Submitted URL: http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Effective URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Submission: On September 08 via manual from IN

Summary

This website contacted 8 IPs in 4 countries across 6 domains to perform 20 HTTP transactions. The main IP is 199.242.144.56, located in United States and belongs to ACLENS-PROD, US. The main domain is 199.242.144.56.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 13th 2020. Valid for: 3 months.
This is the only time 199.242.144.56 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 199.242.144.56 54615 (ACLENS-PROD)
9 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
20 8
Domain Requested by
9 www.samsclubcontacts.com 199.242.144.56
www.samsclubcontacts.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.cookielaw.org 199.242.144.56
cdn.cookielaw.org
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com 199.242.144.56
1 code.jquery.com cdn.cookielaw.org
20 6
Subject Issuer Validity Valid
*.samsclubcontacts.com
Let's Encrypt Authority X3
2020-07-13 -
2020-10-11
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-05 -
2021-08-05
a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2020-07-01 -
2021-07-01
a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2020-08-19 -
2020-11-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-08-19 -
2020-11-11
3 months crt.sh

This page contains 1 frames:

Primary Page: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Frame ID: B4B2E5172CE4290D2E4189D48C0CCD6B
Requests: 21 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php HTTP 302
    https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

20
Requests

80 %
HTTPS

86 %
IPv6

6
Domains

6
Subdomains

8
IPs

4
Countries

1212 kB
Transfer

2332 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php HTTP 302
    https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request php
199.242.144.56//wp-content/plugins/wp-file-manager/lib/
Redirect Chain
  • http://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
  • https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
74 KB
75 KB
Document
General
Full URL
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD02
Resource Hash
797b99412292e1f3b5793b757e52c28636b3f60dd0ecf7b582cbb7d24892c98e
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

:method
GET
:authority
199.242.144.56
:scheme
https
:path
//wp-content/plugins/wp-file-manager/lib/php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
404
date
Tue, 08 Sep 2020 18:45:30 GMT
cache-control
private,public
content-type
text/html; charset=utf-8
x-powered-by
PROD02
access-control-allow-origin
*
content-length
75674
set-cookie
Personalization=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJDdXJyZW5jeSI6MSwiQUJHcm91cCI6IkEiLCJIYXNQcmV2aW91c09yZGVyIjpmYWxzZSwiRmF2b3JpdGVzIjpbXSwiaXNzIjoiUEVSU09OQUxJWkFUSU9OX1NWQyIsIldlYnNpdGUiOjUxLCJSZXBlYXRWaXNpdENvdW50IjoxfQ.JlQ3-uM8So5I2S5Me_OzFNiR7APoEYDZqCtHRolwCi0; expires=Wed, 08-Sep-2021 18:45:30 GMT; path=/; secure; HttpOnly; SameSite=None; SameSite=lax 51-AB=A; expires=Wed, 08-Sep-2021 18:45:30 GMT; path=/; secure; HttpOnly; SameSite=None; SameSite=lax CookieID=185.156.175.107-YzYwOTRkZjA5ZWE0MjY; expires=Wed, 08-Sep-2021 18:45:30 GMT; path=/; secure; HttpOnly; SameSite=None; SameSite=lax __RequestVerificationToken=EBcuT4m-OqxCoKEIw4BygvkQN73oWmdyvY2tqlSuSjqV2xVubjdpECXumhkVwTi4prlEBQtW1KbnenXBi2sYsMLcVsg1; path=/; secure; HttpOnly; SameSite=lax
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
x-xss-protection
1
strict-transport-security
max-age=15780000;

