28bd17bea28da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 14 Jan 2022 09:18:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 14 Jan 2022 09:33:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 14 Jan 2022 09:33:59 GMT
l
use.typekit.net/af/949f99/00000000000000003b9b3068/27/
20 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
881e7b20812ce29768f6a17c9ad915d47bda3210d3e9d71211058e678edc200d

Request headers

Referer
https://www.heartfeltramblings.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:33:59 GMT
server
nginx
etag
"269ca480d9f4b562d1fba420527e4402600739cc"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20008
l
use.typekit.net/af/705e94/00000000000000003b9b3062/27/
19 KB
19 KB
Font
General
Full URL
https://use.typekit.net/af/705e94/00000000000000003b9b3062/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9712da95885dd6bdb189f5a01d816defeb9ef10da71d750906a30e11156bf7c6

Request headers

Referer
https://www.heartfeltramblings.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:33:59 GMT
server
nginx
etag
"83d5d34ada9d3835ff15f4e0202acf78c83bd6d3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19464
l
use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/
19 KB
20 KB
Font
General
Full URL
https://use.typekit.net/af/cebe0e/00000000000000003b9b3060/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n3&v=3
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f4f96a3b9401feaf8e7d52e793e1ced57f646ff0301ff79f14fe494ca1fbd807

Request headers

Referer
https://www.heartfeltramblings.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:33:59 GMT
server
nginx
etag
"6aac434bec1cd2dc5662ecd78dce7789e738a8d3"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19828
l
use.typekit.net/af/2553b3/000000000000000000011c34/27/
18 KB
18 KB
Font
General
Full URL
https://use.typekit.net/af/2553b3/000000000000000000011c34/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2bc40d7e1d7ce557fb3dad1350ad106bced6642dc94f463d8c426f1efb45bd4f

Request headers

Referer
https://www.heartfeltramblings.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:33:59 GMT
server
nginx
etag
"f799e4589ad8e7d087c93cecfbbfd7f85e9eb0a4"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18056
l
use.typekit.net/af/8f2f8d/000000000000000000011c35/27/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/8f2f8d/000000000000000000011c35/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i7&v=3
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
595c9b92ecb5d597972751939aa2a81774365e3ecce2dc7663403ca6836607dc

Request headers

Referer
https://www.heartfeltramblings.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:33:59 GMT
server
nginx
etag
"14e7d4abe297ac4204dce5d5f8517a67511262bd"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16504
l
use.typekit.net/af/4c54ad/000000000000000000011c38/27/
16 KB
16 KB
Font
General
Full URL
https://use.typekit.net/af/4c54ad/000000000000000000011c38/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
84485b66349a5d857164ee7cfc40759d023500dac2b9e848a3cd042fdda10c7a

Request headers

Referer
https://www.heartfeltramblings.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:34:00 GMT
server
nginx
etag
"207270e7cf700b71fbe91bbc1c175edae6b48527"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
16420
l
use.typekit.net/af/827015/000000000000000000011c3b/27/
17 KB
17 KB
Font
General
Full URL
https://use.typekit.net/af/827015/000000000000000000011c3b/27/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e69022f7e00b4c65f913e6f2167de297203df2ed844b2a6dde9ece561475c383

Request headers

Referer
https://www.heartfeltramblings.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:33:59 GMT
server
nginx
etag
"af15162a1297beee1cdd355ddb436d6f1aa8a0f0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17384
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 13:39:48 GMT
x-content-type-options
nosniff
age
590051
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 13:39:48 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.heartfeltramblings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 12 Jan 2022 17:58:32 GMT
x-content-type-options
nosniff
age
142527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 12 Jan 2023 17:58:32 GMT
p.gif
p.typekit.net/
35 B
214 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=mtx6vlb&ht=tk&h=www.heartfeltramblings.com&f=139.175.5474.14541.14542.14545.14548&a=82581000&js=1.20.0&app=typekit&e=js&_=1642152840119
Requested by
Host: www.heartfeltramblings.com
URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.heartfeltramblings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 14 Jan 2022 09:34:00 GMT
last-modified
Wed, 02 Sep 2020 03:58:21 GMT
server
nginx
etag
"5f4f185d-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| Typekit function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| bootstrap object| jQuery112107365791548796246

4 Cookies

Domain/Path Name / Value
www.heartfeltramblings.com/ Name: PHPSESSID
Value: 08fb96ba3f22d90b7255065d8c0fe93e
.heartfeltramblings.com/ Name: _ga
Value: GA1.2.1198773176.1642152839
.heartfeltramblings.com/ Name: _gid
Value: GA1.2.1693016318.1642152839
.heartfeltramblings.com/ Name: _gat_gtag_UA_45072804_1
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.heartfeltramblings.com/wp-content/plugins/js_compresor_wp/lndex.php?0%40=Vendorgateway%40cantire.com
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
heartfeltramblings.com
p.typekit.net
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
www.heartfeltramblings.com
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200a
2a00:1450:4001:827::2003
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0a
52.38.212.97
0eeff9c37a4b478acddf34a34af6c3197f1e3a9d34a03ef2e8fb9d0337f19d3f
1c469c7abd182c631fbb3b7f13047e7a04c03b01299ed0ffd24d9eca352801eb
2bc40d7e1d7ce557fb3dad1350ad106bced6642dc94f463d8c426f1efb45bd4f
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
595c9b92ecb5d597972751939aa2a81774365e3ecce2dc7663403ca6836607dc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
84485b66349a5d857164ee7cfc40759d023500dac2b9e848a3cd042fdda10c7a
881e7b20812ce29768f6a17c9ad915d47bda3210d3e9d71211058e678edc200d
922992aef2396afe6b47c572ded7f9289793ea59e07b4645fc24839400b94983
9712da95885dd6bdb189f5a01d816defeb9ef10da71d750906a30e11156bf7c6
9a629a82c10f91910ca9c25315f6822c124bf08d36b9c7f7bf34d73ae3ad3abf
9b5bf1aba58d4ede76a4d2fc7d87059a0fc86f0d662761c43db28bd17bea28da
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aebe2badac29838aa214795d5d991f97e6f7632d5023454215b2758f30515605
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
df5f45ae73633d44b56ec605685e465d1e3fc712bbb55b70be477cc2324fd5df
e69022f7e00b4c65f913e6f2167de297203df2ed844b2a6dde9ece561475c383
f4f96a3b9401feaf8e7d52e793e1ced57f646ff0301ff79f14fe494ca1fbd807
f6fe226d147ba2ebec80eaaccd7518ea1cc3c3db57b80fdf6bcdb620cc0e476c
f89466a468c3043e84baf0a92afdfb7794ea1158492b12fcb0fb19a328bf9609