Redirect headers

Cache-Control
no-cache
Content-length
0
Location
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
global-v760d7202eea17971b98ff12ea8cef1bf.min.css
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/
171 KB
40 KB
Stylesheet
General
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
5f9b143b62b2df0da0f2a2b1f4504e00e7d6822bddc5a3aa462cda1ceedf58ea
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD03
status
200
vary
Accept-Encoding
content-length
40816
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f3700c6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a379000005c41e12b200000001
accept-ranges
bytes
cf-ray
5cfad3b259bd05c4-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
error-vfed6047fb13d03138d6675f2b1060377.min.css
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/error-vfed6047fb13d03138d6675f2b1060377.min.css
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
a067d47be024d2fbfbee6d432a4e46ac3eb4b1fb80d487b7559d88684a3e3b7a
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD03
status
200
vary
Accept-Encoding
content-length
1427
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f372b403"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a379000005c41e12c200000001
accept-ranges
bytes
cf-ray
5cfad3b259c105c4-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
035139cc-5c05-4829-bdc0-876ab44b8841.js
cdn.cookielaw.org/consent/
64 KB
17 KB
Script
General
Full URL
https://cdn.cookielaw.org/consent/035139cc-5c05-4829-bdc0-876ab44b8841.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e371e095d3faa53287d6c990847b57f0398810c0b3ef96b704cbab821bcec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
GZIP
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
6jl506LrxV79j8rMbzGa9g==
age
85
status
200
vary
Accept-Encoding
content-length
16398
cf-request-id
0510a2a35e0000c2e0ba9b5200000001
x-ms-lease-status
unlocked
last-modified
Tue, 02 Jun 2020 21:17:44 GMT
server
cloudflare
etag
0x8D8073A640DB74A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5d8de912-501e-014a-2319-80aed4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
5cfad3b23e78c2e0-FRA
optanon.css
cdn.cookielaw.org/skins/5.14.0/default_flat_bottom_two_button_black/v2/css/
23 KB
6 KB
Stylesheet
General
Full URL
https://cdn.cookielaw.org/skins/5.14.0/default_flat_bottom_two_button_black/v2/css/optanon.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/035139cc-5c05-4829-bdc0-876ab44b8841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Te8vbtRu+tO5JTSWp3zsiw==
age
2309
status
200
vary
Accept-Encoding
content-length
5553
cf-request-id
0510a2a3770000c2e0ba9b8200000001
x-ms-lease-status
unlocked
last-modified
Fri, 03 Apr 2020 02:08:14 GMT
server
cloudflare
etag
0x8D7D773DE2EEBAC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
57573c0e-101e-0085-74d9-778f33000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
5cfad3b25eeec2e0-FRA
jquery-3.3.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.3.1.min.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/035139cc-5c05-4829-bdc0-876ab44b8841.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Origin
https://199.242.144.56
Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
last-modified
Sat, 20 Jan 2018 17:26:44 GMT
server
nginx
status
200
etag
W/"5a637bd4-1538f"
vary
Accept-Encoding
x-hw
1599590730.dop226.fr8.t,1599590730.cds224.fr8.hn,1599590730.cds057.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30288
jquery_lodash-v1ed11011d20f018388b3723f84eaa7c8.min.js
www.samsclubcontacts.com/Assets/static/
170 KB
67 KB
Script
General
Full URL
https://www.samsclubcontacts.com/Assets/static/jquery_lodash-v1ed11011d20f018388b3723f84eaa7c8.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD01
Resource Hash
0ba2fb00032d9b149025a701fa07269ea2c6b4d3cd2c08e21b4ae4d0f7452e05
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD01
status
200
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f243d02c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a3ba000005c41e132200000001
cf-ray
5cfad3b2cb0c05c4-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
vue-vf15aee8488ab57c0e80c77a7d10db3cd.min.js
www.samsclubcontacts.com/Assets/static/
86 KB
39 KB
Script
General
Full URL
https://www.samsclubcontacts.com/Assets/static/vue-vf15aee8488ab57c0e80c77a7d10db3cd.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
ba2def15381b208bddf5e3e1fb017e8eed393b78f29a9578172165a4d315d9cc
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD03
status
200
vary
Accept-Encoding
content-length
40179
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f2402f68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a3ba000005c41e133200000001
accept-ranges
bytes
cf-ray
5cfad3b2cb0f05c4-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
vee-validate-v87818e4bfaa8d5be224ba6079933eeb4.min.js
www.samsclubcontacts.com/Assets/static/
74 KB
26 KB
Script
General
Full URL
https://www.samsclubcontacts.com/Assets/static/vee-validate-v87818e4bfaa8d5be224ba6079933eeb4.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD02
Resource Hash
f15547efba303c93434b13ca09f1c0844083190e0ea848f72323b44bfd663c88
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD02
status
200
vary
Accept-Encoding
content-length
26413
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:50 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f2405ea1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a3be000005c41e135200000001
accept-ranges
bytes
cf-ray
5cfad3b2cb2205c4-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
bundle-global-v823b3f5cd6c7f6f4643d0b6ba8f1175c.min.js
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/js/
902 KB
304 KB
Script
General
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/js/bundle-global-v823b3f5cd6c7f6f4643d0b6ba8f1175c.min.js
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
15aadcfa55d2d3b1cd8058ddd9025f54f04d0ed4469698dcee48c92e09f8fb12
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD03
status
200
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"1d68167f37cbfae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a3be000005c41e136200000001
cf-ray
5cfad3b2cb2405c4-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
logo.svg
199.242.144.56/Sites/SamsClubContacts/Assets/images/
5 KB
5 KB
Image
General
Full URL
https://199.242.144.56/Sites/SamsClubContacts/Assets/images/logo.svg
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD01
Resource Hash
135256650b656004fd8e79494dbc3d16fe0d083984dbcba3f2c1fcda683ffeb7
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:29 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
status
200
x-powered-by
PROD01
etag
"1d68167f372b249"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
strict-transport-security
max-age=15780000;
content-length
5193
x-xss-protection
1
logomark.svg
199.242.144.56/Sites/SamsClubContacts/Assets/images/
754 B
1 KB
Image
General
Full URL
https://199.242.144.56/Sites/SamsClubContacts/Assets/images/logomark.svg
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD02
Resource Hash
524142d33a82e16b5a8e5362af6f24b55880cd331c9514d5d864a6ee104c9665
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
status
200
x-powered-by
PROD02
etag
"1d68167f372a4f2"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
strict-transport-security
max-age=15780000;
content-length
754
x-xss-protection
1
gtm.js
www.googletagmanager.com/
73 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XM5S3X
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa56ab232878c00f1f7d7545f9574d4bafc11da2daa9b04c0c73941d4f8d7ffb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29012
x-xss-protection
0
last-modified
Tue, 08 Sep 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Sep 2020 18:45:30 GMT
aktiv-grotesk-regular.woff
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/
241 KB
240 KB
Font
General
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/aktiv-grotesk-regular.woff
Requested by
Host: www.samsclubcontacts.com
URL: https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD03
Resource Hash
de53e8276fd27de39df74e4b6267a0a8dcd7cede264923e3cb271778f5bf3078
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD03
status
200
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d68167f3716442"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a3db0000972ab51fc200000001
cf-ray
5cfad3b2f813972a-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
bree-serif-semibold.woff
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/
27 KB
27 KB
Font
General
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/bree-serif-semibold.woff
Requested by
Host: www.samsclubcontacts.com
URL: https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD01
Resource Hash
017fe5a1fe778fc2460bd1a0835cdac17e76b82152082ce3e48f86766b97d748
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
85
x-powered-by
PROD01
status
200
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d68167f372ccdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a3db0000972ab51fd200000001
cf-ray
5cfad3b2f81f972a-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
aktiv-grotesk-bold.woff
www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/
239 KB
238 KB
Font
General
Full URL
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/fonts/aktiv-grotesk-bold.woff
Requested by
Host: www.samsclubcontacts.com
URL: https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1697 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PROD02
Resource Hash
62546fe8b2ccaa9c7e2d59805c61022f9f77ddab754ffaed7dd4bd728148440a
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://www.samsclubcontacts.com/Sites/SamsClubContacts/Assets/compiled/css/global-v760d7202eea17971b98ff12ea8cef1bf.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
84
x-powered-by
PROD02
status
200
vary
Accept-Encoding
x-xss-protection
1
last-modified
Wed, 02 Sep 2020 16:30:52 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"1d68167f3711b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
cf-request-id
0510a2a3db0000972ab51fe200000001
cf-ray
5cfad3b2f820972a-FRA
expires
Wed, 08 Sep 2021 18:45:30 GMT
icons.woff2
199.242.144.56/Assets/fonts/
47 KB
48 KB
Font
General
Full URL
https://199.242.144.56/Assets/fonts/icons.woff2?7.2.20246.1
Requested by
Host: 199.242.144.56
URL: https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
199.242.144.56 , United States, ASN54615 (ACLENS-PROD, US),
Reverse DNS
www.samsclubcontacts.com
Software
/ PROD02
Resource Hash
d54db268f2e3e598f2b10c73f5b0db224673e5177afffdd8d2cc34b8f084b3ed
Security Headers
Name Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Origin
https://199.242.144.56
Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 08 Sep 2020 18:45:30 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 Sep 2020 16:30:48 GMT
status
200
x-powered-by
PROD02
etag
"1d68167f110f0fc"
x-frame-options
SAMEORIGIN
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public
content-security-policy
frame-src https:; report-uri /csp-violation-endpoint/
strict-transport-security
max-age=15780000;
content-length
48380
x-xss-protection
1
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5XM5S3X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
709
date
Tue, 08 Sep 2020 18:33:41 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Tue, 08 Sep 2020 20:33:41 GMT
collect
www.google-analytics.com/j/
2 B
64 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&a=1252225330&t=pageview&_s=1&dl=https%3A%2F%2F199.242.144.56%2F%2Fwp-content%2Fplugins%2Fwp-file-manager%2Flib%2Fphp&ul=en-us&de=UTF-8&dt=404%20Error%20Page%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=295440528&gjid=410812294&cid=1325061115.1599590731&tid=UA-37194796-1&_gid=490904624.1599590731&_r=1&gtm=2wg8q15XM5S3X&z=466337418
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 08 Sep 2020 18:45:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://199.242.144.56
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
83 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-37194796-1&cid=1325061115.1599590731&jid=295440528&gjid=410812294&_gid=490904624.1599590731&_u=YEBAAAAAAAAAAC~&z=871638900
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://199.242.144.56//wp-content/plugins/wp-file-manager/lib/php
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Sep 2020 18:45:30 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://199.242.144.56
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes undefined| a undefined| c function| jsonFeed object| OneTrust object| Optanon string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper function| $ function| jQuery object| iePolyfill object| ACL object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| _ function| Vue object| VeeValidate object| __checkoutHub__

7 Cookies

Domain/Path Name / Value
199.242.144.56/ Name: _gid
Value: GA1.4.490904624.1599590731
199.242.144.56/ Name: _ga
Value: GA1.4.1325061115.1599590731
199.242.144.56/ Name: CookieID
Value: 185.156.175.107-YzYwOTRkZjA5ZWE0MjY
199.242.144.56/ Name: 51-AB
Value: A
199.242.144.56/ Name: __RequestVerificationToken
Value: EBcuT4m-OqxCoKEIw4BygvkQN73oWmdyvY2tqlSuSjqV2xVubjdpECXumhkVwTi4prlEBQtW1KbnenXBi2sYsMLcVsg1
199.242.144.56/ Name: _gat_UA-37194796-1
Value: 1
199.242.144.56/ Name: Personalization
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJDdXJyZW5jeSI6MSwiQUJHcm91cCI6IkEiLCJIYXNQcmV2aW91c09yZGVyIjpmYWxzZSwiRmF2b3JpdGVzIjpbXSwiaXNzIjoiUEVSU09OQUxJWkFUSU9OX1NWQyIsIldlYnNpdGUiOjUxLCJSZXBlYXRWaXNpdENvdW50IjoxfQ.JlQ3-uM8So5I2S5Me_OzFNiR7APoEYDZqCtHRolwCi0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src https:; report-uri /csp-violation-endpoint/
Strict-Transport-Security max-age=15780000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.cookielaw.org
code.jquery.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
www.samsclubcontacts.com
199.242.144.56
2001:4de0:ac19::1:b:1b
2606:4700::6810:9540
2606:4700::6812:1697
2a00:1450:4001:806::200e
2a00:1450:4001:818::2008
2a00:1450:400c:c04::9a
017fe5a1fe778fc2460bd1a0835cdac17e76b82152082ce3e48f86766b97d748
07e371e095d3faa53287d6c990847b57f0398810c0b3ef96b704cbab821bcec6
0ba2fb00032d9b149025a701fa07269ea2c6b4d3cd2c08e21b4ae4d0f7452e05
12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4
135256650b656004fd8e79494dbc3d16fe0d083984dbcba3f2c1fcda683ffeb7
15aadcfa55d2d3b1cd8058ddd9025f54f04d0ed4469698dcee48c92e09f8fb12
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
3e48e8dada6c1e8a5fb31c28a198f2931138504a6a292ee8635fadeff84f595c
524142d33a82e16b5a8e5362af6f24b55880cd331c9514d5d864a6ee104c9665
5f9b143b62b2df0da0f2a2b1f4504e00e7d6822bddc5a3aa462cda1ceedf58ea
62546fe8b2ccaa9c7e2d59805c61022f9f77ddab754ffaed7dd4bd728148440a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
797b99412292e1f3b5793b757e52c28636b3f60dd0ecf7b582cbb7d24892c98e
a067d47be024d2fbfbee6d432a4e46ac3eb4b1fb80d487b7559d88684a3e3b7a
aa56ab232878c00f1f7d7545f9574d4bafc11da2daa9b04c0c73941d4f8d7ffb
ba2def15381b208bddf5e3e1fb017e8eed393b78f29a9578172165a4d315d9cc
d54db268f2e3e598f2b10c73f5b0db224673e5177afffdd8d2cc34b8f084b3ed
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de53e8276fd27de39df74e4b6267a0a8dcd7cede264923e3cb271778f5bf3078
f15547efba303c93434b13ca09f1c0844083190e0ea848f72323b44bfd663c88